Відео

Hi! Yes it's on my todo list. Will do!

Nawet mam coś takiego rozgrzebane tylko muszę dokończyć (tunnelbroker.net/ oraz www.tunnelbroker.ch/). Tworzenie tunelu, konfiguracja sieci, itd. Nie wiem tylko czy pokazać to dla Linuxa czy dla Mikrotika, itd. bo każdy ma inny router.

Will do!

Agree !

Thanks!

I need to check but I believe it's not possible. For sure it can pass IP in X-Forwarded-For but that's HTTP. Will get back to you.

@@LinuxCloudHacks thx

Thanks! 1. I don't believe they restrict bandwidth in free tier but it's a shared infrastructure so no SLA. Moreover in free tier they don't offer you all of their POPs. But from my experience is pretty solid. BTW I did play with routing only (no socks5) but it's a pain to setup. 2. Sure you can do DDNS but folks don't always have access to the router (sometimes it's owned by ISP). 3. Not exactly. As per documentation it's an extension to http3 that allows you to tunnel tcp/udp/ip. You can look at FRC9484 for more information or Cloudflare docs.

Welcome!

What is the exact command you are running and what error are you getting?

@@LinuxCloudHacks /container/add file=usb1/images/pihole.tar envlist=pihole interface=veth1 logging=yes mounts=etc_pihole,dnsmasq_pihole root-dir=usb1/pihole start-on-boot=yes Ele começa a descompactar e dá erro.

@@LinuxCloudHacks /container/print 0 name="85fec326-98a6-420b-9399-c914a059bf84" tag="pihole/pihole:latest" os="" arch="" interface=veth1 envlist="pihole_envs" root-dir=usb1-part1/pihole mounts=etc_pihole,dnsmasq_pihole status=error

Hi! To setup a QUIC tunnel between Server and Client please do - on the server: bindPort = 7000 quicBindPort = 7000 On the client: serverAddr = "a.b.c.d" serverPort = 7000 transport.protocol = "quic" Then you define reguar [[proxies]] section. Not sure what are you trying to do but I have a video on building a quic/masque tunnel for socks5 here ua-cam.com/video/oiqc5xbNmks/v-deo.htmlsi=JN42i2nWdynBObJq

Köszönöm szépen! Kérem, tudassa velem, ha van ötlete a Kubernetes videóhoz.

I'm planning to do a video on ShadowSocks/V2Ray/Xray etc.

Thank you! Will do!

Hi! It's on my todo list! Cheers.

Hi! At first sight they may look similar (as both use Wireguard) but they use different concept. Tailscale/Netbird is a mesh vpn - it tries to establish a direct connection between the sites using UDP hole-punching vs WARP connects to the nearest Cloudflare datacenter and routes the traffic via Cloudflare infrastructure (like a hub and spoke). If Tailscale/Netbird is unable to perform hole-punching it will relay the traffic through one of the relay servers (that's usually slower). Cloudflare on the other hand will always work with the same performance as the connection is outgoing from the client to the Cloudflare datacenter. Moreover once you connect to Cloudflare your Internet traffic will go out via their gateways (you'll have a public IP from Cloudflare's network). WARP also has this concept of ZeroTrust and allows you to perform network, DNS and HTTP filtering, AV scanning, SSO, protection of applications etc. It can also support MASQUE VPN that is harder to detect and block vs Wireguard (as it uses HTTP/QUIC). By no means I'm trying to discourage Tailscale/Netbird as those are fantastic products, where you can setup exit node or site to site VPN in 3 minutes. I'm just saying those two are similar but at the end of the day have different concept/assumptions or how to call it :) When you have few moments please look at this ua-cam.com/video/6z2yvDPc-og/v-deo.htmlsi=KUwkmKXOYpW2Kl0J

Thank you!

Thanks for the visit!

Appreciate it!

Myślałem nad tym, ale na razie brak czasu :(

Hi! Both are great ideas and I'll work on both videos. I'm working on Zero Trust model already where different groups/users have access to different things + Google Authentication to protect apps. As far exposing PLEX to the Internet via CloudflareD, please watch my video ua-cam.com/video/2RF7hTSYU24/v-deo.htmlsi=JzEQrCJkjb9_1cIF You need to set PLEX to use HTTP only and then in the Cloudflare SSL/TLS options select Encryption Mode = Flexible.

