 It's almost a year of Thursdays. It's almost a year of Thursdays? Well, three, 266. How many days are in a year, Marcus? 375, right? I don't know. You need more school. It's 300 something five. Good, 365. 65. I was 10 off. Just outside of camera is my son. They're having a debate about how many days are in a year. I don't doubt that there's 365. I just forgot the six. Yeah. He knew the first and the last digit for how many days are in a year. This isn't really something I'm required to know. I think this is a good life thing to know. I mean, yeah. But I'm not really required to know that. Welcome to Vlog Thursday, 266. And my son is in the studio. I don't know if he's gonna make too much for an appearance on camera, but he wanted to come visit. There he is. You know, he made the long, his office is bedroom. My office is here. His bedroom is kind of up and over. So it's a long, you know, few, oh, it walks. Oh, 365 plus one on a leap year. So, but nonetheless, we're gonna talk about stuff today. We have, wait till later in the show what I'll say what AGB means, or maybe I should start with that. Fido Yubiqui. I did a video on Fido Yubiqui and I did a video on ZFS being a cow. And I think that's gonna be some fun stuff to talk about today. Why not? Probably I'm more than happy to talk about PF Sense. I agree with Abdul. Oh, Abdul says probably wants to order a pizza. Yes, probably wants to order a pizza, but we are not ordering a pizza right now. He has pizzas in the freezer. He can reheat one. Yes. He will get a pizza in the freezer. So we just took him out for pizza yesterday. Actually, a few days. We went to a couple of different pizza places. I get pizza out. He just thinks pizza is an everyday thing. Sometimes I do have to stuff fruits and vegetables in them. So part of that fun. Yeah, smoothies are good. Smoothies are good is what he yelled. We got people from Fayabell. We got morning from the land down under. Woo-hoo! Alexi, all right. Grayson, doing some networking in Cisco Packet Tracer. Established BGP networks with six ISPs. Now I'm expanding into more ISPs. Awesome. Learning CCNP and BGP stuff is fun very much. Thank you for the donation and awesome. Keep up the good work there. Grayson, it's good to hear that you are going along really well in this. And you've been pursuing this networking for quite a while. That's great. Once you get the enthusiasm for it, like the network bug bite you. Just technology is a broad topic, but I tell you, you find people are passionate about networking or any specific thing. It's such, it's a lot of fun just diving deep into those things. That's how we saw it feel on there. You know, even though it's a virtual network, this is where you start. You build your virtual network playfields. You kind of gather understandings of how things work and then smack that knowledge is helpful. But then the real world hits you and you learn this is different, that's different. What do you mean I have to fill out a form and talk to a manager to make this work? The bureaucracy of tech is sometimes, there's no easy way to teach it. You just kind of have to run headfirst into it. Like if you get a job and working somewhere corporate. Should we just call it vlog pizza day that we should do here? Hey, why not? Hey, videos helped you get your first clients. That is awesome. I always like hearing that, you know, everything's still delayed because things happen and things are still happening. But yes, the business channel's coming along. That's why we haven't posted new business videos. But I'm gonna have that done relatively soon. And we just didn't set a hard launch date because we wanted to make sure it's right and we have a lot of good plans around it. I'm not someone who lets perfection hold back a launch but at least I wanna be prepared when I do launch. Cause it's not like I'm worried about it launching it wrong but I just want all the graphics in place and I outsourced all of it this time to the other people that are working with me on this because I'm, I don't wanna burden myself with doing so much of the social setup. So that all got kind of farmed out which is, you know, takes a little bit longer because you gotta get them to do it all but that's fine though. That's part of the process. But yeah, I think I'm awesome that helped you get some clients but I will be doing more business videos on the other channel. Ah, then you work at Facebook and disconnect the entire network. Yes, that's the thing that happened. Facebook and BGP, they had an incident. So that, what can I put across the back of my screen here? It looks cool. There we go. We'll just run H top across there. Looks all technical like I'm doing stuff back there now. Now I lost my mouse, there it is. You know, when you have this, so technically when I am doing some of these streams I have this wide screen, then there's a screen here that's a standard 1080 and then I have another 1080 screen that's because I'm using Barrier. Barrier allows me to use the keyboard and mouse for my computer to control the studio computer. So when you have that many places the mouse can be that's a lot of pixels. So. Hey, Tom, thanks for your XP and G video in the process of building my XP and G. So I'm using Jay's low power server setup. Hey, that is great. XP and G is amazing. It scales. That's the thing that I really like about it. When people ask, you know, is it, is it a big project? Is it, you know, something that I can grow into? And I mean, I think I've said a couple times before like one of the clients that we've consulted with had 2100 virtual machines running across the series of the servers. So yes, it can certainly scale. You can certainly do some large scale stuff with it. It's used a lot in the enterprise. I mean, there is a lot of companies and that's because they use to use Citrix and XP and G was a replacement drop in replacement even your VMs work. So yeah, it's a great, great software. I love it. Wonder when Barrier will work with Wayland. I have no idea. I know it works fine with Windows. That's what my studio computer runs. So I don't know what limitations Barrier might have. I've only really tested it on my system. I know it's supposed to be cross platform compatible and everything else. And obviously I'm running it on Linux and pushing things over to Windows and it seems to work great. So definitely worth trying. Yeah, my son asking what the hacker code in the background is. You got to come down here and learn, Marcus. You got to come down and do some learning. It's not hacker code. Kids these days think you're running hacker code just because you're running H top in the background. You got to learn, kid. You think my son would know. He probably does. He probably listened to me say it. Doesn't mean I'm not going to mess with him a little bit. On to the UB keys. So I don't know if this is right. I brought this up to Jay and please let me know because I see people recognize that it's H top. But one of the things we were talking about is different methodologies. And this just gets here. So it's not bothering someone that it's partially in the frame. I might do some videos on different methodologies for key management. Me and Jay got on this topic again. And when you start dealing with security keys, like the UB keys, and I did that FIDO U2F token, one of the challenges you're going to have is you want to, if you're going to keep using these, you don't have to use two keys. It's a methodology to use two keys. But then again, now you're buying two keys. The other option would be to keep the one key on your system that uses a UB key, generate another ED2519 key, but then not leave it on your system. But do leave the public key on your system. So you're always installing it everywhere as a backup but not have it on your system. And basically what I want to do when I do this video is going to be breaking down the threat models that you're facing with this. You don't want someone to get your private keys. So where do you keep them? Well, normally you're going to keep them in a .ssh folder encrypted in your home folder. But what if you, at least temporarily, you only want to keep the key generated, the ED2519 SK key, and then from there with the SK key, you are going to want to leave that one on it all the time and remove the 2519 key, keep it on another drive encrypted. And the threat model is, in case someone compromised your computer, they won't have that extra key. But if you lose your UB key, you can grab that extra key from backup location, put it back on your system, and then start getting back into those systems that you had. So I was just kind of thinking of ways to kind of just describe it so it's easy. And I want to do it so you don't, you know, I'm not going to recommend everyone just buy two UB keys for things. The other nice thing is if you are using the FIDO U2F for the UB key, a lot of time that's not your only authentication. You usually have more than one way to authenticate, for example, standard TOTP. So you first set up TOTP, you confirm that works, and then you add the UB key because the UB key is more convenient than reading TOTP off of your phone. Hopefully that does work. TrueNAS scale security video, just watch my TrueNAS security video, which really not going to be any different. TrueNAS scale to my knowledge, and I haven't messed with it. Well, I messed with it some, the performance wasn't good. That's where I'm at right now with it, by the way. But TrueNAS