Are you using a reverse proxy?
yes. nginx proxy manager. i setup exactly like this
using duckdns for local lan
for networking i setup jailmaker as bridged with static ip. br1.
and i created a proxy network for docker. i might have done that wrong, not sure 
docker network create proxy
The way a reverse proxy works is that all the data comes into one web server⌠which then proxies you to another web server.
Ergo everything is being shuttled through nginx. And that double handling would be expected to slow things down, especially if youâre using TLS on both sides.
HAProxy is supposed to be the fastest reverse proxy.
But this does explain why if you hit the port directly you get better speed than when hitting nginx and having it forward at layer 5 to the final destination.
And if youâre running https on either side that is even more overhead
In my own setup, my router uses HAProxy to forward to my dockers⌠but I know that costs perf⌠I just donât care 
It simplifies everything as I also use the router for acme certificate management and applying almost all the TLS basically only at the edge. And a VPN.
And the router is a virtual machine on TrueNAS 
1 Like
Oo so the issue is the usage of a reverse proxy?
I was just basically mirroring what wolfgang did. He never mentioned any of this
i was also attempting techno timâs traefik method (he did it a bit different than wolfgang. he uses a local domain rather than an external domain name)
so⌠basically if we were to use lets encrypt https valid certs, itâs for sure going to impact the performance? is that what you meant? 
Well i can work my way around it. and even if i use the duckdns for accessing the app, this 2.5gbe limit wouldnât matter much for most of the containers iâ'm using. wish i knew a better solution but this just works for now 
Yes.
The clue is in the name really âproxyâ
But If youâre happy with domain names instead of ports, you just need to realize that youâre paying for it with cpu and perf
1 Like
NETWORK: HOST
Compared to the default
bridgemode, thehostmode gives significantly better networking performance since it uses the hostâs native networking stack whereas the bridge has to go through one level of virtualization through the docker daemon.It is recommended to run containers in this mode when their networking performance is critical, for example, a production Load Balancer or a High Performance Web Server.
To do this via
docker-compose, addnetwork_mode: hostto your docker-compose file.
services:
app:
...
network_mode: host
....
And youâre going through the network bridge to get to the sandbox too.
But your forwarding into the docker bridge right?
10gbps+ is hard.
1 Like
yeah i meant, in addition to reverse proxy there is also bridge vs host.
previously on qnap i didnât bother using the reverse proxy or bridge for the container like openspeedtest and libre, which explains why i never noticed this issue. because those apps run speed test so you can tell. but other apps like say dashy, they donât run such tests, so you would not realize they had this kind of speed downgrade saddled on it.
nice to know now
1 Like
Cool project! Definitely a journey!
I bought into the QNAP universe a few year ago when they offered an alleged DAS/NAS solution.
Then discovered it was not a DAS but rather Thunderbolt Ethernet, which is great if you can dedicate a Thunderbolt port to a particular QNAP appliance. Otherwise, the QNAP will commandeer every other device on the Thunderbolt bus. Given that my MacBook air only featured a single Thunderbolt port, that was when I stopped being a QNAP customer. Thankfully, Amazon took it all back.
Anytime drives are packed that closely, I worry about temperatures. The small slits found in the QNAP and other like NASâ develop very high static pressure drops and leakage becomes a real problem. I hope you were able to mitigate your drive sous-vide issues. Given how rarely HDDs fail, Iâve taken an ever greater liking to the open tower design in the Lian Li universe. It allows me to see the SNâs without a need to remove drives or label the handles.
1 Like
Jonsbo N5 got released in computex
if you are looking for a diy case to make a nas, i would suggest that.
ample room for many pcie addon cards, graphics card, motherboard, drives etc.
then for OS, you got truenas (free) or unraid (paid). Both are zfs which is nice.
Yes i managed to migrate away to truenas. Itâs much more efficient with not much bloat.
itâs also more flexible for setting up docker. I can upgrade/downgrade my docker and itâs base at will without issue.
1 Like
Allow me to respectfully, but strongly disagree. Based on how the backplanes are arranged in that unit, I expect drives to get cooked quickly and easily.
Take a look at how supermicro backplanes are designed and keep in mind what deep fans they use to get enough flow through the chassis. Granted, SM cases expect a more intense workload but a resilver is a resilver.
1 Like
Here is a chance to have a laugh at my expense. Decided to see if there is a difference re drive temperatures of I put heat sinks on them. Didnât make much of a difference. But it illustrates how much wider the drive spacing is inside the Lian Li case than the jonesbo.
This arrangement was supposed to bring the sVDEV SSD drive temps down a bit, push more airflow over the bottoms of the HDDs above. Net, it didnât seem to do much. My target temp is 30*C per fan control with an alarm at 35 deg C and critical alert at 45 degC.
well i guess we have to wait for the review of one in actual use i guess.
not sure why they would release it if it had such heating issues if that was your worry.
saw the youtube, seemed pretty ventilated to me.
oo⌠you use heatsinks on your 2.5ââ ssd. damn thats a huge heatsink, never saw anyone use that before. is that custom made?
for my standard 2.5ââ ssd i never used any sort of heatsinks on them before. but for m.2 ssds yes for sure.
