[pfSense Support] IPv6 STF
Sawadeekap Is there a guide, other than http://www.xaero.org/index.php/archive/tag/pfsense/ , to get IPv6 on the LAN side over 6to4, STF? Thanks, Fabian - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] IPv6 STF
On Sat, Oct 9, 2010 at 2:49 PM, Fabian Abplanalp fabian.abplan...@bug.ch wrote: Sawadeekap Is there a guide, other than http://www.xaero.org/index.php/archive/tag/pfsense/ , to get IPv6 on the LAN side over 6to4, STF? That's the best I'm aware of. We don't officially support v6 at all until 2.1. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] IPv6 STF
What is wrong with that guide that you are asking for an alternative? Looks fine to me, but I'm new with IPv6 so I could be wrong... -Oorspronkelijk bericht- Van: Fabian Abplanalp [mailto:fabian.abplan...@bug.ch] Verzonden: zaterdag 9 oktober 2010 14:49 Aan: 'support@pfsense.com' Onderwerp: [pfSense Support] IPv6 STF Sawadeekap Is there a guide, other than http://www.xaero.org/index.php/archive/tag/pfsense/ , to get IPv6 on the LAN side over 6to4, STF? Thanks, Fabian - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org __ NOD32 5517 (20101009) Informatie __ Dit bericht is gecontroleerd door het NOD32 Antivirus Systeem. http://www.nod32.nl - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] IPv6 STF
On Sat, Oct 09, 2010 at 03:18:14PM +0200, Bart Grefte wrote: What is wrong with that guide that you are asking for an alternative? Looks fine to me, but I'm new with IPv6 so I could be wrong... What is currently the recommended approach to deal with native IPv6 on the WAN? Just forward all IPv6 packets to a dedicate host behind the firewall, and let the host deal with it? -Oorspronkelijk bericht- Van: Fabian Abplanalp [mailto:fabian.abplan...@bug.ch] Verzonden: zaterdag 9 oktober 2010 14:49 Aan: 'support@pfsense.com' Onderwerp: [pfSense Support] IPv6 STF Sawadeekap Is there a guide, other than http://www.xaero.org/index.php/archive/tag/pfsense/ , to get IPv6 on the LAN side over 6to4, STF? Thanks, Fabian - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org __ NOD32 5517 (20101009) Informatie __ Dit bericht is gecontroleerd door het NOD32 Antivirus Systeem. http://www.nod32.nl - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org -- Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org __ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Dual WAN + Firewall Redundancy + UPS Redundancy (?) at entrance
On 10/08/2010 07:15 PM, Gerald A wrote: On Fri, Oct 8, 2010 at 4:55 PM, Andy Graybeal andy.grayb...@casanueva.com mailto:andy.grayb...@casanueva.com wrote: I'll have 2 firewalls, and 2 UPS's one for each firewall. Each firewall will have: 1. a hot swap raid array (only two HD's set to RAID 1, mirroring). 2. two hot swap power supplies. Is one UPS per firewall agreeable? I don't know how to do it otherwise. I can't imagine purchasing 4 UPS's, one for each power supply. Seems a little overkill. I welcome any input. Plug one hotswap supply from each firewall into both of the UPS boxes you have. That way, even if you have to service a UPS, you won't lose a firewall. I wouldn't dedicate a UPS to each firewall, because any UPS issue makes your bring down a box no matter what. True, but depending on your configuration, another way to hook this up is to bypass the UPS for one of the power supplies on each firewall: FW1 - Power supply 1 - UPS1 FW1 - Power supply 2 - straight to power grid FW2 - Power supply 1 - UPS2 FW2 - Power supply 2 - straight to power grid This way, you would still be up and running if both UPS systems fail for some reason. I've seen it happen! eg short circuit in a system connected to both UPS triggering both UPS to shutdown. (Try explaining complete power failure to your boss when all lights are still on in the entire building ;-) ) Agreed, during power grid failure, FW1 would go down if UPS1 fails, and FW2 would go down if UPS2 fails, but you got CARP to fix that. Just my 2 cents. Regards, Hans
RE: [pfSense Support] Dual WAN + Firewall Redundancy + UPS Redundancy (?) at entrance