scale shouldn't be any different to secure than TrueNAS core. There's not really, their networking stacks are not dramatically different. I mean, granted, yes, one's built in BSD and one's built in Linux, but the principles are not any different. So yeah. Do you use UB key as 2FA with LDAP off? And is it possible with TrueNAS and PF sense? I don't think there's a way you can use UB key. Is I don't think TrueNAS has a FIDO option in there. I'm gonna probably bet it doesn't. As far as I know, the only 2FA, and we'll actually switch to that screen right now, the only 2FA is this here. Oh, hold on, I gotta log in. I didn't unlock all this. So many passwords to type. But far as I know, the only 2FA support, yeah, the only one I see in here is OTP. So not that I don't know of any other ways to do that inside of here. So for TrueNAS, it's just to OTP. So not aware of any UB key things. Solutions that only allow one key annoying me? Yes. The best ones allow multiple keys. So if you watch the RSA talk on, if you watch the RSA talk that they did on the FIDO U2F, I should probably tweet it. It's like an hour long video, but one of the things the spec does not say only have one slot. They encourage people. It's not a requirement. I think they almost should have made a requirement to this from the spec. The spec allows you to have multiple, for any given service, like I'm setting up an authorization service and I wanna have FIDO U2F on it, any given service can have multiple keys. That way I can have this key and this key both set up for my U2F authentication. That way if I lose one key, I have a backup key to get back in. But some companies say, ah, I'm only gonna put one slot. There's not really a problem putting more than one slot, but you're right, some companies don't. But as long as at least they have a TOTB backup and one FIDO slot, I think that's acceptable. Better is having more than one, but so I bought a Ubico FIDO security CKC, which is FIDO UTF and FIDO 2 certified works great for my bank, well, my bank website. The same bank does SMS2FA in our mobile app still, yes. I don't know from a security perspective, like I've run into some weird things, even in enterprise software where we're like, why are you guys doing it this way? Like this is not a problem that one, you have to engineer because the libraries are out there. These are open standards. Most of your common programming, whatever language frameworks you're gonna build your tools on, most of them are gonna have a pretty common library for implementing standard crypto stuff. Cause the first rule of crypto is don't roll your own, focus on your application, grab whatever well implemented support libraries exist to integrate two factor into your product and then do it. And SMS seems like the hard way because technically if you're gonna build a product with SMS authentication, it's like, why? Because that's harder. You literally have to pay for some type of connectivity service to get the SMS tickets to go out. If you're not old tokens, not tickets. If you're not sending the tokens out via SMS, you actually can save money from a product build standpoint. Maybe it's just a user convenience. People are used to text messages and lose everything else. I don't know. The way around is to copy the first UB key with your second one, scan the QR code again. That actually only works if you're using TOTP with the UB keys, not FIDO. FIDO works different. FIDO is a per key basis. And to bring this up again, very much. You cannot clone the FIDO information from this key to this key. There are no currently known attacks against UB key. I mentioned when I did my video on FIDO that yes, there was a specific attack against the Google Titan keys, exploiting a flaw. It's really complex, but clever that someone figured it out to extract certain FIDO information. But it takes physical access and a lot of skill to do. It wasn't an arbitrary hack, but the FIDO stuff is different. This is actually one of the reasons I'm working in detail when I do my UB key video. I'm gonna talk about all the authentication models and what they mean. That's, there is a lot of confusion around that. Yes, a lot of sites do require you to set up like Google Authenticator before you set up a UB key. Yes, that's true. Seems that Bitwarden limits which UB keys can be used to secure your Bitwarden vault. Let me look that up. I don't know that that's true. You know, let's see what's on their support list. I mean, it's on their site that they supported. I don't think there's anything special. They support NFC with the app. They support, I mean, I've used my UB key with it, but because you can use it as a UB key or they support FIDO U2F. So there's two different levels of support. UB key support FIDO. If you choose FIDO, you're choosing FIDO. You're not choosing, when you choose this, you're choosing FIDO, which is something that UB key supports, but not the only thing UB key supports. So hopefully that, yeah, like I said, there's a lot to think about here. Hopefully that makes sense. Have you had a chance to demo Deeper Connect decentralized VPN? Nope, I have not. Yeah, you're talking about standard TOTP earlier, as we mentioned, which is cool. UB key support TOTP, you can save, I think it's up to 32 entries in these. Oh, I don't do a lot of FRR routing. FIDO is hard-coded unique per USB. Part of the UB key case problem is the USB AC, NFC, or the interface, the perfect UB key does not seem to exist, what's your recommendation? I'm holding my recommendation because these are the ones I buy all my staff. They are the UB key five NFCs. So the UB key five NFC just, they work, they're great. I can use it on my phone so I can, I believe the app will come up, there it is. And it brings up the UB key app when I do it. I'm actually not using the UB key app. I was using it for demo purposes, but I don't have any UB key set up, any of them set up. But yeah, the Authenticator app, it works, I have it loaded on my phone. I don't wanna plug anything into my phone ever. Like my phone does wireless charging, therefore I wireless see charge it. I never plug the USB-C in, I don't have any interest in doing it. I'm happy that the NFC works with the UB key. Matter of fact, I can just take the UB key, set my phone on top of it, and it's happy. So then if I wanted to, if I were to use it for that, there we go. I gotta remember where it is. I should probably put a little mark on the back of my phone where the NFC is. Yeah, it's right there, like it's right in the middle. I think it was higher up on my old phone, but you can protect your, get remote action using your FIDO Protected Open SSH key. Yes, I like the FIDO authentication. I mean, I read a lot, I knew overview stuff over it. And, you know, one of the things I like to do is take some time to some reading. There's so much available on YouTube. I mean, literally you can watch an RSA presentation on YouTube for how FIDO YouTube app works. I mean, the world is great when it comes to stuff like that. Information is so readily available on places like YouTube or I can just go watch this great piece of, you know, presentation. I didn't have to go to the RSA conference. Not that it wouldn't be fun to go, but yeah, I needed that information then. I didn't know I needed to know it when that was released. Now I do need to know it. Then you can go look up all the documentation on it, you can read through it, and you're like, hey, this FIDO thing, why isn't everybody using it? I think it takes, I think it's because it's complicated to get started with from a comprehension, like there's a lot to know. But once you kind of get the hang of it, you're like, oh, this is really cool. And I don't know, I hope more companies start using FIDO everywhere. That would be great. But yes, Git supports it. Lots of other things support it as well. Now, kind of on the topic, and I guess it's worth mentioning is the, what do you call that? TrueNAS scale. Why is Tom still on TrueNAS core? I'm gonna pull that up because reasons. I'm gonna pull the link up just so I have, because I have a screenshot with everything on there. And this is one of the problems I've run into, and I'm not here to dog on TrueNAS scale. It's a new release, but there's clearly some issues here. And this is someone else who started the post. There's Chris Moore, you know, the team at TrueNAS is on it. They're talking, they're diving into it. But look at the different results I got. You know, I'm just joining in this forum post. For those of you that wanna see it, I'll drop this link in the chat. Right here, you can see this is my TrueNAS core, 12.08. Here's the results from a test. All I did was run this test. This was on iSCSI and it was a Windows, sir. It's my Windows, specificities of my Windows gaming system. And I have it connected to my TrueNAS core with iSCSI, and that's where all my Steam games are stored. Here's the respeed results. And all right, that's not bad. It's reasonable. Definitely can load my games fast enough. Look at the speed results when I swapped over here to TrueNAS scale. They just fell through. It was really slow. And there's other people posting. And that's why I went and posted a forums here. This is the TrueNAS forums. Like there's some performance regressions. And I read in a few other comments that these performance problems were in the release version, but they weren't in the release candidate. The release candidate, a few people said was faster. I didn't try