Sep 29 14:54:58 pve1 kernel: e1000e 0000:00:1f.6 eno1: Detected Hardware Unit Hang:
                               TDH                  <22>
                               TDT                  <bb>
                               next_to_use          <bb>
                               next_to_clean        <22>
                             buffer_info[next_to_clean]:
                               time_stamp           <100cb7acb>
                               next_to_watch        <23>
                               jiffies              <100cb7d99>
                               next_to_watch.status <0>
                             MAC Status             <80083>
                             PHY Status             <796d>
                             PHY 1000BASE-T Status  <3800>
                             PHY Extended Status    <3000>
                             PCI Status             <10>
...
...
...
Sep 29 14:55:07 pve1 kernel: e1000e 0000:00:1f.6 eno1: Reset adapter unexpectedly
Sep 29 14:55:07 pve1 kernel: vmbr0: port 1(eno1) entered disabled state
Sep 29 14:55:07 pve1 kernel: vmbr0v20: port 1(eno1.20) entered disabled state
Sep 29 14:55:07 pve1 kernel: vmbr0v30: port 1(eno1.30) entered disabled state
Sep 29 14:55:11 pve1 kernel: e1000e 0000:00:1f.6 eno1: NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None
Sep 29 14:55:11 pve1 kernel: vmbr0: port 1(eno1) entered blocking state
Sep 29 14:55:11 pve1 kernel: vmbr0: port 1(eno1) entered forwarding state
Sep 29 14:55:11 pve1 kernel: vmbr0v20: port 1(eno1.20) entered blocking state
Sep 29 14:55:11 pve1 kernel: vmbr0v20: port 1(eno1.20) entered forwarding state
Sep 29 14:55:11 pve1 kernel: vmbr0v30: port 1(eno1.30) entered blocking state
Sep 29 14:55:11 pve1 kernel: vmbr0v30: port 1(eno1.30) entered forwarding state

When I saw these messages I thought my switch was acting up. I was almost ready to purchase a new switch but then upon further googling I landed in this forum post.

Turns out this specific model is known to be freezing from time to time when segmentation is done by the NIC. This comes enabled by default when installing Proxmox. A quick fix suggeested in the post which worked for me was to simply disable the TSO and GSO flags on the specific interface. On runtime this can be disabled by executing ethtool -K eno1 tso off gso off.

To make the changes permenant, the following line should be added in the /etc/network/interfaces file:

post-up /usr/bin/logger -p debug -t ifup "Disabling segmentation offload for eno1" && /sbin/ethtool -K $IFACE tso off gso off && /usr/bin/logger -p debug -t ifup "Disabled offload for eno1"

e.g.

One more issue I faced was very slow throughput when playing videos from Jellyfin.

Noticed that throughput was very low regardless whether I’m using the docker traefik or the one in my kubernetes cluster, while the original traefik container on my Unraid

After drilling down that issue seems to be specific to my Proxmox node, I checked whether the 1Gbit/s speed was properly negotiated as suggested in this other forum post.

Executing ethtool eno1 showed me the following output:

root@pve1:~# ethtool eno1
Settings for eno1:
	Supported ports: [ TP ]
	Supported link modes:   10baseT/Half 10baseT/Full
	                        100baseT/Half 100baseT/Full
	                        1000baseT/Full
	Supported pause frame use: No
	Supports auto-negotiation: Yes
	Supported FEC modes: Not reported
	Advertised link modes:  10baseT/Full
	Advertised pause frame use: No
	Advertised auto-negotiation: Yes
	Advertised FEC modes: Not reported
	Speed: 10Mb/s
	Duplex: Full
	Auto-negotiation: on
	Port: Twisted Pair
	PHYAD: 1
	Transceiver: internal
	MDI-X: on (auto)
	Supports Wake-on: pumbg
	Wake-on: g
        Current message level: 0x00000007 (7)
                               drv probe link
	Link detected: yes

