In the US they are usually governed as real estate legally. You can resell it, but most people aren’t interested in paying the maintenance fees. You’ll find all sorts of timeshares out there being resold for 1$ because they just don’t want to pay the maintenance fee anymore.
The -k argument on my openssl accepts a passphrase, not a file. You likely encrypted with the filename as the secret, not it’s contents. Perhaps you should use -kfile instead.
$ openssl aes-256-cbc -help
Usage: aes-256-cbc [options]
General options:
-help Display this summary
-list List ciphers
-ciphers Alias for -list
-e Encrypt
-d Decrypt
-p Print the iv/key
-P Print the iv/key and exit
-engine val Use engine, possibly a hardware device
Input options:
-in infile Input file
** -k val Passphrase**
-kfile infile Read passphrase from file
Yes, ULA are one of the exceptions I mentioned. It covers fc00::/7 which is fc00 to fdff, though I believe most use just the top half. I use one for an intermediate network between my edge router and my primary firewall to not consume one of my limited /64 networks.
I haven’t played with IPV6 NAT much. I know its use is a bit discouraged as NAT was always designed as a stopgap measure for IPV4 exhaustion. It might be a good option if you need additional space and your ISP doesn’t support additional prefixes. Just keep in mind that if you use these in DNS, they won’t be accessible externally.
Its a bit complicated and depends on your ISPs support level.
If your ISP supports basic IPv6 they will likely use SLAAC or DHCPv6 to advertise the /64 that any directly connected devices, like your router, can use (/64 being the default size for a single LAN segment, even between point-to-point connections). If you have devices behind that router that want to use IPv6, you will need additional prefixes. The most common method nowadays is to use Prefix Delegation (DHCPv6-PD) where your router will ask the upstream router for an additional routeable prefix which you will use on another interface of the router. The RFC for prefix delegation recommends a /48, but many ISPs are not delegating that much. I only get half of a /60 from my ISP’s modem.
If the ISP just provides you a static routeable prefix, then you would just assign that to your router’s interface and enable SLAAC/DHCPv6 to give out that prefix. This would only need to be configured in a single device and is why they don’t recommend hard coding servers and workstations with IPV6 addresses.
Keep in mind that your router will also need a firewall as all of these IPv6 prefixes are routeable and public. While IPV6 space is quite like finding a needle in a haystack, you could still find yourself having a bad day if you treat it like private IPV4 space.
The end result though is that you would setup DNS so that devices register their IPv6 addresses and it just works. There’s also the MDNS protocol that supports IPv6 which will do segment-local resolution for device names.
On one hand you definitely don’t want to be assigning manual/static IPv6 to all your devices because if your prefix ever changes you’ll have to update it everywhere. IPv6 doesn’t really have a concept of private address space (with a few exceptions). On the other hand most modern IPv6 stacks support dynamic protocols like SLAAC while also assigning a static suffix to the published prefix (e.g. You want :0:0:1234:1 to go to your server, and SLAAC gets the prefix 200x::5678/64 your server would assign itself 200x::5678:0:0:1234:1).
DHCPv6 fixes a lot of these headaches for managed networks by allowing you to reserve specific IPv6 for a given DUID.
IMO, your network, do what you want. I have two jump Raspberry PIs that I have static suffixes so I always know where they are without relying on DNS or whatever. Edit: I apparently misremembered how I had these setup. I use a custom interface up script to take the SLAAC prefix and append the custom suffix to it as a secondary IP.
You’ll probably have to provide the netmask info for us to review. If you’re using /24 then those all reside in the same network so I would expect them to be in the same broadcast domain.
If you have mismatched netmasks that could be trying to route traffic to the gateway which then reflects back. Ensure your devices have the same network, netmask and broadcast ip (e.g. 192.168.1.0/24 will have broadcast ip of 192.168.1.255)
For my part, to get Jellyfin to recognize some of my shows/movies properly I had to export the Metadata which properly detected most. If that doesn’t work Jellyfin might be ignoring them due to decoding issues. Would be worth checking the log while rescanning to see if there’s an error or access issue.
Perhaps they should ask Copilot how their templating system works.
The other option to the server that was posted is to get a DAS Enclosure that you can then hook up to a server or anything that can use a SAS/SATA card. These are generally going to be cheap because it is just a SAS/SATA backplane/expander.