the, I didn't, I tried RC1. And I think that's what I did my previous benchmarking with. And it was not very fast. RC2, I just didn't try, because I reverted my machines back because I needed the performance. And now we're into full release and it's apparently slower than the RC2 was. So they're working on it. They're finding some work grounds. I also know like NFS is having problems. And so there's, there's some things to sort out. So I have to go to my office and play with some lab systems. I only did one system that I have here, but I'm going to build a few of them at my lab and, you know, get it all set up and configured so we can figure out why it's not as fast as it should be with TrueNAS scale. That's what's kind of holding me back from getting TrueNAS sale right now. What do you use in PF Sense? Iperf or IMix traffic calcs? Iperf is not realistic. IMix is much more realistic. So Iperf, the reason I'm glad they actually take the time to put those on there, but IMix traffic is going to be much more realistic because Iperf is a single stream as if nothing else is on the network. It's great for testing, at least to confirm the maximum potential network speed. Like the max potential network speed is here. And mostly it's not over VPN I ever bother using Iperf. Almost all my Iperf testing is to confirm if I have a 10G connection, does it connect to 10G? Great, we use Iperf, we confirm that. What's really gonna push the limits though, and especially when you get into VPNs is the number of streams, the number of different states that it has to keep track of through the VPN along with all the different mixed traffic of different types, how does it handle that? You know, you take something like torrenting. If you wanna watch a processor slow down a lot, you take a torrent, and a torrent with a lot of connections is a ton of tiny small packets to track. So you'll watch the CPU load go up. But what do you want faster, the torrenting traffic or which do you believe I should say that how fast a torrent will go or how fast some of the other things will go? It just loads the system differently here. IMix traffic is gonna be more representative of people aren't just running single streams, they're running like a lot of stuff. Have you looked into Unify UID? I'm gonna look at it, but I'm not an optimist on it. I don't know enough about it yet. So I don't know enough about if I'm gonna like it or not. I'll have to see exactly how they implement it. So I gotta look through, hopefully they got some good documentation I can read through. I know it's been released, but we'll see. Can you store your SSH keys on a UB key? No, and I wouldn't, even if I could. I have a video on using FIDO, the UB key FIDO plus SSH. I just have a video on that. That's a good way to do it, but storing your SSH keys on these? Not a good, I don't think that's a great idea. ZFS on Debian is faster, so it needs tuning. Well, ZFS is really fast on BSD, so I don't know that it's actually faster on Debian. So I don't know about that. So I assume about $400 UB keys after watching Cross-Stock Solutions order two of them and the security keys. Are you able to explain the difference between them other than not having TOTP? They have a comparison chart and tells you all the things are missing. These are the most complete ones. The other ones are just, there's a comparison chart on their site. I don't remember exactly, but when you go to the lesser keys, they just have less things on them. I wanted to use all the things, so I spent more. But if you don't wanna use all the things, and you don't care about those things, not in that checkbox, then you don't use it. It's like anything. It's like it's not that they're good or bad. It's do you have a use case for it? I just found out I can get five gig fiber at home and need to find a net case for five gig. The 6100 has a 10 gig on it. So how do you go about upgrading TrueNAS scale if you want the ability to go back to TrueNAS query? I was seeing about loading scale on two mirrored flash drives and then switching out. It's actually way simpler than that. Let me go here to the system. I probably still have it on here. No, it's not on this one, but the concept is here. I already loaded this one with scale and all I had to do is go back to core, was go into boot. You do this in scale and you go back to the boot and then you just select active. So this one's active now. If I had one in here, my head's covering it. Hold on, I don't feel like moving my head. Can I move this? Let's move this over. But you just change which one's active, that's all. And once you do that, you're good to go. Oh crap, there we go. Get things put back where they belong. You just change the boot environment. It installs an extra boot environment on there so you don't have to do the double flash drives or anything like that. Just load it, it installs a new boot environment. If you're like me and go, whoa, didn't work, you go back to the boot, you choose the old boot environment. I clean up my boot environments, so I went and deleted them. I deleted the extra boot environments because I don't need them anymore. This system's not going back to scale for a little while. I've had a lot of speed to scale, very slow compared to EXT4, hopefully fix it. Yeah, that's a nice thing about how it installs. It just throws a new boot environment in there and away you go. So you can flip flop, not exactly back and forth. When you change the boot environment back to core, last time I tested this, it wouldn't let me switch it back to scale again. It kept breaking, but you can always reload scale again. It didn't let me flip flop between them, but it did let me revert back. So do you think PSN Solar Support, some sort of solution for WAN multi-path aggregation? I am really doubting they're gonna bother with an SD-WAN solution. I don't think there's any push to code it in there. It's such a niche use case, so few people need it. Like they have to balance all the different things. They have a whole team of developers working on stuff. They have to balance out how many people actually need this. I think the use case is so small that they don't, they probably aren't gonna do it anytime soon because my understanding is the packages needed for that aren't available in BSD. And I don't think anyone's gonna write it for a limited use case. So if you have a use case, it's probably best that you go with the software that supports it. I know I've seen the project that supports it in OpenWRT. It's not something I had ever used either, so I can't even think of for all of our customer base anywhere I would be deploying that. Since you're doing 10 gig, do you use SCSI boot systems? Nope, never do. I just don't need to. It's not something I have a use case for. So as far as I know, you can. I think some BIOS does support. Well, I don't know that some of the newer ones, I've actually only seen this in older BIOSes and maybe some commercial stuff that has SCSI boot options. I don't, it's, I don't know. It's novel, but not something I'm interested in doing. Does PF Sense have any issues with five and 10 gig networks? Watch my review of the 7100 and I review kind of what the problems are with PF Sense and five and 10 gig networks. There's limitations on what you can do per single stream. And that's where the problem comes in. It's the way the PF Sense, I believe it's a per kernel. Each state goes through the kernel and the way it routes, there are some speed limitations. But cumulatively, you can get to 10 gigs across multiple streams. You just can't have a single state stream that goes at 10 gig. Well, you can if you get a fast enough hardware. I don't know what that fast enough is. It just, it's kind of just way the packet handling is done in a kernel. It's kind of problematic, I guess. Yes, don't upgrade ZFS versions. I believe they're using a slightly newer version of ZFS in Churnass scale. So if you were to load scale over core and upgrade ZFS, you're going to be reloading. Stick with one gig because you have so much infrastructure in place. There's, it's a lot of infrastructure. And I imagine at some point, I don't know where this point is. I don't know how much bandwidth any single IP or single connection will be limited to by the upstream providers as well. So any recommendations for PSS benchmarks, AESI, VCU, nope, I haven't tried it. So I don't have any benchmarks on it. Yes, now what Christian McDonald said, this is the guy who knows his stuff too. Christian McDonald's is a developer over at NetGate and you may have heard a little project he worked on called WireGuard. And it's awesome to see Christian in the live stream here. But yes, their TNSR is a completely different approach. I believe, and Christian, correct me if I'm wrong, isn't it called Vector Packet Routing? I think that's what they refer to it as. But the other NetGate product, this is the thing it can solve is it's fast, really fast. Oh, you need a 10 gig connection. Their TNS, Tinser or TNSR, I wasn't sure exactly how to say it. I get it mixed up, sorry about that. But either way, the NetGate TNSR, just you'll find it at least by putting those letters in is really, really fast. And that's what that is. It's a specifically for high speed and I guess I believe it's called Vector Packet Routing. Do you use Guacamole to else manage OS instances in your virtualation? Nope, I never use Guacamole. I just use SSH. So I haven't really had the need for Guacamole. TNSR, yes. Okay, so