Arista Networks acquires Untangle

[Avalon]

I'm in this post and I don't like it.



Was it on STH? I caught Patrick's video, and they look like nice little units! A Chinese chap replied saying those exact models are *extremely* popular and common on the mainland, and are rock solid provided you don't get a configuration with a fan (which tend to fail, and be hard to replace - custom size perhaps). I don't have anything Realtek based (not even an onboard somewhere), so can't confirm or deny for you on the *BSD front, sorry mate. We have Openreach threatening to lay FTTP here in the next year, and they've already done up to a few streets down the road (1/2 mile) so touch wood!

Possibly, before I had chance to look, an i3-8100 set-up landed on my desk, because... Thursday. Not quite sure I can bring myself to route bare metal on that, it seems a little massive overkill (compared to the i3-7100u doing the job now ). I'm thinking OPN, possibly with virtualised HA, but it'll be next week before I get time to do anything interesting.

I've not looked at OPNSense and I might have a look at it. What's the Zenarmor (Sensei) integration like?

https://www.sunnyvalley.io/docs/opnsense - they're basically the default option.

 

[Rainmaker]

Possibly, before I had chance to look, an i3-8100 set-up landed on my desk, because... Thursday. Not quite sure I can bring myself to route bare metal on that, it seems a little massive overkill (compared to the i3-7100u doing the job now ). I'm thinking OPN, possibly with virtualised HA, but it'll be next week before I get time to do anything interesting.

Nice, send me a PM if you get chance. You know I love the details. Are you thinking Proxmox with passthrough on the NICs? As for overkill bare metal routing, I can't talk. Until last week I'd put in a Core i7 to do my routing bare metal "for today" and didn't move it for about six months because reasons lol. As I alluded earlier, I'm back on the Pentium G4560 ultraSFF box now and that's good for >10Gb.

The Optiplex (i7 3770 / 8GB DDR3 + 1TB Samsung 860 Pro SSD + 2TB spinning rust) is going begging again. Almost all my servers (DNS, Tor relays and bridges, etc) now run on FreeBSD off-prem - except for one Relay on my RasPi 3B+ and Plex on the NAS. I'm thinking of playing with Proxmox on the Opti to see what all the fuss is about.Or maybe it's time to ditch LXC and Docker and have a closer look at Jails.

Edit: Words.

 

[ChrisD.]

That's why I run Untangle on an ESXi host, the CPU is an i7-9700 (I know! But I got the whole PC for ~£200). Then chucked in a couple of PCI NICs (1 Gbps for the internet, dual 10 Gbps to my LAN). I have two other VMs running on it; a Debian box running DNS (Adguard Home) and also an Ubuntu box as my *ahem* Plex Media Server.

When I have some downtime I'll have to try out OPNsense again and some alternates to Untangle. Though I do have over 2 years remaining of my license.

 

[Rainmaker]

That's why I run Untangle on an ESXi host, the CPU is an i7-9700. I have two other VMs running on it, a Debian box running DNS (Adguard Home) and also an Ubuntu box as my *ahem* Plex Media Server.

All power to you. I'd personally want to separate servers from my edge router, but if the hardware's literally going begging otherwise... Rather than run Debian and Ubuntu, would it not be easier to run a single server OS with LXC/Docker/Jails/whatever with AGH and Plex under it, rather than two full virtual systems? Or can you not do that under ESXi? In fact, existing knowledge and will provided, you could set up bare metal routing on Linux or BSD and run Docker or Jails (respectively) for the servers on that, and remove a layer of abstraction? So many ways to skin the cat, problem is I end up messing with all of them.

 

[ChrisD.]

All power to you. I'd personally want to separate servers from my edge router, but if the hardware's literally going begging otherwise... Rather than run Debian and Ubuntu, would it not be easier to run a single server OS with LXC/Docker/Jails/whatever with AGH and Plex under it, rather than two full virtual systems? Or can you not do that under ESXi? In fact, existing knowledge and will provided, you could set up bare metal routing on Linux or BSD and run Docker or Jails (respectively) for the servers on that, and remove a layer of abstraction? So many ways to skin the cat, problem is I end up messing with all of them.

Yes, I could and it might make a little more sense. However, I work for VMware, and I already have other vSphere hosts in use for my homelab, so it made more sense (for me) to just run ESXi on it in its own cluster with a few VMs at the 'edge'. That way I can simply add them to my existing Veeam backups (which replicate to a secondary NAS and into Backblaze). I could run our Tanzu product, but I know next to nothing about it and it requires mega resources.

 

[Rainmaker]

Yes, I could and it might make a little more sense. However, I work for VMware, and I already have other vSphere hosts in use for my homelab, so it made more sense (for me) to just run ESXi on it in its own cluster with a few VMs at the 'edge'. That way I can simply add them to my existing Veeam backups (which replicate to a secondary NAS and into Backblaze). I could run our Tanzu product, but I know next to nothing about it and it requires mega resources.

Ah, I forgot you work for VMware mate. Fair dos then, if it's there you may as well use it! I use Fusion on my Mac... Well I did, for many years, but my mid-2012 MBP's support stops at Catalina, so I don't get updates from VMware any more so I'm stuck on $(last_version) until I upgrade the machine. Boo. I considered learning ESXi for this spare Optiplex but I don't know what it'd offer me over Proxmox/FreeBSD/whatever tbh. I just need Openreach to hurry TFU and lay fibre here now so I can rejig the LAN with new shiny.

 

[ChrisD.]

In today's world of docker/jails etc then there is probably little reason to use ESXi at home, beyond learning ESXi or other VMware products. Years ago I invested in my lab, learned many new things and then did the exams, got the job etc. It's now grown and it's used to learn new products of ours and also to set up lab environments as POC's before I do a customer projects. We do have access to our own internal lab equipment, but it's never as good as doing it on your own hardware. I also tinker around with it, such as trying new/random things that take my fancy. But for ordinary home use, your method makes way more sense.

 

[Mikey]

All power to you. I'd personally want to separate servers from my edge router, but if the hardware's literally going begging otherwise... Rather than run Debian and Ubuntu, would it not be easier to run a single server OS with LXC/Docker/Jails/whatever with AGH and Plex under it, rather than two full virtual systems? Or can you not do that under ESXi? In fact, existing knowledge and will provided, you could set up bare metal routing on Linux or BSD and run Docker or Jails (respectively) for the servers on that, and remove a layer of abstraction? So many ways to skin the cat, problem is I end up messing with all of them.

Very nice working for Vmware, I'm mulling a contract back at DXC at mo, but prob stay where I am for another 12 months contract.

I've got a T340 Dell PowerEdge (64GB RAM) that I'm considering turning into a hypervisor. It's currently running TrueNas, but thinking of virtualizing that, moving the Untangle/?? FW in there along with a Windows Server Essentials 2019 box I have. Ubuntu for Plex and Unifi etc.

I'm about to ditch my main PC including 1660 Super graphics card as I've not gamed since late 2020. I've got a pile of Optiplex Micro desktops too that I'll use for a Windows 10 machine etc. 2 x 1TB drives and an iSCSI LUN for iTunes.

With the kit sat idle I was considering looking back at Sophos XG. Other items to clear out is a Dell R220 PowerEdge, that consumes about 30W according to the Eve plug. It used to be running a FW.