[16:51] <fretegi> morning guys
[16:51] <fretegi> anyone here savvy with vlans?
[16:51] <fretegi> for osme reason cant get one to fire up
[16:52] <fretegi> https://pastebin.com/M1qkZWbq
[16:52] <fretegi> thats my /etc/network/interfaces
[16:52] <fretegi> followed this guide https://wiki.ubuntu.com/vlan
[16:52] <fretegi> eno1.13 starts fine
[16:57] <tomreyn> fretegi: whihc ubuntu release is this? do you know about netplan, systemd-networkd?
[16:58] <mgedmin> I don't think you need to specify netmask when you put the /24 in the address
[16:58] <tomreyn> netplan + systemd-networkd: https://netplan.io/examples/#attaching-vlans-to-network-interfaces
[16:59] <mgedmin> and the interfaces(5) man page doesn't mention vlan-raw-device, I think it should be able to figure that out from the name
[16:59] <mgedmin> fretegi: typo in your file: you named it eth1.8 instead of eno1.8
[16:59] <mgedmin> took me a while to notice!
[17:00] <mgedmin> hey since when do wiki.ubuntu.com pages no longer show the last modified date?
[17:07] <fretegi> mgedmin, jesus....
[17:07] <fretegi> mgedmin, lol great eye thanks!
[17:08] <tomreyn> mgedmin: wiki.ubuntu.com still shows last modification time + editor for me on the bottom
[17:08] <mgedmin> tomreyn: what does it say about https://wiki.ubuntu.com/vlan ?
[17:09] <tomreyn> nothing :(
[17:09] <fretegi> mgedmin, yea i was wondering about those details myself..  i just put em in there as the guide calls for it.  in fact....  my pihole is on a vlan and the config follows your line of thinking, this device is just more mission critical so figured id follow the guide better
[17:09] <tomreyn> mgedmin: that's until you click on "info" on the top
[17:09] <mgedmin> ah, I can see it in https://wiki.ubuntu.com/vlan?action=info
[17:10] <mgedmin> last updated in 2012, no wonder it doesn't say anything about netplan or systemd-networkd
[17:10] <tomreyn> "use iproute2" also seems old ;)
[17:13] <mgedmin> at least iproute2 is still the current tool at that abstraction level
[17:14] <fretegi> mgedmin, otherwise config looks fine?
[17:15] <fretegi> mgedmin, made those changes and not doesnt seem to want to connect to anything... dang it lol
[17:18] <tomreyn> oh right, iproute2 is fine. i keep mixing those packages up with the commands.
[17:20] <tomreyn> mgedmin: vlan-raw-device is part of the vlan-interfaces extension to interfaces: http://manpages.ubuntu.com/manpages/bionic/man5/vlan-interfaces.5.html
[17:21] <tomreyn> but "This is ignored when the devicename is part of the vlan interface name."
[17:21] <mgedmin> cool, I thought it might be
[17:23] <tomreyn> fretegi: do you have the "vlan" package installed (due to deprecation, it moved to universe with 20.04 LTS)?
[17:24] <tomreyn> you didn't say which Ubuntu release you're using, though
[17:24] <fretegi> ah yes good pt
[17:24] <fretegi> ubuntu 18
[17:24] <tomreyn> there's two of those
[17:25] <mgedmin> but one is eol, so hopefully not that one
[17:25] <tomreyn> hopefully!
[17:25] <fretegi> 18.04 haha
[17:25] <fretegi> yea still using vlan package
[17:26] <fretegi> i know i know... this ole dog needs upgrading
[17:27] <tomreyn> 16.04 lts would, no need to rush it for 18.04, yet
[17:28] <fretegi> tomreyn, perhaps im misunderstanding how this works
[17:28] <fretegi> adding a managed switch to a network
[17:30] <fretegi> managed switch created 4 vlan networks..  i have a port trunked for vlans 8 & 13.  i want this server to connect to both vlans
[17:30] <fretegi> so i created the file saw before.  confirmed on boot that both vlan interfaces come up on the server.  i connect to the switch nothing...
[17:30] <fretegi> trying to ping it from a device within the same vlan, so just level 2 routing... nothing..
[17:32] <fretegi> i mean i need the vlan tags on the server do i not? or is it just asking for an IP on the proper subnet of a particular vlan sufficient?
[17:35] <tomreyn> fretegi: whether oyu need to configure the vlans on the server depends on how you want to set things up architecturally. you can do so, or you can have the vlan end on the managed switch and then just hand out single vlans on the ports that connect to the server(s).