it's called TNSR, awesome. Vector Packet Processing, VPP. VPP is pretty awesome. And it's how TNSR achieves its fast speed. I don't, like I wanna, maybe at some point I'll dive into doing some demos on it, but it's definitely really cool. And it's just, it's next level speed, by the way. It's built not on PF Sense at all. It's a completely separate project. It's just built by the same smart people over at NetGate. So they're obviously long lineage of engineers of network engineering. So they put their network engineering expertise into this other product they have. It's really cool though. I tried Core and Scale on two QNAP devices and they both worked great. You know, that's the one thing. So QNAP, I've dogged on them about backdoors in their system, ignoring security researchers and things like that. But a few people have mentioned, I've just not tried it because I don't own a QNAP device. I think there's probably a strong use case and argument for loading different software on them to make them a better product. So maybe they make good hardware with bad software, so load your own and don't worry about the problems that is caused by the problem. Because none of my digs on them were for the hardware. My digs on them were all about the, all the problems with the software on them. Hey, someone shouting out here, hey Christian, thanks for PFF WireGuard. Any chance you can add a small tip or a button to generate peer config so it'd be easy to copy and paste? I actually, I thought it had an option for that. I thought you could copy some of that. Let's look. I am curious, I have WireGuard on my system. Yeah, there's just so you know. Any IPs in here shown? Just my public key, which doesn't matter. But anyways, well, I have a video on this already, so let me pull up my other one. But oh, exporting peer configs that are importable into various as being worked on. Okay, cool, so good news. This is, Christian's already on it. God, I see, I just looked, I see what you're talking about was I actually did an export. I didn't wanna pull it up because it's got my IP in there. So yes, that's awesome. I hear that Christian's doing this. Is that H, oh, is that H cap in the background? I still like H-top. I'm partial to H-top over A-top or glances, so. Oh, I'd love this. I really would like a QR code generation, especially when I'm sitting up on my phone because I do connect my phone to my network for this because that's, you know, people ask you when I'm talking about, you know, NAS security and things like that. So one of the things I do is just leave, WireGuard is like awesome on the phone. So my phone connects to my network and this is the way I don't have any port forwards open for things like when I'm, when I access my cameras on my Synology NAS, I'm like, WireGuard, it just works. So I'm excited for that. I'm not sure if Ranchmer can encrypt my, encrypt backup file over SSH, don't wanna secure your problems. Oh, the FBI warning about security QR codes. I didn't look at it. I just like, I think I was like all the other security people on the Super Bowl going, how many people just playing their phone at a TV? You know, cause Coinbase, I guess. I don't know. It'll, the phones are gonna be, when I can't say going to be, the phone attacks that exist now are only going to get ramped up substantially more because people, people. And well, yeah. I have an ongoing dog alone QNAP regarding containerization, implementation, QNAP Engineering, Taiwan as a disconnect. Yeah, probably does. I would say, don't use QNAP. That's my answer. I don't think the problem is that people are stupid. I think it's a lot more complex than that. Is a lot of people just expect technology to work and most people are trusting and they trust that people aren't going to do nefarious things. So it's difficult. Now, there are exceptions that I'm not saying stupid people don't exist, but the average person actually isn't stupid. I think technology people do a bad job of making things easy for people to use. That's more of a critique, I think, on the technology sector and making a lot of assumptions about the average person and how little they care. It's like when you say the desktop argument and things like that about software and operating systems, I'm like, the average person does not care about their operating system. Is it possible a good idea to tie admin access like sudo to Ubiqui Linux or Windows? Actually, yes, I was playing around with that. Jay has a video on it. You can do Ubiqui admin level like sudo. You can have this blink when it's sudo and touch it for, well, this one's because the touch one, you can have it so it's required for sudo. I think it's a bad idea. The downside is if someone wants to log in to your system, they plug this in and they're like sudo, oh, touch. Oh, log in, touch. So you made it really convenient, but you have a problem with physical access now because if someone has access to your computer and your key and this is the only authentication you have, now they have the ability to not have you involved at all to have access to your computer. So this plus your password can be a really good idea. So some, yeah, not to say bad, but people have had QR codes normalized. Yes. Yeah, MFA2FABUBiqui and in-memory SSH search in your SSH agent rocks. Yes, there's ways to just load it into memory as well. So using SSH agent beyond my ability to describe right now easily. I don't have a write-up on that. What else are we gonna talk about here? FIDO, Yubiqui's, ZFS, they were covering a lot of it here. Just ordered a gigabyte with a totally overkill PF SenseBox. Hey, why not do overkill? It's cool to see it load fast, I don't know. Kind of fun, not needed, but my PF Sense is not particularly fast. What is my PF Sense? I guess it's not terrible. It's a, what is it? The current one I have, and I switch them out all the time, by the way, it's just what I have right now, is Intel Core i3 from 2014. So I don't know, works for me. QNAP is no worse than WD ASTOR Synology. No, QNAP is definitely worse than Synology. There's, I don't think there's a comparison on there. So, yeah, the QNAP, the fact that QNAP had more than one back door and it just ignored security people. I mean, security people approve of concepts, posting and forums going, guys, you know, this is a problem you should fix and they didn't wanna fix it. The only time they fixed it was after the security researcher gave them like six months to do it. And this is, I think there's more than one incident with it. So, yeah. I mean, if you have 120 gigs of RAM and nothing better to do with it, stick it in your PF sense. It won't use it, but you can have it. I don't think there's really much of a use case for that. I don't know if this is really something Christian would be able to help with and I may be wrong about this, but the request to add logs for failed WG connection attempts. WG is very quiet. If you load it, and I have a video of running it on a Linux server, you'll realize there's not much in the logs even when you build your own server. There's just not a ton of information that WireGuard puts out when things fail. It kind of fails quietly. It doesn't give you deep diagnostic information. We don't offer KMS for clients. No, we don't do key management services. I think if you went dual 128 core Epic CPUs, it might start being overkill, plus you have too much money. Yeah. I mean, you could just keep throwing stuff at it. I don't wanna have a RAM PF sense to the year. Since 10 gig networking is already so cheap. Yeah, 10 gig has really gotten affordable. Wendell did a video on, I think it was on the Chelsea IO 100 gig cards, cause even the 100 gig cards are coming down in price. So that's the, and of course, the next question is 100 gig, what about the switches are they coming down? Wendell covers that in his video. So Wendell from level one texts, it's his, matter of fact I'll pull, I'll actually bring that video up cause it had some really good insight in there. Wendell is always so insightful on these things. So we'll go to level one Linux. And this is the video I'm talking about specifically. It says talking about Mellanox 100G. Hey, you can see Tom watched it. Great video because it breaks down the affordability of these Mellanox cards. So you have the affordability information in there, but it also, he talks about the switches and something I've mentioned before. And it's an important thing. Do you have a use case for that? When people start comparing switches, they're going, hey, this switch doesn't support that net. And I said, well, do you need that net? Do you need those extra features? And he talks about how there's a lot of these switches that were used at the large data center companies that don't have a lot of fancy features other than connectivity between two servers. That's it. And those stripped down switches are pretty affordable because they don't have all the fancy routing in them, but they don't need any fancy routing. They need you to connect a few servers like a storage server to your hypervisor, for example. So you have your VM servers and you have your storage server. You want a hundred gig connectivity between them. That's what these switches can facilitate for a reasonable price. What do you think of the announcement that Unified 6E AP, which finally has a two and a half gig interface? I don't know. So six, it's a Unified 6 one. If you need a Unified 6, then you need it. What's availability like with