Please check my latest video - it shows how to use groups ua-cam.com/video/7wO-qbMo1nw/v-deo.htmlsi=ECVy-LwX8r0MSYl5

Hi, I'm using Kitty and also sometimes Alacritty. It's more about terminal multiplexer. I'm using TMUX. Here's a video on how to set it up ua-cam.com/video/IefbabgRpSg/v-deo.html and ua-cam.com/video/h-kitk6enyw/v-deo.htmlsi=0TCq_BlfE09of8H4

Hi! At first sight they may look similar (as both use Wireguard) but they use different concept. Tailscale is a mesh vpn - it tries to establish a direct connection between the sites using UDP hole-punching vs WARP connects to the nearest Cloudflare datacenter and routes the traffic via Cloudflare infrastructure (like a hub and spoke). If Tailscale is unable to perform hole-punching it will relay the traffic through one of the DERP servers (that's usually slower). Cloudflare on the other hand will always work as the connection is outgoing from the client to the Cloudflare datacenter. Moreover once you connect to Cloudflare your Internet traffic will go out via their gateways (you'll have a public IP from Cloudflare's network). WARP also has this concept of ZeroTrust and allows you to perform network, DNS and HTTP filtering, AV scanning, SSO, protection of applications etc. It can also support MASQUE VPN that is harder to detect and block vs Wireguard. By no means I'm trying to discourage Tailscale as it's a fantastic product, where you can setup exit node or site to site VPN in 3 minutes. I'm just saying those two are similar but at the end of the day have different concept/assumptions or how to call it :) When you have few moments please look at this ua-cam.com/video/6z2yvDPc-og/v-deo.htmlsi=KUwkmKXOYpW2Kl0J and ua-cam.com/video/oiqc5xbNmks/v-deo.htmlsi=Vjm33As_dHekLvSz

Thank you so much! our support really means a lot and helps me keep creating quality content.

Dzięki! Probuje jakoś rozkręcić kanał, ale na razie marnie mi idzie :) Pomyślę nad polską wersją (pewnie nowy kanał) w przyszłości.

@@LinuxCloudHacks Tematy raczej trudne więc i popularność chyba nie będzie wielka. Kiedyś były filmy OneMarcFifty ale się skończyły (te były jakby bardziej na moim poziomie). Jest Apalard's adventures, ale męczę się tam z angielskim-amerykańskim. W sumie z wartych uwagi jest jeszcze tylko Jim's garage i tyle. Reszta to mniej lub bardziej reklamy produktów. Trzymam kciuki bo robisz świetną robotę. Im więcej oglądam tym bardziej jestem pod wrażeniem. Kolejny odcinek o ipv6 byłby dobry. Ten apalarda jest dla mnie za szybki.

Kanały o których wspomniałeś, super, ale bardziej nastawione na budowanie homelabu, domowego firewalla etc. Ja dalej szukam swojej niszy :) ale celuje w przecięcie szerokopojętej sieci oraz linuxa, cloudu, serwisów, etc. itp. bardziej od strony profesjonalnej a nie homelab. Native speakerzy mają dużo łatwiej by się przebić, a też mechanizm promowania filmów przez YT jest jaki jest :) No nic. Walczymy :)

Hi! Yes, it's on my todo list so please stay tuned!

Hi! So for example you have one Windows PC is the office and one at home and would like to access all office network from the home PC?

Hi! I'll need to reach out to Cloudflare as this feature is non-free. We'll see if they allow me to test that in a youtube video.

Glad to hear that! Thanks!

Thanks!

Glad you liked it!

Glad you enjoyed it!

Welcome!

Hi! Please look at 'lvs_sync_daemon' option of keepalived. It allows you to synchronize connection states between primary and backup load balancers (assuming you are doing IPVS). I'll try to find some time to make a video about it. In the meantime you can look at my IPVS video ua-cam.com/video/DzCBp2CXsYQ/v-deo.htmlsi=ss-Qvwdi7objdk9_

Hi! Thanks! To your question - sure we can use a BGP route reflector but I just wanted to show the most basic setup.

Thanks! Let me play with it and get back to you.