[17:36] <tomreyn> you mentioned link aggregation / port trunking, but this is really a different / separate concept to vlans. you can combine the two.
[17:37] <tomreyn> with the current configuration, you're not doing link aggregation, but i assume you're aware of this.
[17:39] <tomreyn> you're making vlans 8 and 13 available to the server through the single physical ethernet interface eno1
[17:39] <fretegi> tomreyn, right, the goal here was to have the server connect to 2 dif. vland ( 8 & 13 ) for purposes of different services being offered to the respective vlans and keeping traffic seperate
[17:40] <fretegi> only 1 nic on server
[17:41] <fretegi> then a trunked interface on the switch for both vlans 8 & 13.  figured the server would 'tag' the traffic per the respective vlan and the switch would handle accordingly.  am i think about this all wrong?
[17:41] <tomreyn> if you just pass through traffic on the switch without removing the vlan layer, your servers' ip addresses should become available to other resources on these LANs.
[17:43] <fretegi> ok going into the switch now, cisco sg350 if that matters
[17:46] <tomreyn> you're right about the server doing the vlan tagging. with your configuration, if you also added the interface to the vlan using vconfig (and ensured the module is loaded), what is directed towards 192.168.8.* should get vlan tag 8, and what is directed towards 192.168.13.* should get vlan tag 13
[17:46] <fretegi> tomreyn, ok thanks for confirming
[17:47] <fretegi> so im in my switch.. the port im connected ive confirmed is set to trunk and tag traffic from those 2 vlans
[17:48] <fretegi> this machine im typing on... is on that vlan 8, via an assigned port on same switch, cant ping server...
[17:49] <fretegi> now my router is issuing the IP's.  so i suppose if server is not getting IP's i cannot route
[17:50] <tomreyn> i'm not so familiar with cisco stuff, but assume you don't want to set vlan tagging on the port the server connects to, unless you want the vlan to end there.
[17:51] <tomreyn> (which you probably dont want, a vlan just between the server and the switch probably makes not a lot of sense)
[17:53] <fretegi> see i was fuzzy about that... so the port that connects the switch to my router is also trunked and tagging traffic and seems to be working fine
[17:54] <tomreyn> apparently you want "Interface VLAN Mode" = "Trunk" https://www.cisco.com/c/en/us/support/docs/smb/switches/cisco-250-series-smart-switches/smb5306-assign-an-interface-vlan-as-an-access-or-trunk-port-on-a-swi.html
[17:56] <fretegi> yea thats what i have, just at the port level not LAG
[17:57] <fretegi> im just lost... i dont understand..
[17:58] <fretegi> port is trunked...  referencing the correct vlans...  vlans setup on server..nothing on same vlan can talk to server..
[17:58] <tomreyn> and nothing useful on the logs?
[17:58] <fretegi> of what, cant get to server lol
[17:59] <tomreyn> oh, i assumed you have some means of out of band access
[17:59] <fretegi> i do just a total pita to setup
[17:59] <tomreyn> but if you undo the switch configuration you should be able to access the server and its logs again?
[17:59] <fretegi> seems im gonna have to
[18:00] <tomreyn> this discusses general configuration for vlan tagging https://www.cisco.com/c/en/us/support/docs/smb/switches/cisco-350-series-managed-switches/smb5827-configure-vlan-interface-settings-on-a-sx350-sg350x-or-sx550.html
[18:00] <fretegi> sorta, joking that around now actually
[18:07] <fretegi> dude
[18:07] <fretegi> your a rockstar
[18:07] <fretegi> tomreyn, so... check this out
[18:08] <fretegi> tomreyn, so the server connected to port 6 on switch, i trunked and set to tag traffic on vlans 8 & 13
[18:09] <fretegi> i flip it to untagged for vlan 8, tagged for 13.  now i can ping the vlan 8 tag
[18:09] <fretegi> vlan 8*
[18:10] <fretegi> so question is i have a tagged trunk port connecting to the router... why is that working?
[18:30] <tomreyn> fretegi: i think you only apply tags on the outer ends of a vlan, not all devices the traffic passes through.
[18:30] <tomreyn> so if you do it on the server, and the vland expands beyond your switch, then you don't need to do it on the switch
[18:31] <tomreyn> that's unless you want to split the traffic there and have it passed through different ports
[18:33] <tomreyn> there's also ##networking for your general networking architecture questions
[18:33] <fretegi> great call
[18:33] <fretegi> so.... thinking i may not even need a trunk port?
