If the server is sent a signal to shutdown due to a grid outage, who is telling it the grid was restored?

Ah, I see I forgot to explain a crucial step. When the UPS detects that grid power is lost, it sends a notification to the OS. In your case, it is received by apcupsd. What happens now is a two step process: 1) the UPS is instructed to power down after a fixed time period – one longer than it would take for the OS to shut down, and 2) the OS is instructed to shut down. Here is one example of how someone has configured their machine like this. The UPS will stay off until grid power is restored.

In this way, the server will indeed lose power, shortly after the OS has already shut down. You should be able to configure the relevant delay parameters in apcupsd to preserve however much battery state you need to survive multiple grid events.

The reason the UPS is configured with a fixed time limit – as opposed to, say, waiting until power draw drops below some number of watts – is that it’s easy and cheap to implement, and it’s deterministic. Think about what would happen if an NFS mount or something got stuck during shutdown, thereby running down the battery, ending up with the very unexpected power loss the UPS was meant to avoid. Maybe all the local filesystems were properly unmounted in time, but when booting up later and mounting the filesystems, a second grid fault and a depleted battery state could result in data loss. Here, the risk of accidentally cutting off the shutdown procedure is balanced with the risk of another fault on power up.

Answering the question directly, your intuition is right that you’ll want to limit the ways that your machine can be exploited. Since this is a Dell machine, I would think iDRAC is well suited to be the control mechanism here. iDRAC can accept SNMP commands and some newer versions can receive REST API calls.

But stepping back for a moment, is there any reason why you cannot configure the “AC Power Recovery” option in the system setup to boot the machine when power is restored? The default behavior is to remain as it was but you can configure it to always boot up.

From your description, it sounds like your APC unit notifies the server that the grid is down, which results in the OS shutting down. Ostensibly, the APC unit will soon diminish its battery supply and then the r320 will be without AC power. When the grid comes back up, the r320 will receive AC power and can then react by booting up, if so configured. Is this not feasible?

To be abundantly clear, the firmware update resolved the issue you were having with the disk shelf?

I love this fact so much. MN is based. Long live l’Etoile du Nord!

Trademark law addresses confusion in commerce. So if someone boarded a flight based in part on the flag of the destination, hoping to reach the sunny shores of San Diego but instead landed at the cold shores at Duluth, then perhaps whoever drew up the ad for that flight might be liable for something closer to fraud rather than trademark violations. Maybe the Visit California department could raise a trademark challenge, but that’s an uphill battle because it’s not disallowed to use a state flag in other situations.

Texas Roadhouse, a chain of BBQ restaurants, flies the Texas flag on their buildings. And while they do heavily lean into the whole Texan thing, no one is under the impression that Texas Roadhouse is an official arm of the State of Texas, to proselytize the BBQ religion to people far and wide, or some such.

I’m not a lawyer, but I’m willing to have some fun with this idea.

A cursory review of the relevant California Government Code section 420 – blaze it! – provides a description of the California state flag, and also a picture of it. Or it would in the print version of the code. While there doesn’t appear to be a specific bit of law which authorizes the state to retain the copyright on the flag, there is case law which disallows the state from retaining copyright for “government documents”, with exceptions which wouldn’t apply here. So it’s reasonable to assume that California doesn’t have the copyright on its state flag, with it likely being in the public domain.

This would suggest that Minnesota could indeed use the flag to mean something else, the same way anyone can with public domain material. Now, if this occurs outside of California, that state could not enforce any sort of rules pertaining to how the flag is used. Even within the state, California’s authority to control how public domain material – or more broadly, any material at all – is circumscribed by the First Amendment in any case. The exception would be for those agencies and subdivisions of the state itself, which it can and does control. See Gov Code section 435, which disallows cities from having confusingly similar flags. The other exception would be uses of the flag which perpetuate fraud or some other related crime, since then it’s not the speech being punished but the conduct, which happens to involve a flag-related expression. But neither of these really speak to the flag being used by another sovereign entity within the state.