Edit: eBay is useless. Here’s an example DAS https://www.aventissystems.com/HPE-MSA30-DAS-Storage-Basic-p/200051.htm
For the disks, you may have a small issue with having multiple types of disks in a single RAID10, as those disks might have slightly different physical attributes. ZFS is an option here as you can add two vdevs for the different drive types and add them to the same zpool, which effectively creates the RAID10 you’re looking for. You would typically not use LVM on top of ZFS but if you go with RAID10 it would let you create logical partitions that can be expanded easily at a later time.
Another ZFS option is to use RAIDZ1 with the 4 disks in a vdev. The vdev will use 1 disk of space across all disks to maintain a parity with the other disks. You will have 12TB of usable storage on your 16TB raw storage. This will allow you to lose one drive with no data loss.
My line of business is entirely a Microsoft shop so everything we’ve ever written has been for MSSQL.
That being said, I can understand the benefits of having a choice in backend. For example, for our Zabbix deployment some engineer just installed mariadb+zabbix on a server and called it a day. This has caused us no end of troubles (ibdata misconfigured, undo files too small, etc). After the last time I had to rebuild it due to undo file corruption I swore that if it broke again I was switching to postgres. So far knocks on wood we haven’t had any major issues. We’re still looking into and planning for a postgres migration but we’re hoping to hold out for a little longer prep time.
Maybe I should contribute a MSSQL engine for Zabbix so I can move it to a platform I’m more comfortable with. ;)
Yes, but as I’ve found recently AES-NI is only as good as your software support for it. Had a team using an ancient version of winscp and they kept complaining about download speeds on our 10Gb circuit. Couldn’t replicate it on any other machine with the newest version of winscp so I installed their exact version. AES-NI support wasn’t added until like 2020 and it gave them 5x better download speed after upgrading.
Does cryptsetup/luks do that? I thought that was only software encryption.
You can, sure, but you probably shouldn’t. Encrypting and decrypting consume additional cpu time, and you won’t gain much in terms of security.
IANAL, but this is likely a legal gray area regarding software licenses, especially if you read the AGPL code prior to writing your library. Companies that do this sort of thing professionally have a/b teams that don’t speak to each other (one reads and generates design documents, the other uses those design documents to write a new library) to prevent a lawsuit for violating licensing terms. They can claim that the developers writing the library didn’t copy any code from the source library.
As for the typedef, it’s most likely considered a public definition document. I would think it would be like a public C# interface, where it’s only the method declarations and expected parameters and the actual implementation is not included at all.
If you’re considering publishing this or using it commercially you should definitely consult a lawyer that specializes in copyright.
One of my system engineers started using TFS a few weeks ago. All he knows how to do is click Sync Changes in vscode and call me if there’s a problem.
Since we don’t know what server or VM tech you’re using the advice will be pretty generic. For self hosting, you can likely get away with your ISCSI traffic sharing the LAN interface with your usual vm traffic but if you need high throughput you will want ISCSI optimized nics and turn on jumbo frames (mtu of 9000 is the standard here). This requires a switch that supports jumbo frames as well.
For Windows, I find the ISCSI support to be very lacking. Every time I have used it I have had sporadic loss of connectivity, failure to mount on boot, and other issues. I would avoid it.
For ESXi you can map an ISCSI lun as a datastore and create vmdks on top. This functions the same if you use actual FC luns or NFS mounts, and have had no issues with reliability. There’s also RDM which is raw direct map which can mount the ISCSI lun as a disk of the vm. If you’re using vSphere I would advise against this as you lose the ability to vMotion or use DRS.
BIOS is designed to be super low level and work the best in all situations, regardless of what that is. That means the defaults are usually designed for best overall performance rather than having all PCI lanes allocated to a single slot. Different mobos have different defaults and priorities.
Your mobo default probably makes sure that your 8 and 4x slots or nvme actually have full lanes available, where if you allocate the full lanes for the primary slot you may only have the 8x/4x slots running in 2x/1x mode.
It’s up to you to determine if the 16x slot should have dedicated lanes. I don’t remember ever having to change this on any of my machines, but I mostly run gaming mobos which probably prioritize having a dedicated GPU with full access to PCI lanes.
Could be trying to mount it loopback instead of by ip. What does your exports file look like? Can you do a mount from 192.168.0.55 manually?
You mentioned ping. If you’re using Termux you may need to manually update its DNS settings (different from the system DNS). The file is /data/data/com.termux/files/usr/etc/resolv.conf
To make it roam you probably want your home dns first then some internet resolvers after that.