It’s perhaps overkill for many scenarios, but if you’re truly trying for no-single-point-of-failure, buy UPSes from two different vendors, ideally using two different technologies. I’ve seen matched pairs of UPSes knocked out by the same power event, and more commonly I’ve seen matched sets of batteries fail without warning. To clarify, there are power events that will kill an APC SmartUPS whereas their BackUPS won’t even notice a problem; on the other hand, the SmartUPS will protect a power supply against some failure modes that a BackUPS cannot. And a full-online-conversion UPS, while ideal, costs an arm and a leg. All three will tolerate different amounts of input power phase mismatch (“Power Factor”). It’s nearly impossible to design truly “uninterruptible” power; anyone who’s installed a mainframe can attest to this! You need capacitors on the circuit board to smooth ripples (micro-events), ultracapacitors or batteries to prop up the input power during sub-second (or even multi-second) outages, a traditional UPS to provide interim power, a generator to cover long outages, and a ground-zero-grade blast shelter to put it all in so it stays running in case of global thermonuclear war… and even then, we still don’t have a technology to work around the power outages anticipated when the heat death of the universe occurs. Yes, I’m being silly, but my point is that there’s no point in trying to design a “perfect” system. “Better than normal” is almost always what you’re really reaching for. Having CARP failover is level 1, dual power supplies is level 2, dual UPSes is level 3, how far do you plan to take this? What if your ISP goes down – are you also going to multi-home? Are the devices behind this firewall also multiply-redundant? I don’t mean to suggest there’s no point in increasing reliability, but even two UPSes is going far beyond the needs of most applications. “Carrier-grade” doesn’t even mean having redundant UPSes… at least, none of the telcos I work with in my region have redundant UPSes powering their phone switches! Anyway, like I said – if you’re going to run 1 UPS, use *different* UPSes to avoid hitting the identical problem at the identical time on all of them, which has actually happened to me. -Adam From: Hans Maes [mailto:h...@bitnet.be] Sent: Saturday, October 09, 2010 10:02 To: support@pfsense.com Subject: Re: [pfSense Support] Dual WAN + Firewall Redundancy + UPS Redundancy (?) at entrance On 10/08/2010 07:15 PM, Gerald A wrote: On Fri, Oct 8, 2010 at 4:55 PM, Andy Graybeal andy.grayb...@casanueva.com wrote: I'll have 2 firewalls, and 2 UPS's one for each firewall. Each firewall will have: 1. a hot swap raid array (only two HD's set to RAID 1, mirroring). 2. two hot swap power supplies. Is one UPS per firewall agreeable? I don't know how to do it otherwise. I can't imagine purchasing 4 UPS's, one for each power supply. Seems a little overkill. I welcome any input. Plug one hotswap supply from each firewall into both of the UPS boxes you have. That way, even if you have to service a UPS, you won't lose a firewall. I wouldn't dedicate a UPS to each firewall, because any UPS issue makes your bring down a box no matter what. True, but depending on your configuration, another way to hook this up is to bypass the UPS for one of the power supplies on each firewall: FW1 - Power supply 1 - UPS1 FW1 - Power supply 2 - straight to power grid FW2 - Power supply 1 - UPS2 FW2 - Power supply 2 - straight to power grid This way, you would still be up and running if both UPS systems fail for some reason. I've seen it happen! eg short circuit in a system connected to both UPS triggering both UPS to shutdown. (Try explaining complete power failure to your boss when all lights are still on in the entire building ;-) ) Agreed, during power grid failure, FW1 would go down if UPS1 fails, and FW2 would go down if UPS2 fails, but you got CARP to fix that. Just my 2 cents. Regards, Hans
Re: [pfSense Support] Dual WAN + Firewall Redundancy + UPS Redundancy (?) at entrance