Supposing for a second – and this is where we’re really departing from reality – the several states had embassies at each other’s state capitals, but without the equivalent protections afforded by the Vienna Convention on Diplomatic Relationships. And by that, I mean each state buys land in other states, without creating sovereignty issues, owning that land as any other individual or corporation could. In such a case, if the Minnesota Embassy in Sacramento were to fly the flag of California as its own, what could California do? If they drafted a law like section 435 that applies to individuals, the First Amendment would present a barrier. If the law applies to out-of-state entities, it might run against the Dormant Commerce Clause, in a very broad interpretation of interstate commerce. If they apply it to all sovereign entities operating within the state – which would include the Minnesota Embassy, since the State of Minnesota owns it – then the thorny question of state sovereign immunity in state court would arise.

In a California state court, would the State of Minnesota have sovereign immunity? If instead of Minnesota, it were a foreign country like Scotland, the answer would be a resounding yes. But here is a state vs state issue. The proper venue would be a court with original jurisdiction over states, and there’s only one of those: the US Supreme Court.

As to what the state of California would assert as a cause of action? I suppose they could raise a criminal violation of their freshly-drafted law, with the risk of devolving into whether a US State has its own rights of free speech, which other states must respect. Alternatively, they could raise an action in equity, such as a tort (MN’s use of the flag is costing CA somehow) or defamation (MN’s use of the flag asserts falsehoods about CA).

At this point, we’re deep into legal fanfiction and it’s time to stop haha. Needless to say, I think the situation in real life would be messy if it were to happen.

Did y’all mean to say milliseconds, and not microseconds? Sub-millisecond power loss would be less time than one AC cycle, whether 50 or 60 Hz.

Anyway, I do recall seeing some enterprise gear specifying operation through a drop in AC power lasting two cycles, precisely to cover the switch to UPS power, at least for 60 Hz power. So up to 33 milliseconds. A cursory search for hybrid inverters online shows a GroWatt with “<20ms” switchover, so this may be fine for servers and switches, when the inverter is operated without any solar panels.

For consumer grade equipment, all bets are off; some cheaper switch-mode power supplies do very weird things under transient conditions.

I second this idea, if it’s feasible. As noted elsewhere in this thread, the lead-acid batteries in UPS units have a limited lifespan, even if not regularly drained. Solar and off-grid enthusiasts have determined that parity between overall lifetime cost of lead-acid versus lithium batteries was reached years ago, and now it’s firmly in lithium’s favor, mostly due to the greater number of recharge cycles.

Contraindications for lithium batteries would include:

• high local costs for lithium battery packs
• lack of space for the hybrid inverter, as they’re usually not rack-mountable
• the homelab drops below 0 C (32 F), in the specific case of LiFePO4 cells

That said, breathing life into old equipment is usually more environmentally friendly than acquiring new equipment.

With the way that the BitTorrent v2 protocol works, each file of the original, underlying torrents wouldn’t have to be re-seeded, but rather would reuse each file’s individual hash and thus incorporate those files into the meta torrent without necessarily having to download or even upload any part of the meta torrent.

That said, the .bittorrent file would be massive and might run up against certain limits in the current protocol.

HDDs also support ATA Secure Erase, although it will take a few hours rather than the few minutes it would wirh an SSD.

This answer would be incomplete without mentioning that Dell iDRAC and HPE iLO have a lot of proprietary functionality beyond what the IPMI standard requires. For example, iDRAC and iLO support rich KVM-like screen sharing, plus the ability to mount ISOs and other media onto the server. Indeed, so much more functionality exists in these implementations that a license key must be purchased to enable the most fancy features.

I will note that SuperMicro does simply call their offering as “SuperMicro IPMI” despite having a few of these proprietary features. But by and large, basic IPMI is an interoperability specification, with each implementation having their own unique strengths.

Looks like a reasonable deal. The mobo has IPMI, which if you’ve never used it, it’s a dream for server management. It’s no iDRAC or iLO, but it should work well enough for hands-off management.

From your description, this new box would not be necessarily have to be a full homelab-in-a-box but needs to be enough to run on its own, with possibly an umbilical cord to your normal homelab for regular syncing. The new box needs to be fairly user-friendly, in the sense that someone else can connect it to their monitor/keyboard/mouse, enter a password, and be able to browse all the documents.