[18:33] <fretegi> i cant have both vlans untagged...
[18:34] <ikonia> has anyone noticed that https://ubuntu.com/download/server shows 20.10 as LTS
[18:35] <mgedmin> lol 5-years of guaranteed support no backsies!
[18:36] <tomreyn> hehe, on the button, right. it does say "including nine months of security and maintenance updates, until July 2021" above it, though.
[18:36] <tomreyn> scroll down, file a but
[18:36] <tomreyn> *bug
[18:36] <mgedmin> awww
[18:37] <ikonia> yeah, read that, but the button headline
[18:54] <WobblyBob> Anyone here running KVM qemu setup with virtmanager? Im struggling to get RDP connection for windows vms
[18:55] <WobblyBob> Using Ubuntu 18.04 server
[18:55] <tomreyn> WobblyBob: you shoudn't need to configure this on the virtualization, as long as the vm has network connectivity
[18:55] <WobblyBob> I know this is whats confusing me :/
[18:58] <WobblyBob> how can i check what port each vm is using
[18:58] <grendal-prime> ?
[18:59] <grendal-prime> the ip address should be enough...are you bridging the network interface or nat?
[18:59] <TJ-> WobblyBob: what type of network is libvirt using? is it NAT, bridged, routed or something else?
[18:59] <grendal-prime> easyst config on that is to bridge a network interface and then have a dhcp server on the phisical network somewhere...
[19:00] <grendal-prime> or after connecting your guest to the bridged adapter set a static ip on the same subnet as your physical network.
[19:01] <grendal-prime> has anyone had to set up an apache2 proxy to a wordpress server?
[19:02] <TJ-> grendal-prime: reverse proxy?
[19:03] <grendal-prime> I have a whole grip of web servers that i can access via virtual hosts...ya referse proxy...anyway they all work fine with like  ops.mydomain.com or dev.mydomai.com  but for some reason the one site that someone wants a wordpress server on...when i try and connect to it..."dev.mydomain.com"  i can see it is usine the ipaddress wich..is internal and of course will not resolve
[19:05] <grendal-prime> eventually times out and in the browser windows shows 192.168.20.31  wich is the ip of the wordpress serer.  Now..i have read that i need ProxyPreserveHost on in the config...but that does not seem to do anything.
[19:09] <grendal-prime> really werid part it worked for some time until i tried to log into the admin portion of it...ive tried clearing cache...nothing its really strange
[19:11] <mgedmin> does wordpress know that it's supposed to live at dev.mydomain.com?
[19:11] <grendal-prime> thats a good question
[19:12]  * mgedmin has never used or configured wordpress, but usually when you do reverse proxying you have to tell the final web server how to generate correct urls to itself
[19:12] <grendal-prime> i dont know didly dick about word-press to be honest.
[19:12] <grendal-prime> hmf....i have not had to do that with any of my other web application servers...
[19:12] <grendal-prime> good idea though
[19:12] <mgedmin> there are possible workarounds on the apache side, but they involve running regexp replaces on the html and just no
[19:13] <mgedmin> also, ProxyPassReverse is a lighter form of that that fixes up things like Location: headers on redirects
[19:19] <compdoc> beam me up, scottie
[19:23] <grendal-prime> mgedmin, you mean i need to use one or the other but not both?  like ProxyPassReverse or ProxyPass but not both?
[19:24] <mgedmin> no, that's not what I mean
[19:24] <mgedmin> you use either ProxyPass alone, or ProxyPass + ProxyPassReverse
[19:24] <mgedmin> but ideally the backend server knows its public name and you don't need to use ProxyPassReverse
[19:24] <mgedmin> besides ProxyPassReverse fixes wrong URLs in headers but doesn't fix them in document bodies
[19:25] <grendal-prime> grr...i knew this thing was going to be a pain in the ass
[19:29] <WobblyBob> Sorry if i missed anything my internets being horrible lol
[19:30] <tomreyn> !irclogs
[19:33] <grendal-prime> dude..you were right
[19:33] <grendal-prime> i need to go get my pelet gun and shoot myself in the foot so i never forget this
[19:35] <grendal-prime> wordpress i accessed it on its wp-admin and settings->general  change the site urls to whatever you set your domainname (incoluding the subdmain) and whammo IT WORKS!
[19:41] <mgedmin> congrats!