Adam I am shocked that the telco around you don't have redundant UPS Heck a large number of the cell towers we work with and around even have this Even N+1 cooling is in place But I agree - depending upon your needs what you lay out is / should be more than enough On Oct 9, 2010, at 9:01 PM, Adam Thompson wrote: It’s perhaps overkill for many scenarios, but if you’re truly trying for no-single-point-of-failure, buy UPSes from two different vendors, ideally using two different technologies. I’ve seen matched pairs of UPSes knocked out by the same power event, and more commonly I’ve seen matched sets of batteries fail without warning. To clarify, there are power events that will kill an APC SmartUPS whereas their BackUPS won’t even notice a problem; on the other hand, the SmartUPS will protect a power supply against some failure modes that a BackUPS cannot. And a full-online-conversion UPS, while ideal, costs an arm and a leg. All three will tolerate different amounts of input power phase mismatch (“Power Factor”). It’s nearly impossible to design truly “uninterruptible” power; anyone who’s installed a mainframe can attest to this! You need capacitors on the circuit board to smooth ripples (micro-events), ultracapacitors or batteries to prop up the input power during sub-second (or even multi-second) outages, a traditional UPS to provide interim power, a generator to cover long outages, and a ground-zero-grade blast shelter to put it all in so it stays running in case of global thermonuclear war… and even then, we still don’t have a technology to work around the power outages anticipated when the heat death of the universe occurs. Yes, I’m being silly, but my point is that there’s no point in trying to design a “perfect” system. “Better than normal” is almost always what you’re really reaching for. Having CARP failover is level 1, dual power supplies is level 2, dual UPSes is level 3, how far do you plan to take this? What if your ISP goes down – are you also going to multi-home? Are the devices behind this firewall also multiply-redundant? I don’t mean to suggest there’s no point in increasing reliability, but even two UPSes is going far beyond the needs of most applications. “Carrier-grade” doesn’t even mean having redundant UPSes… at least, none of the telcos I work with in my region have redundant UPSes powering their phone switches! Anyway, like I said – if you’re going to run 1 UPS, use *different* UPSes to avoid hitting the identical problem at the identical time on all of them, which has actually happened to me. -Adam From: Hans Maes [mailto:h...@bitnet.be] Sent: Saturday, October 09, 2010 10:02 To: support@pfsense.com Subject: Re: [pfSense Support] Dual WAN + Firewall Redundancy + UPS Redundancy (?) at entrance On 10/08/2010 07:15 PM, Gerald A wrote: On Fri, Oct 8, 2010 at 4:55 PM, Andy Graybeal andy.grayb...@casanueva.com wrote: I'll have 2 firewalls, and 2 UPS's one for each firewall. Each firewall will have: 1. a hot swap raid array (only two HD's set to RAID 1, mirroring). 2. two hot swap power supplies. Is one UPS per firewall agreeable? I don't know how to do it otherwise. I can't imagine purchasing 4 UPS's, one for each power supply. Seems a little overkill. I welcome any input. Plug one hotswap supply from each firewall into both of the UPS boxes you have. That way, even if you have to service a UPS, you won't lose a firewall. I wouldn't dedicate a UPS to each firewall, because any UPS issue makes your bring down a box no matter what. True, but depending on your configuration, another way to hook this up is to bypass the UPS for one of the power supplies on each firewall: FW1 - Power supply 1 - UPS1 FW1 - Power supply 2 - straight to power grid FW2 - Power supply 1 - UPS2 FW2 - Power supply 2 - straight to power grid This way, you would still be up and running if both UPS systems fail for some reason. I've seen it happen! eg short circuit in a system connected to both UPS triggering both UPS to shutdown. (Try explaining complete power failure to your boss when all lights are still on in the entire building ;-) ) Agreed, during power grid failure, FW1 would go down if UPS1 fails, and FW2 would go down if UPS2 fails, but you got CARP to fix that. Just my 2 cents. Regards, Hans
[pfSense Support] 2.0-BETA4 - Admin logout link?
I just installed 2.0-BETA4, logged in as admin, and created a new user. I have not been able to find a logout link so I can try using that user. Is it there and I just don't see it or is it really not there? - Yehuda
Re: [pfSense Support] 2.0-BETA4 - Admin logout link?
On Sat, Oct 9, 2010 at 9:53 PM, Yehuda Katz yeh...@ymkatz.net wrote: I just installed 2.0-BETA4, logged in as admin, and created a new user. I have not been able to find a logout link so I can try using that user. Is it there and I just don't see it or is it really not there? - Yehuda Under the first menu on the left. db - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org