Disabled auto-negotiation and configured 1Gbit manually: ethtool -s eno1 speed 1000 duplex full autoneg off

root@pve1:~# ethtool eno1
Settings for eno1:
	Supported ports: [ TP ]
	Supported link modes:   10baseT/Half 10baseT/Full
	                        100baseT/Half 100baseT/Full
	                        1000baseT/Full
	Supported pause frame use: No
	Supports auto-negotiation: Yes
	Supported FEC modes: Not reported
	Advertised link modes:  1000baseT/Full
	Advertised pause frame use: No
	Advertised auto-negotiation: Yes
	Advertised FEC modes: Not reported
	Speed: 1000Mb/s
	Duplex: Full
	Auto-negotiation: on
	Port: Twisted Pair
	PHYAD: 1
	Transceiver: internal
	MDI-X: off (auto)
	Supports Wake-on: pumbg
	Wake-on: g
        Current message level: 0x00000007 (7)
                               drv probe link
	Link detected: yes

After having these in place, my cluster has been running perfectly fine for almost a month now with nohiccups!

The port forwarding function can be found in Advanced Settings > NAT forwarding > Virtual Server. Do note the name and location of this function can vary between brands and even models of the same brand.

Here I just need to make a new entry to point the external port 443 to my Unraid internal IP with port 1443.

To put it simply how this works, anyone who tries to access your public IP address via https or port 443 will be redirected to whatever local IP and port you specify. Now you can try to access your external IP with http or whatever and your connection should be forwarded to the correct service. In the example below nc.su-root.net is pointing to my public IP and internally getting forwarded to Swag.

For us who don’t want to pay more for a static IP, luckily there is a service called dynamic DNS. This is, for most of the time, free and should be supported by most modern home routers.

What is Dynamic DNS (DDNS)?

Let me explain this in layman’s terms. First, DNS stands for domain name service. A domain is the name you type when you want to access a website such as www.google.com or www.su-root.net. Domains will always be mapped to a public IP address as long as it’s registered.

Normally, a website will have a static public IP throughout its lifetime unless it is moved to a different server. For websites hosted by hosting companies such as AWS or Bluehost, the mapping of the IP address to a domain name is most of the time managed by them. This is as long as the domain provider is configured to use their nameservers.

For private hosts running behind a normal internet service provider, this is where DDNS comes into picture. If your ISP keeps changing your IP address (e.g. daily or weekly), then DDNS keeps track of this and updates their records automatically (as long as your router supports this feature). This is the best way for people who don’t want to acquire a static IP that incur additional costs on their monthly bill.

How do you configure Dynamic DNS?

Now let me walk you through how to configure it with the help of my home router. Before anything else you need to create an account from a DDNS provider such as no-ip.

From the Dashboard, go to > Dynamic DNS > No-IP Hostnames then click Create Hostname.

Input your preferred hostname and select any of the free domains. Keep Record Type as DNS Host (A), input your current public IP address, and proceed to create the hostname. You can check your IP here if you don’t know it yet.

Next is to configure the DDNS on the router.

What I have is a TP-Link Archer A10 from 3 years ago and it still works perfectly fine without any hiccup. Like I said, most modern routers should support DDNS, but if yours don’t and you plan to walk the path of self-hosting, then you can get a new or even a used one for just a couple of bucks.

Login to your router’s web GUI. This is, for 99% of the time, the same as your default gateway IP. Mine happens to be “http://10.0.0.1”. You can also check your current WAN IP from here.

Next, go to the dynamic DNS configuration. In my case it’s under Advanced Settings > Network. Select NO-IP, input your credentials and the newly created domain. Save.

From here on your router will keep updating your DDNS (No-IP) every time your IP address changes. To verify if your configuration is working, you can do a DNS look up and check if it’s correctly mapped to your IP.

This is the first step to the path of self-hosting and once you have the services running on your server, then you can expose them later on by port forwarding which I will be covering in a different post.