Hi! Not sure if I get the question right. You need Linux with packet forwarding enabled if you want your WARP agent to act as a gateway between the WARP tunnel and the target network. If you are only the client then it does not have to be Linux. For example: Windows WARP agent -------------> Linux WARP agent ----------> Private Network

@@LinuxCloudHacks​ ​⁠I successfully configured warp tunnel and confirmed I can ssh from my Windows computer with WARP client installed to WARP agent server by designating IP address assigned by Cloudflare WARP as ssh destination address! I appreciate your help

Great!

Thanks! Tailscale is using WireGuard under the hood so if you establish direct connection (not via relay) it will always be faster than ZeroTier.

Hi! Thanks! You mean enforcing network policies using Cloudflare Gateway? Or there's something else you'd be interested in?

@@LinuxCloudHacks I am enjoying your videos a lot. I am in the progress of ingressing a tailscale connection to headscale via a Cloudflare tunnel, because in Cloudflare I can have only 50 devices. My plan is to use tailscale for my team, and warp for the clients, but I'd like that the exit of the local vlan would be Cloudflare, so both the team and clients could have the same exit. I am planning to use as many resources from Cloudflare as possible becasue thanks to you I discovered the new stuff. When you mentioned the Zero Trust Gateway in the previous video, that put me to research but I think I still have pieces missing, anyway thanks to this last one I am building the network. Basically I am planning to set the gateway of my network to Zero Trust using the Warp client. Thank you again!

Hi. I'm planning to do a video on how to implement a ZeroTrust model as it's not only about accessing the internet but also connecting to internal servers, protecting applications etc. so please stay tuned. As far as 50 users limit - it's only for the free version. Higher plans don't have that limit. This is a popular business model :) you start using a product, you like it, then you company grows and all of a sudden you either need to change to something else or pay. And usually you pay :)

@@LinuxCloudHacks wow that is amazing. We actually use several cloudflare warp tunnel containers in our infra, one for each client, so each one of them can use the 50 devices limit, and we have one for our own access, plus other tools like the nginx proxy manager to allow access only to that client needs. That part that you just mentioned would be amazing to fill some doubts that we still have, how to protect applications for instance for different departments like accounting, dev, and others :) thank you!!!!

You are welcome!

Happy to help!

Thank you! Yes, it's on my TODO list. I'm planning to show Grafana Cloud/Loki among few other things.

Thank you so much! I'm glad you enjoyed it!

Thank you so much!

Hope you enjoyed it!

Thanks! Glad you like it!

Hi! Usually in container based environment you don't modify the container but destroy it and deploy an updated version. However if you'd like to get to the container shell please try logging in to your Mikrotik device, starting console and running "/container/shell 0" command? (or whatever number the container is - you can check the number with /container/print". Let me know if that works.

@@LinuxCloudHacks Hi! Thanks for your answer!!!! This is the print out about my container env: [Andrea74@MikroTik] > cont [Andrea74@MikroTik] /container> print 0 name="3ad77d62-75f4-437d-9817-6cd4ce6d1f09" tag="pihole/pihole:latest" os="linux" arch="arm" interface=pihole_VETH envlist="pihole_envs" root-dir=/usb1/pihole mounts=pihole,dnsmasq start-on-boot=yes status=running

​@@LinuxCloudHacks [Andrea74@MikroTik] /container> shell 0 root@MikroTik:/# from this may i use the ssh commands?

​@@LinuxCloudHacks [Andrea74@MikroTik] /container> shell 0 root@MikroTik:/# pihole -up Function not supported in Docker images everythink works but the -up command!!!! 😭😭😭

Unfortunately that is true. If you want to update container based installation you need to remove the container and deploy a new one (with newer version). Need to check if it's possible to do it in automated manner.

Happy to help!

Hello! Unfortunately it's not possible. Cloudflare WARP is primarily a VPN service that allows you to securely access Internet, apply policies, SSO, interconnect nodes or sites etc. There's yet another service called CloudflareD that allows you to expose services to the Internet but it's only for HTTP/HTTPS.

Thanks!

Come to find out the usb drive needs to be formatted with ext4. Works now - thanks 🙂

Glad you figured it out. And I'm sorry. Forgot to mention that Mikrotik only supports ex4, exfat and fat32.