Recent content by danielb

  1. D

    HAProxy Firewall Bandwidth Limitation in PVE High Availability Cluster for Remote Desktop Protocol

    You need multiqueue support. Last time I checked, pfsense didn't support it (maybe it does now ?). Anyway, you can try OPNSense which does support it, and can easily reach 5Gbps (probably more, depending on CPU and some tuning). Still won't be enough for 1000 RDP connections at 100Mbps each (but...
  2. D

    Pfsense on Proxmox Cluster 8.4

    I'm running an OPNSense HA cluster (so, very similar to PfSense) on Proxmox, and I confirm there's nothing particular to set
  3. D

    cluster not ready - no quorum? (500, pleasr, i need help

    You are missing one node (in a 2 nodes cluster). Can't you bring this node back online ?
  4. D

    How to disable anonymous relay to the Intranet

    Check your SPF is correctly setup with an online tool, eg https://dmarcadvisor.com/fr/spf-check/
  5. D

    Shared LVM on iSCSI: how safe is it?

    Thin LVM (which allows thin prov and snapshots) is very different from thick LVM, and can't be shared by nature. So only thick is available if you want to share it between nodes
  6. D

    Shared LVM on iSCSI: how safe is it?

    Shared LVM over iSCSI might have its drawbacks (mainly, no thin provisioning and no snapshots), but I wouldn't worry about its production ready status. Probably one of the most solid storage option
  7. D

    How to disable anonymous relay to the Intranet

    And that's the expected behavior. Now, to protect you from this sender address spoofing, you need to setup SPF/DKIM/DMARC
  8. D

    How to disable anonymous relay to the Intranet

    Nope, I dont understand your concern. Everybody can send an email to your inbox, and the only way to reach your inbox from the outside should be though your PMG. It only adds a security layer.
  9. D

    How to disable anonymous relay to the Intranet

    That's how email works : anybody can send emails to your mailbox. And that's the reason pmg exists : limit the risk of receiving spam and orher unwanted email
  10. D

    How to disable anonymous relay to the Intranet

    As long as the destination domain is in the relay domain list, yes (and if the backend server validates the destination mailbox is valid too)
  11. D

    I tired PBS. Not convinced.

    I run PBS on a tiny fanless qotom box, with two external disks on an USB3 enclosure (using zfs mirror). Nothing but consumer grade hardware. It's rock solid
  12. D

    Performance in OVH : Vm's on NAS-HA or Vm's on CAD

    Last time I tried (5 years ago), performance of cda was so bad that I migrated to nas-ha
  13. D

    How do I assign multiple vlans to a VM?

    Yes, my bridge is visible in proxmox network settings (although I configured it manually in /etc/network/interfaces). There's nothing particular to do. If it doesn't work, you'll have to investigate (tcpdump at various levels to see where the communication is lost)
  14. D

    How do I assign multiple vlans to a VM?

    Yes, vmbr0 should be vlan aware. And once done, you can configure standard VLAN in the guest OS (I'm using it on PfSense and OPNSense to handle tens of isolated zones, with a single interface)