supply chain shortage? Probably limited availability. Repurpose 1RU, 1U, I'm assuming you mean blue coat server for my PF sense. Four core Xeon and the price was right at 15 bucks. That price is great. I don't know the specs on that particular system, but hey, $15. For my PF sense, I just went, I prefer low energy. So yes, software defined storage, loves big buffers and they cannot lie. Fast storage can benefit from RDMA, Melanox's leader in that. So yes, Melanox makes some really nice, fast cards. And when you start diving into some of the pipelining things that have there, are you going, oh no, I'm not doing another live stream today. I'm only doing one live stream today. Yeah, Protectel is a pretty low energy one. They're popular, a little devices. They've been around a while. Barracuda 1U servers can also be good second hand PF sense appliances. Cool. If someone can tell you where to buy, use data center equipment, it'll be helpful. Honestly, Tech Supply Direct is where we buy some of it from. You can also just eBay is where a lot of it ends up. Unless you're lucky enough to be by some local place. I brought this up before. Here, we'll actually give a shout out to this. So we'll throw it in here. Yeah, supply chain shortages are actually pushing demand quite a bit, but there's also LabGopher. LabGopher is kind of cool if you want to sort by CPU. This finds specifically servers, but you can see by brand, by Dell, maybe you're looking for a Dell 730. Start sorting out which ones you're looking for. Just a thought, if you're looking for stuff, looking for deals on things, it just can help you find it. And this law is gonna link to sales on eBay. But prices are up on a lot of the stuff because of supply chain shortages. People are, you know, grabbing in what they can. What am I making an LTS water bottle? I should do that, because I would then have my own water bottle. I don't know, I'll look into that. You don't trust eBay, you had many issues in the past. If you were looking for a reputable eBay vendor that I've dealt with a few times, it would actually be, they have a website too, by the way, Unix Surplus. So let me go to their, make sure it's the right company. I use eBay very, very importantly. Yup, Unix Surplus, here we go. Lots of stuff for sale. They've been around a minute doing this. They're a business that's doing it. So yeah. And if you Google for Unix Surplus, I think it's just UnixSurplus.com. Probably, yeah, Unix Surplus, I could type that out. But I have bought servers from them and not a problem. They have all kinds of stuff. They were easy to deal with. Nice people, the stuff were I fine. I've recommended to a few people and they have a few different. I guess they have three eBay stores. They have an industrial store, didn't even know that. Oh, there's industrial stuff they got. Server supplies, that's the only one I've ever used, but hey, look at all the Dell server supplies. See all items. Hey, look, 10 gig cards, Samsung's, NVMEs, all kinds of fun stuff. Broadcom, external SaaS connectors. This is, look at all this exciting hardware. Oh yeah, government auction sites too. I mean, this is a rabbit hole. I'm not in that market like I used to be. We used to buy 2005. I used to buy bulk purchases and stuff to sell on eBay and things like that. I was in that market 15, 18 years ago, made some money on it. It was novel. You know, one of those, I joke around, call it one of my past lives of different things and different stuff I did. It was related to a electronic store I owned at the time. So yes. Any PoE switches better than others trying to set my first PoE camera system. I'm partial to the Unify stuff for ease of use. It's not that I think they're the absolute best switches out there, but they're easier to use and configure than a lot of the other ones out there. So I do recommend Unify for the PoE. They give you nice stats and pretty things and tell you stuff like, you know, how much power you're using and everything else. So I'm really happy with mine. Matter of fact, pull this up. So where's Tom's house? Ooh, Tom has not done his latest firmware updates on these. So what needs a firmware update? Oh, none of these. It just was a leftover thing. If we go here, hey, look, my cameras and I can tell you how many watts each camera is using. I can tell you the usage here. I'm using, what, let me zoom in a little bit so it makes it easier to read. What do we got here? Like 36.36 watts and you can mouse over each one. You just don't, I mean, there's other switches that do this, but you don't get this with all of them. So Unify is kind of, you know, nice for that. Would you play PF-Sense on top of Proxmox for separate segments in a local host or stick with Proxmox native networking? I don't know enough about Proxmox. I have no idea. I don't use Proxmox, I use XCPNG. So not really sure. I don't know what exactly you're trying to do either. I know my understanding is PF-Sense works fine in Proxmox. So, but I can't verify that. I just know from people saying it does. Hey, other people saying Unix Air Plus is good from there. So great. How do you, how recommend us to use EC memory and PF-Sense? I don't, I don't usually. I mean, if you get the net gate appliances you do, so I can't say I don't usually, but I'm seeing usually as in, if I am building something, it's not likely that I'm building it with ECC. Ah, yes. That's actually one thing. Selling electronics over the years is always a race to the bottom. I worked in the electronic sales all the way into from the 90s, all the way up until probably mid 2000s, before I would say I pretty much was done with it. Even right now, we don't focus at all on any of the sales of electronics. Selling knowledge is way more lucrative than selling hardware. Unless you're the manufacturer of that hardware where you have better price controls, but from a profitability standpoint, it's not that you can't make money at it, but it's a tricky game to do, especially in electronics when the prices are always going down and the margins with it. Anyway, set up to say at 100 big and primal, VM's not having 100 good physical interface. Ask in XCPNG. I'm not sure, because a lot of it depends on the bus of the system is where the maximum potential is. It's not just a limitation of having the cards because the system runs, there's internal limitations. I don't know what they all are, but if you post in their forums, they may have an answer for that. Private networks only use management for me. No, they don't. Private interface nicks, if they're on the same server, have limitations on the bus, not limitations based on, you can have one gig cards, but get faster than one gig. Unless they re-engineered it in the latest version, but that's how it's been. Having terrible issues with PCI pass through. Yeah, I don't post in the forums of whatever you're trying to pass through. Like if you're having trouble with Proxmox, post in Proxmox forums, XCPNG, post in their forums, I don't do any pass through. It's just, it's very, I've tested it, but I'm not an expert at it. The couple of times I tested it, it worked. I said, cool, and I set it aside. We don't use any pass through in production. All of our clients are, well, none of them I can think of that we do any of the consulting with or ever. Yeah, remember, RB use case is more business consulting. I understand the use case for it, especially in the labs. And I think Jeff from Craft Computing has done some great videos talking about pass through. A Wendell has done some good videos about pass through. I never use pass through. So it's like, maybe one day if I have time and finish up all the other things I want to put out, I'll go, hey, let's do some pass through videos, but it's low on the priority list for me. How do you build your PSS firewalls with cluster deployments? You buy two, just put them in HA mode. We have plenty of clients using, not all clients, it really depends on the client, but we have clients using HA. We have racks and data centers with PF Sense and HA. Works great, you just buy two. I've got videos on how to do it. So if someone says, hey, I want a PF Sense with HA and I want a 7100, we're like times two. I think one of the demos I did is with a 3100, you can do HA with, I didn't have any, but I wanted to do HA with a pair of 1100s because why not, just prove the least expensive device NuttGate cells will do HA as well. So you just buy two of the same ones. If you don't buy two of the same ones, you're gonna have a headache with it. Running home-based true NAS on Wi-Fi. I can't think of any reason I would want to. I can't think of any reason it's a good idea. It comes down to free BSD driver support for Wi-Fi. I don't know how good it is, if at all. So I don't have a lot of answers on that. I mean, if you can find a network card that works, but it's not something natively I know of, exposed in true NAS, because you have to configure the wireless card. So I'm not gonna recommend it. It does go faster than a listed speed. So let me look on mine real quick. I think I have a private network in there. Where is that at? I don't know, I have to look at XCPNG. There's an option for it for doing the, there's more than one way to do private networks, basically. I have some older videos, I think, where I cover this. And then they have a description in there for how you can do it. Looks like I think the only thing is 10 gig on my system. But then if you click this, it'll go to their please see