The first thing that comes to mind for me is a NUC or other small form-factor PC, with capacity for your desired SSDs. On a daily basis, this would sit somewhere convenient, like a home or maybe off-site from your homelab, with only power and a network connection. But it would run an OS with a GUI – GNOME? – even though it mostly runs headless. All your syncing could be done with rsync or whatever, and neither your homelab nor this machine should require the other in order to function properly, retaining independence. This machine could then be easily disconnected and tested semi-annually to make sure that it will work properly when the time comes.

Is this the sort of answer you’re looking for?

Also, TIL paperless-ngx

This is a good point. Franchises are less likely to have a recognizable corporate name, if they even own the property at all. But for more established companies or long-time small businesses, the owner entity’s name might be a good giveaway as to what they did.

Recent history would be reflected in Google Street View, but that only goes back to maybe 2011 and only for some parts of the USA.

Going further back, you can try property ownership records, or even just searching for the address online, setting the time window to before the current business came to be.

Good luck! Also, when you do have everything working, back up your config. And also check to make sure your firewall is blocking inbound traffic as expected, for both v4 and v6.

I would guess that High Street in the (mostly British?) commercial shopping area sense would have evolved from “highway”, meaning a principal or main road, which in turn evolved from “high way”, being those roads constructed above grade, so that water would drain off the road into the adjacent ditches. The Romans [citation needed] tended to build all-weather roads like this.

In American English, “highway” would be an odd term to apply to a shopping district – usually referring to a higher-speed road – but in some contexts, highway is understood to be any improved road. The California Vehicle Code uses this definition, so that “highway” basically means any public road.

At least in California, roads named High Street do exist, but don’t necessarily corespondent to being physically tall over its surroundings or other steets. If anything, a typical High Street is often the same in character as another town’s Main Street, which sort-of returns to the British meaning of shopping area again, at least in small towns.

It does appear that you have addressing working but not connectivity. As I said, I’m no expert on OPNSense but I did find this thread which has some thoughts: https://forum.opnsense.org/index.php?topic=29459.msg142330#msg142330

In -> Firewall -> Settings -> Advanced. Make sure the checkbox “Allow IPv6” in enabled for obvious reasons.

As well as:

You just have to choose for hybrid Firewall: NAT: Outbound and add a rule to it:

Interface: WAN Protocol: IPv6 pass from any to any

This latter rule is… odd to me since there shouldn’t really be NAT for IPv6 to a delegated prefix. But maybe that rule is meant to effectively disable the NAT and allow traffic to pass straight through without translation, obviously after applying your firewall rules.

I don’t have specific experience with the gen7 series, but firmware updates ostensibly come as an ISO or USB image which you can boot in lieu of your normal OS to apply firmware updates. At least, that’s one of the ways I think HP would still support, in case customers are running neither Windows nor a Linux-based OS.

To rule out a cable-specific electrical issue at boot, what happens if you boot the server with the cables attached to the controller, but not attached to the d2700?

Np, it helps me keep my networking skills fresh and relevant.

I can ping things like google.com or just the DNS of 8.8.8.8 no problem

When you ping google.com, does this resolve as Google’s v4 or V6 address? In either case, this at least proves that the VLAN routing is enough to: 1) reach the system’s configured DNS server, 2) receive the DNS record, 3) send an ICMP (v6?) Echo to the default gateway, and 4) receive the ICMP Reply in response. If this works on v6, that makes sense since you have a rule explicitly for v6 ICMP to pass through. If this works on v4, I’m slightly confused why this works but nothing else does.

I can’t ping the static router address of 192.168.10.1, but I think that’s because of the rule I have in place that includes all private networks

Which rule was this? But more importantly, in the Wireshark trace, does any traffic at all from 192.168.10.1 show up as a source IP? The pings from earlier, they only need the MAC address of the gateway. But the DHCP responses should be coming from 192.168.10.1. Does anything else come from that IP? On a related note, do you see any ARP broadcasts originating from your laptop asking for any addresses on the network, such as 192.168.10.1? I’m trying to rule out certain odd situations.

I’ve got 1 collision error on the LAN, and 2 in/out errors on the vlan on the out side

While collisions are unexpected in today’s point-to-point switching topologies, if it’s just in the single digits and the vast, vast number of total frames are passing through without issue, then this is not a cause for great concern about your L2 network. To be clear, are you running 1 Gbps on the OPNSense interface and on all the switch ports?