serverfault.com

Goal: To bypass China's Great Firewall. Use Hysteria for all UDP traffic to increase speed for streaming videos and games. Then use VLESS for everything else (TCP). I got VLESS + Reality set up and working with help mostly from Gemini AI: 3X-UI on Ubuntu 24 on a Hong Kong server with CN2 GIA (optimized connection) to China No firewalls or security groups on the server v2rayN on Windows 11 But I want to take it the next step and also add Hysteria 2, but it's hard to get the correct info from AI and unfortunately there is very little info on setup guides (there are some Chinese videos, but no auto-translation). So far what I got for Hysteria 2 Inbound on 3X-UI: Port 4443 (3X-UI won't let me use 443 since VLESS is using that) I clicked "Set Cert from Panel" to fill in the public/private keys Everything else blank or default like blank SNI, uTLS=chrome, ALPN=h3, etc.

I'm migrating from an old stand-alone server to a 4-way cluster, whose nodes (and control board, which also acts as a router to the outside world) are networked by a backplane with PCI Express packet switch (see the datasheet for details). Whilst fighting slow operation and instabilities, I found out that the manufacturer had set the MTU of the PCIe link to 65202, which is maybe normal for loopback connections, but not for a "real" network interface (irrelevant entries omitted): mixtile@blade3n3:~$ ip addr show […] 6: pci0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 65202 qdisc fq_codel state UP group default qlen 50000 link/ether 02:b9:24:b7:73:0a brd ff:ff:ff:ff:ff:ff inet 10.20.0.13/24 metric 100 brd 10.20.0.255 scope global pci0 valid_lft forever preferred_lft forever inet6 fe80::b9:24ff:feb7:730a/64 scope link valid_lft f

Sending from a zraid0-1 on TrueNAS 26.0.0-BETA.1 (zfs-2.4.1-1 zfs-kmod-2.4.1-1) to a zfs zraid0-1 array on Zima's CasaOS (zfs-2.3.2-1 zfs-kmod-2.3.2-1). I'm probably going to install TrueNAS 26.0.0-BETA.1 on the Zima (Zima is a hardware brand) host if I can't figure this out today. Thanks for any suggestions. On the target (recipient host) I set these permissions. zfs allow -u supdog -d receive,create,mount,dedup,snapdir,copies,userprop,keyformat,keylocation,pbkdf2iters zima/xool Then I sent using this command: zfs send -w -c -R xool@rebalance | ssh [email protected] zfs receive -s -F zima/xool The transfer ran for several hours and towards the end I started seeing these errors. cannot receive org.freenas:description property on zima/xool/supdog: permission denied cannot receive copies property on zima/xool/supdog: permission denied cannot receive snapdir property on zima/xool/.system: permission denied cannot receive readonly property on zima/x

I have a script set to run every 5 minutes in the Windows 2019 task scheduler, and after a server reboot it never just resumes at the next expected interval. To fix it I have to edit the schedule, set it to the next expected runtime, then save (and re-enter the domain account password). What's going on here? Is it not maintaining the saved credentials across the reboot? Do I have some checkbox set wrong on the "Conditions" or "Settings" tab? Am I missing a role? To clarify, I'm using a scheduled trigger, set to "daily" at an arbitrary time (say midnight), with "repeat task every 5 minutes". If it ran at 10am, is rebooted at 10:02am, shouldn't it know that it was next scheduled to run at 10:05am? (This is how schedules work in SQL Server Agent, for example.) Or will it not run until the following midnight?

We are currently in the process of listing our hybrid SaaS solution on the Azure Marketplace as a transactable offer and would like clarification on the path toward MACC eligibility. Our understanding of the progression is: Publish SaaS offer on Azure Marketplace Achieve Co-sell Ready status Qualify for Azure IP Co-sell eligibility Become eligible for MACC-aligned deals We have a few specific questions regarding hybrid SaaS scenarios: Reference Architecture Diagram (RAD) Requirements For Azure IP Co-sell eligibility, we understand that a Reference Architecture Diagram demonstrating Azure service utilization is required. In our case, the product is a hybrid SaaS solution with limited direct Azure workload hosting. Most of our Azure interaction is through: Azure APIs / integration endpoints Azure Marketplace SaaS fulfillment A

After updating one or more packages with dnf, I usually use the needs-restarting command to find out if the server needs a reboot, but when the dnf update command finishes, the update has already been done and I have to reboot. What I'd like to do is know before installing a package if that update will require a reboot. The reason is simple: to keep the system updated automatically and postpone updates that require a reboot until a later manual intervention. I'd need something like: [user@host ~]# needs-a-reboot-after <PackageName> [enter] If you install/update "<PackageName>", you'll need to reboot the server. [user@host ~]# Is there already something out there that does this? Thanks everyone...

I've now got my Ceph cluster almost ready to use, but in the web dashboard, I don't see any of the four OSDs I've created. Neither do I find any of my NVMe drives the OSDs reside on: Error message: No devices (HDD, SSD or NVME) were found. Creation of OSDs will remain disabled until devices are added. Here is what I get on the command line: mixtile@blade3n1:~$ sudo ceph osd tree [sudo] password for mixtile: ID CLASS WEIGHT TYPE NAME STATUS REWEIGHT PRI-AFF -1 29.80798 root default -9 7.45200 host blade3n1 3 ssd 7.45200 osd.3 up 1.00000 1.00000 -7 7.45200 host blade3n2 2 ssd 7.45200 osd.2 up 1.

I have a Palo Alto PA-VM in AWS set up for a "bump-in-the-wire" firewall for traffic in the same region but different VPC and different account with a Gateway Load-Balancer (GWLB) in between. The short version of this question: does a proper GWLB setup (same region, different accounts) for a "hairpin", "bump-on-the-wire", "north-south" traffic inspection require extra pieces (such as a TGW or other intermediary step) for packets to actually reach the firewall? Is there another technical limitation I'm overlooking? I tried this same setup in my test environment first (all in the same region using different VPCs, main difference was everything on the same account) and it worked fine. I'm cheap, so I swapped the PA-VM for a Linux EC2 at that time. The current setup will have traffic moving as follows: random internet client --> IGW (data vpc) --> VPCendpoint (data vpc, for GWLB) --> GWLB (fw vpc) -->

My setup: /etc/ns-shared-resolv.conf is written to regularly with nameserver x.x.x.x, updated from a script /etc/netns/ag2/resolv.conf is a symlink to the above (along with ag3, ag4).. for central DNS settings in root netnso Long-running service running in ag2 netns (via ip netns exec ag2 ..., launched from a systemd service) What happens: Everything works fine.. for some arbitrary number of hours. After that, DNS requests fail. Using tcpdump I can see DNS requests going to "the wrong place" .. the DNS server in root /etc/resolv.conf, NOT the netns one. At the same time while that's not working, ip netns exec ag2 cat /etc/resolv.conf works to show the correct settings. If I start a new ip netns exec ag2 bash shell, it gets the "corre

A shared web hosting server running CentOS 7.8 with Plesk has the following directory structure for a few hundred vhosts: /var/www/vhosts/domain1.com/httpdocs/ /var/www/vhosts/domain2.com/httpdocs/ /var/www/vhosts/domain3.com/httpdocs/ httpdocs folder contains the web files in Plesk, like the standard public_html directory on Apache/cPanel. I'm after a command or script to go through each vhosts domain directory and recursively chmod everything inside httpdocs - files to 644 and folders to 755 via SSH. There are other directories directly inside /domain1.com/, /domain2.com/ etc. so they shouldn't be touched, only the contents inside of httpdocs.