requirements. Encryption not available on XCP-8 to avoid to be able to encrypt networks open V-Switch must be installed on all hosts. It'll be on my to-do list to set up some new rules for that. It's, I haven't played with it in a little while. Do you know if XCPNG will go real basic and trying to implement at work but can't because of newer stuff, RV? I have no idea. I don't have an answer for that, contact them. Only thing is WireGuard isn't properly supported with it yet. Yeah, I didn't know WireGuard isn't, I never, I don't have anybody with WireGuard and HA. I imagine it would fail over and it would just drop and rebuild the connections if it was set up. I imagine it synchronizes. What would be the use case for private networks like a single node cluster? Yeah, you could do that where you have a private network for all of the backend systems to talk to each other. There's some use cases for that. They do support like VXLAN and a few other features in XCPNG as well. But if you're gonna build a server stack, you could build it. So the first server is your firewall or load balancer and you can put all the other servers behind it. So they all talk to each other at whatever the bus speed as fast as they possibly can, I should say. Not necessarily bus speed, but whatever the limitations are within XCPNG, but it would obviously be extremely low latency because it's just working off of a virtualized network stack in the back. Any idea how production worthy, TrueNAS and QNAP are would be? No idea, never. I've never actually worked on a QNAP, so. So it's missing XML or PC, that's all. Yeah, not probably that big of a deal because you're not, you know, once the configs are in sync, I don't think that's a huge deal. I don't know. I imagine the configs would sync, even if it doesn't have XML or PC, it should just sync with the normal configs. I don't have to ask Christian about how this sounds. I have not tested it. So we're putting a swap partition and Zill on a different SSD or is it fine in a mirror? I don't understand what you're trying to do. I don't know. We need more context, John, for that question. Maybe post it in the forums. If you, have you had any challenges getting equipment for clients? Yes, just like everybody. I don't know anyone who's not having challenges getting equipment for clients. We already had to do some special things. We have a project coming up. I took a picture, so I'll pull it up real quick. So yeah, we just had to pick all this up for another project. There's a reason Tom's picking it up in his truck and going places. You know how hard it is to find some of the conduit we need for some of these projects and stuff? Like this, because we have to do a project that requires all the wiring to go inside of a series of conduits. So everything has been like drive here, go there. And I'm like, as soon as I find someone that has something in stock, I'm like, I'll go get it now. Here's my credit card. So we had to, yes, it can be challenging finding anything, not just direct things, but for materials for bills, materials for like the wiring projects and things like that. So yes, any experience with companies like Siberia and NetShorin? Never heard of them. So much, yeah, unobtainium. So much stuff is hard to find right now. There is no doubt. It is a big shortage of things. You know, one of our clients is a data center that can't finish building the data center. There are a thousand switches short. They take in any ones they can get, but they need one. Right now they are a thousand behind from finishing it. They have the room, they have the racks. They need a thousand more switches as last I heard when we talked to them. I was like, wow, like, they have the bunny, we don't have the switches. They may have gotten them by now. It was about a month or two ago when you're doing some consulting. I was just like, you know, everyone's like, how do I get the stuff? Yeah, so let's go ahead like 180 days. I seen someone post about that too. Any humorous work happenings that you can relate to us? Oh yes, yes. Because no one is asked, and currently there's 135 of you here, but you haven't asked what AGB means. And it's, this is me being kind of, I don't want to say I'm being obnoxious, but oh, I will answer this question, money. That's how the, you're wondering how the large cloud providers like AWS, Azure are handling the shortages. Money, that's how they're handling it. They are just paying whatever it takes because it's a bidding war. There's a finite amount of availability of parts and the highest bidder wins. So yes, that's how they're dealing with it. No, the amusement, and I'm not gonna, not gonna out the person who did this, but oddly, two of them in a row did this. On the same day, one person was rational, one person was irrational, and it led to AGB being said in the office. AGB stands for absolute greedy bastard. So someone contacted me through our contact form, which by the way, let's pull it up. Let's actually go over things really quick here because I am a very upfront person. We are, you know, we have everything on here and the person called, we actually told them this over the phone. So it's not just our, there, see, it even says right here, we have, I'm gonna pull up the site. Are we right utilizing large cities to have to call these 200 per hour, build 30 minute increments, there's a one hour minimum purchase for new customers, straight supply up to here. If you wanna request a consult with Tom Lawrence, the rate's going to be higher. There's absolutely documented right here on my site, it's accessible to anyone who clicks it and then you can contact us and you can clearly see that we charge for our time. Not a secret. I put out a absolute ton of YouTube videos, I put out documentation, I put up write-ups in my forums or reply to people's comments all the time. I answer, you know, all the forum questions to the best of my ability or much time as I have to do so, but some people wanna hire us for things and that's fine. And sometimes those people wanna hire me and those people get really angry when they find out what I want for things. They want these really complicated tasks done that sometimes don't even make any sense. And they think because they're a home user, I should offer them some free service to do it. And the person went on a rant calling me an absolute greedy bastard for wanting to charge for my time to help them was a simple problem that I could have fixed in only two minutes is if there's no concept for the time it took me. Yes, I can probably have fixed that person's problem in a relatively reasonable amount of time, but how did I get there? I spent years and years studying to be able to know it and people sometimes do that. The person also said they are unsubscribing from my YouTube channel and called me in a series of emails, they kept sending them. I didn't block the person because we got curious at what they were gonna send next. And, you know, that's, and it's really weird because someone else did the same day they went back and forth because they couldn't quite understand why we would charge them to answer questions. They go, I just have some questions about TrueNAS. Well, would you like to book some consulting? No, I don't wanna pay for consulting. Okay, what do you want? They go, I want to have a phone call and have you answer questions about TrueNAS. I don't want consulting, I only want all my questions answered. And I'm like, that's what consulting is. And they're like, but I don't wanna have to pay for it. And I'm like, I don't, I'm not gonna be able to help you anymore. It's really weird that people do that. So, yeah, you're right. There's a whole subreddit for that called Choosing Beggars. Yeah, I've definitely seen that subreddit and we were right away laughing about that and bringing it up. But the person at the end signed off with Absolute Greedy Bastard. So we were greatly amused by this. I said, I'm gonna name vlog Thursday, AGB. So, let's see. Yeah, it's really weird. So what else do we have? Oh, freebies, lights. Oh yeah. And there's no telling you how much was already misconfigured. It's only took five minutes to actually fix why he fixed it himself. Yeah, I know. That's definitely for sure. Yeah. Hey, smash the like button too. Yep, the Absolute Greedy Bastard. Me and Eric see it too. I mean, I try to be as reasonable as possible and I just sometimes have people tell me, I'm charging way too much. I'm like, well, you're not forced to use me. I mean, there's, it's a free market, dude. You know, there's, it's like one of those things. I throw all this stuff out there. So, you know, just I, and especially I post a lot in the forums. I like this. Well, a new name, AGB Text Services. Yeah. I don't know. Like I said, I don't understand some people, especially when they go on rants and just type me, I didn't even reading everything they wrote. Like they kind of went on a rant on there and I'm not gonna call the person out specifically. I'm not like that. I'm just like, really? You're a rant about that? Why do UPSs feel like they haven't evolved since 2005? Cause they haven't. It's not a feeling. Running a business, not a charity. Already awesome how much you provide for free. You know, and this is a debate I've had with many people. It's, I, you know, the, the, what do you call it? The business model is, is tough because you want to give away a lot of information for free. You want to be able to really get technical, but there's a balance and, you know, people who create courses sometimes get upset going, well, you're telling them for free on YouTube what I charge in a course. And I don't know. There's probably some balance, but yeah. Welcome to AGB tech services. We don't want your help. Just want your money. So yeah, it's just, it's figuring out three. I mean, I throw so much information out there that you can't necessarily find but a lot of other people do too. Then a lot of people say, no, no, no. And I've had directly talked to people I meet through different organizations. Like they're telling me, no, I should be putting all this into a course and packaging and selling it like they do. And I already know there's a ton of people out there selling courses. And I haven't really got into that. I don't know. Maybe I will at some point sell some courses in addition to, but I like putting a lot of information as long as it's reasonable. I mean, our back end, because I still have bills to pay is the fact that people book us. There's a reason there's a hires button at the top of our website for people to hire us for projects. And so it's also big reveal part of our lead gen system is putting it out here. But at the same time, it's not as much that it's needed for lead gen. It's also, it's like a bonus that it does that because I like putting a lot of this stuff out there so people get more access to technology because I think there's a gap in the market. How do you solve that gap in the market? Throw lots of knowledge out there about technology and then people will pick up on it. You know, and this is, this is also one of those things that is, it's just so, I don't know. I'm gonna get way off topic if I really say everything. It's not that there's even a ton in my head on it, but someone did say meme and that got me immediately distracted because yes, Tom loves memes. So we'll pull up a meme. This was the meme we sent internally. So I will share it here. When people find out watching our videos does not entitle them the free support. This is, yeah. So I was mature enough not to send this meme to the person that was really angry at me. I didn't, I'm not here to just, you know, rattle up more anger, but we sent that internally. So there's some snarkiness that goes on internally. So yeah. People in general do not read, they also do not listen. They do. I'm not jaded thinking they don't. Matter of fact, a lot of times it's, this is exactly a good, this is a great example. Let's pull this up. Cause I love this example you guys are gonna learn about me and what happened with my Tesla and we're gonna turn it into a life lesson here. So we'll pull up the snapshots. So there's my Tesla taken apart in my garage, not by me. So I watched some videos and this is where expertise comes in. Cause please know they took a lot of my Tesla apart. The headlight broke. Well, it was broken not because of anything Tesla did. The headlight got smashed. There's the headlight on the ground here. The headlight got smashed from a giant piece of steel flew off of some other vehicle and went through my headlight and smashed it. Just hit the plastic so the body was fine. So that's great. Well, not great cause it still broke the headlight but I looked up what it took to do the headlight. I watched a YouTube video who a mechanic at a garage had a step by step of how to replace a headlight in a Tesla. Great video. Except after watching it and realizing that it looks, there's a lot of screws. He was, it took him an hour to get all those screws out. All these little screws all had to come out. This is where my videos have sometimes done the same thing. You watch it and you're like, oh, I know how complicated that is now. I don't want to attempt it. I know a person I can hire Tesla. I can hire Tesla to come out and replace my headlight. They have a fee, but it's worth it. Matter of fact, he did something that he told me the mechanics on YouTube didn't do. Did anyone notice the orange tape on there? And this was clever. So the mechanics said, hey, you got to take the whole bumper completely off. The Tesla guy said, nah, I know a trick. And he says, instead of taking a bumper off, which means you have to take all the sensors out, he put some tape and balanced the bumper. He knew exactly only which bolts to remove to pull the bumper aside, hold it all up while he swapped the headlight without having to remove all the extra sensors, which take more time. So this is having a professional do it. Obviously, because this is Tesla proper who was doing this, they came out and replaced my headlight and it's great. It works fine. And they also said it's a tricky thing because you have to synchronize the headlight because it's got a circuit in there. And he walked me through it. There's a computer method you have to do. You call Tesla and they'll do it for you. But yeah, it was worth it to me to pay someone because I seen how complicated it was on YouTube. And sometimes my YouTube videos are just that. Someone goes, I watched an hour long video on HAProxy. I think I'm gonna pay you to set that up. Aren't Tesla parts on a long-term wait list? No, it took me from the time it was broke. We called them fixed five days. So five, six days. Tesla's are a little bit of a wait list. Wait, Tesla couldn't give you free support. If it's under warranty, they do. So I've had a warranty, I've had two warranty things but smashed headlight turns out not warranty because they didn't smash it. Tesla offers onsite service. Yeah, that's how they, you know, I've never taken it in. So the door flap, the charge door flap, the motor broke. They showed up, popped the new motor in. When I first got the car, really first got it, maybe three, two, one sector I got it, the camera I had a problem. And they came out to my office and just swapped the camera real quick. So yeah, yeah, Tesla offers home service in a lot of places. They do here in Detroit area. I actually, I know other people in Northern Michigan that get it too. Yeah, last Thursday I talked about it, Eric, and this Thursday. So yeah, you didn't, I talked about Yubi-Key earlier. So I was just talking about, but all I did was bring up that I did the Fido YouTube F video with these Yubi-Key's physically with these ones in my hand. So I still have the video on it. Hey, Tom, when you're doing tutorials, do you ever zoom in on sections of the screen? Are you doing that in post or in OBS? I'm almost always doing it in post. I rarely do it in OBS. I think there's ways, I know that I shouldn't say, I think there are ways to do it in OBS where you set up different scenes that are zoomed in, but I don't really do that. It also was very disruptive to do a tutorial that way. I maybe, I don't know, maybe I could think about my workflow differently and do it. For me, it's like go in post, you go to transform and crop in to the section needed. I work on my own cars and Tesla scared me. Well, you may have got the idea, if you look in Tom's garage and see these two toolboxes, Tom works on cars too. Most of them are more motorcycles than cars, but yeah, I didn't feel like dealing with the Tesla and all the sensors with it, but those toolboxes aren't there for looks. I've been a mechanic for a long time. I like working on things. But some things. Yes, and as far as you know, Eric is one of the staff members at the office. He has a UB key, Eric, the UB key you have supports, FITO, UTF, the one I bought you. I buy UB keys for all my staff. One of the perks of the job. Will ZFS ever properly make it over to rail? Have no idea. Are you laughing at the rest of the high gas prices? Not really referred to Tom's truck. So I at least have one vehicle that takes gas, but I don't really pay a lot of attention. I know gas prices is the thing. Oh, not any in freezer. That's my son complaining about pizza. Ooh, motorcycle time, right? We should get off topic because we're already an hour and a half in. Working on a video for Firefox multi-account containers was going to post, but yeah. I mean, it kind of depends on workflow. The downside is if you crop in too far with OBS, there's no going back. If you crop in on an edit that you're doing in the editing software, if you crop it in too far or adjust it wrong, you just readjust it. You didn't lose it. So what the current motorcycle I have is my Yamaha Super Tenere. That's my current motorcycle. So probably another picture of it somewhere. Me riding it. It's a beast. We're having fun out in the woods, but yep, that's my other hobby when I'm not on computers, just playing with motorcycles. Better off topic, better yet off topic for hot sauces. Yeah. I think we need more UPS automated safety down videos. There's got to be better solutions out there. I don't know. Not really. Raid in a service popular to do raid two service so either can fail and the other carries on. They do that with, well, now you're getting into how. There's a lot of methodologies to do that. Look up like SEP and Gluster are ways to do it. The other ways to do it are things like the way you can get a true NASS core system, like the M40. And I've done a video on it. There's an HA system from True NASS that allows for dual raid controllers and failover. Oh, let's see. Ooh, hot sauces do sound good. Scorpion peppers, Carolina rapers, habaneros, they're all staples. They are good. I do like spicy stuff. Now I want some spice. I got crackers, hot sauce and cheese, man. That's just happy stuff. Happy stuff. What are some other questions we have? I covered all the things I have going on here. Oh, let's go ahead and say, smash the like button because we have 67 likes. Throw more likes at me. Make me feel good about myself or something. No, I don't let the algorithm game my life too much. That's the best way to describe it. Ooh, that's a good one there. What's your favorite go-to hot sauce? I don't know that I have a favorite go-to hot sauce. It all depends. I have one for each mood. Honestly, Tabasco and eggs, everyone's like, but you have all this fancy stuff. You just said the word Tabasco. Tabasco and eggs, man. I just like it. Also hash browns in Tabasco. But for other stuff, there's all kinds of variety. I don't know. It kind of depends on what I'm in a mood for. Other ones are just like whatever is going on, whatever. I have a meek or tick video. So I already made one. Search my channel, they exist. I like that one too. I'm all out of the chulua stuff, but man, that stuff is tasty. There's also SAS drives that can connect to two different systems, so not really rating. Yeah. Oh yeah, Eric's not wrong about this one. The dirty dicks hot sauce, definitely a good sauce for sure. We probably have an update of this page in a while. I know there's a few more of them, but if you go over to our website, you'll find some hot sauces in here. Yes, we did put these in. We really like the stupid buffalo wild wing sauces. I ain't, these aren't sponsored. These are just there. I love this. El Yucateca. Secret Garden Burke. Haven't had it in a while. That one's good. Texas Pete, the trough. Hey, and this may be a basic hot sauce, but I'm not gonna lie. The Valentina Salsa Picante, tasty stuff. And this is under Things We Love, then go over to our hot sauces we love. So definitely something we talk about on a channel. Marie Sharp, the Marie Sharp Smoky Hot Sauce. Oh, it is the smokiest hot sauce I've ever had in my life. So there's definitely, let me pull that one up on Amazon. That one is amazing. This stuff is incredible. This is the Marie Sharp Smoky Marie Sauce. Man, this is worth every penny. So we, yeah. And it says only 16 left in stock, order soon. But the Marie Sharp stuff's amazing. Yeah, we really, so yeah, I mentioned, hey Eric, do me a favor and mention it to Kyle. Kyle keeps our hot sauce page up to date. And we gotta add the Marie Sharp's on there and any other. Nando's Perry Perry, amazing on chicken. Maybe he's not wrong. What do you think about Intel's delay of granite rapid saying it's gonna end 20 to 40? You think the former VMware CEO frustration with people doubting his transformation moving Intel? I have no idea. I don't keep up with Intel politics. It's just not my thing. They're released when they release. I mean, I don't dabble much in a hardware market. So $20 per bottle in Canada. Trust me, it is worth it. I'd still, even I'm not gonna tell them that, but I'd pay $20 for a bottle of it. It's some premium stuff. It is premium for sure. Domino's, oh, my son wants pizza again. Maybe. Putting that, it is the Marie Sharp Smoky Marie is so, is it? And I've smoked my own peppers and made my own smoked pepper hot sauce and they still are smokier than that. So yeah, we do check the, we're lucky enough to have some good grocery stores here that we definitely get some good deals on hot sauce on. Yes, almost pizza time. So I guess we could order a Domino's pizza for my son, but that means I gotta go pick it up. It's not far to go pick it up. So where's my wife at? So I'll use her vehicle to pick it up. She home? So, all right. We're gonna wind down this live stream then so I can get some pizza for my son. So let's see. Do I make my own brand? No. Thoughts on the HMAC Challenge Response Method in YubiKey? I've not tested it, so I don't know. I don't have any thoughts on it. Smoky by like a Lafrag whiskey. What is Lafrag whiskey? Huh? L-A-P-H-R-O-A-G. I don't think I've had that one. New whiskey to try. Interesting. All right, now you guys distracted me. Whiskey's a distraction for me, by the way. If I say your son to his own VLAN, he is actually on his own VLAN, he's not on mine. Where's the hot sauce page? Go to our website, laurancesystems.com and go to things that we love and you'll find the hot sauce. Any other final questions here? Any other final questions? I should have an affiliate link for Domino's. Yeah, I mean, we talk about pizza a lot on this channel because my son's always like, you know, it's pizza time. Hello, question. I have a PF sense, just moved to a new house. But the WAN is not getting a public IP when I release from ISP. Any advice from the PF sense side? I don't know why it's not getting a public IP. There's, here's a, you know, simple questions are things like, hey, what happens when you plug in your laptop or desktop directly to it? Does it get a public IP? You know, try another device. Other times, some of the ISPs, it's kind of weird. If it senses a change in MAC address, it'll give an IP to one device, but not the next. You have to reboot the ISP device each time you put something with a different MAC address on it. So we are in Detroit. Well, Detroit's our closest big city, properly we're in Southgate. That would be a whiskey, not a whiskey. Okay. I broke my whole network with a misconfigured VLAN, not a question, just wanted to brag. Fair enough. Well, I'm gonna go see who has some of these smoky whiskies. Now I'm, while I'm out getting pizza, I'm gonna see if I can find a super smoky whiskey. Whiskey. I got video games to play today. That's what I think I'm gonna do to the rest of this evening. So, hey, no problem. We're hoping you get it sorted out there, Nestor. Tastes like a bonfire. Yeah, no, I've got it pulled up. I'm gonna bookmark that. Actually, I should drag it over to my other screen so I don't lose it. Well, there we go. Whiskey behind me. What games are you playing? I forgot. It's one of the Wolfenstein games. I never played one of the older Wolfenstein ones. So one of my employees said, you should play this. So I said, okay. So I think it's returned to Castle Wolfenstein. I don't know which one it is, or new blood, new, is that? I don't, I just sit down and play it for a few hours. I don't play a lot of games, by the way. For those of you who know, I'm not much of a gamer. Not since the old days of Doom. Any plans to cover TrueNast scale? Pass through GPU on a said VM? Not anytime soon. Not till they sort out the problem with how fast this. Duke Nukem 4D. All work and no play. I don't play much because my playing is playing with networks and stuff like that. That's very fun to me. So I haven't gotten bored of playing with storage servers, networks, and engineering things. So I don't play that many video games. New blood, return to Castle Wolfenstein are both awesome. Especially cool that you play in a ratio of games. As dreams of them. Yes. Oh, I always sell people. Put PF cents on bare metal. Solve all your headaches that come with virtualizing it. I only virtualize it for demos, not in production. And it always prompts someone to get the cap stock. I have a production one that works great as a VM. It's good when it works. It's really hard to troubleshoot when it doesn't. And by the way, go spend some time on Reddit or PF cents. Every time there's a version change in PF cents, it seems like the most complaints come from the people who haven't virtualized. My son, my son's like gamer. Yeah, my son's a gamer. I'm not. What kinds of headaches? Anything related to VLANs, performance, and traffic shaping are always the challenges you have with a virtualized instance of it. Oh yes. You remember that one particular customer that was very vocal, why we don't recommend virtualizing it. I can't make that person happy. They think I should be promoting it like it's gospel. And I'm like, no, I know we do so much support. This is one of those things. Like, why do you not like the UDM Pro, Tom? Look, you know how many people contact us every single week? Another week goes by where someone bought one. It won't do what they want. So they're contacting us to try to figure out there's a way to hack it, to make it do what we want. We have to disappoint them and tell them, no. That's why we make videos that say, here are all of the reasons not to buy it. If none of those reasons are your use case, then buy it. Ask Casper Time to Go to Sisters. We gotta take the Tesla to go get the pizza. Because the truck's full of stuff. Still live. Yep, still live. Still live. You wanna say hi? Hi. All right. Well, they're wandering off. He wants pizza, so we're gonna wander off and go get some pizza. Thank you, everyone who joined. Please engage with me in the forums. Say hi to me on Twitter. Feel free to join and connect with me on LinkedIn. All the different socials we're on, Matt. So love talking to everybody here. Oh yeah, there's actually an Eric Schreit. They specifically support V-Sphere, but there's also an XTP and G write up on how to do it in there too. So, but thank you everyone who came and joined. My son is here because I've been ignoring the pizza request from upstairs. I'm here because I'm waiting. Well, he's waiting on pizza. So yes, time to get the kid pizza. Time to feed the child. So thanks everyone, have fun. And if everything goes well, I'm gonna do another live stream on Saturday morning because it helps my friends in Europe. So I know that was the consensus I got. So Saturday or Sunday morning, I'll do a stream as well. Thanks everyone and take care.