They have HDD bays in two directions - sideways and up/down. I didnât see fans arranged to pull in either direction, so I presume the fans will be in the back, pulling air from front to back, like most NAS.
JonesBo
Note how JonesBo made an effort to include ventilation holes in their horizontally-oriented backplanes but seem to rely on a big open hole above the backplane for the vertically-oriented ones. Like some NAS rack cases, this vertical design will likely need âfillersâ for unused bays to ensure that the airflow doesnât go 90% through one of more open bay(s). Similarly, unless there are ample holes in the base of the case, I donât see how the lower halves of the vertically-oriented HDDs will get cooling.
Donât think that some professional designs donât make tradeoffs⌠my MiniXL was an excellent HDD broiler, courtesy of a single fan for the HDD cage. My drives were above 45 deg C far too regularly and itâs not because I was running a datacenter here. The basic problem was the design of the hot swap tower and the fact that only one fan was pulling air through said tower. That design needed more and stronger fans.
1 Like
No, just a skived heat sink from Alibaba, 100x50 mm, IIRC. Bought a bunch to see if I could less the preference of air from choosing wide slots between SSD / HDDs to pass through as opposed to the slightly narrower slots between just HDDs.
1 Like
So this is not what I wanted to see when I opened up my headlight assembly this morning. High temp + 23 years = no more wire insulation.
2 Likes
maybe out of scope for this thread, but i just ordered a tplink EAP773 wireless access point. And also a Samsung S24 Ultra (snapdragon chipset). So i will be having wifi7 soon. So the truenas which is already 10gbe lan speeds (or close to it), will now have a client device able to take advantage of those speeds.
keep in mind, iâm not promoting others to get wifi 7 just yet. I agree with crosstalk itâs not needed and you are going to pay a premium for it. Iâm a tech enthusiast that does network testing and i can afford it. But for most people, you donât need it i just put that out there just in case people think iâm endorsing this, i am certainly not. save your money and wait before upgrading to wifi7.
so my setup is gonna look like this soon
switch:
sfp+ 10g fiber optic switch >
wireless ap (wifi7):
eap773 (10g i may have to get a sfp+ transceiver to convert to 10g base t or get a new switch that has that. this ap requires poe++ which my switch is capable of. Do not get this ap model if you do not have a poe++ switch or an injector for that) >
nas: truenas ts-877
wireless 7 client device: samsung S24 ultra (the one i am getting is snapdragon chipset. The exynos is stuck @ wifi6e fyi)
desktop pc (connected to switch also via sfp+ 10g fiber optic. for wifi itâs only wifi 6e capable on the motherboard. there is wifi7 pcie cards that support amd platforms afaik yet. maybe qualcom? but definitely not the intel yet)
so this is my lan setup for 2024 
I almost went with a Ubiquiti U7 Pro (the power requirement for this is poe+ suffices), but ended up getting the tplink instead. Iâve tried ubiquiti before itâs good, but i never tried tplink omada. So i thought iâd give that a chance this time around. I bought 1 unit for now, if it works good i may get a 2nd so i can setup a mesh.
anyway now i can do wifi7 streaming to truenas using the new hardware upgrades to my homelab 
note: the best wifi7 atm is Asus ZenWiFi BQ16 Pro because it has a combination of AFC and MLO which are killer features. but you will need a client that is wifi 7 to take full advantage of that. which is not many devices, and they all cost an arm and leg including the zen wifi itself.
1 Like
Keep in mind that advertised WiFi speeds are about as reliable as advertised internet connection speeds from Comcast (a big US ISP). Your WiFi may end up being super quick but between building obstructions, metal objects, etc. the signal will degrade pretty quickly, particularly at 4.8 and 6 GHz.
Thatâs one reason that 2.4GHz is so popular despite its shortcomings re: bandwidth - it offers superior range.
In practice, I have to be very close to my WiFi 6e base stations to get anything close to gigabit service. As a result, I hardwire whenever I have a lot of data to transfer. I also hardwire everything I can in general to maximize available WiFi network bandwidth.
I look forward to hearing about your experience with TP link, In my extremely limited experience, I have found their post-sale software update cycle to be less impressive than UBNTs.
2 Likes
actually there has been a slew of them over the years and even recently
my observation so far, unlike the deco series (note: i never used a deco, though researched about it a lot), the omada series does not require usage of an android app to manage the wireless ap. Also you are not forced to sign in with a tplink account or enable cloud (though you can if you want to. though why would you?)
the UI isnât as nice as ubiquiti which i would rank as S tier.
But that said, functionality and features, tplink does a good enough job that itâs functional and clean enough if not exactly as stellar as the ubiquiti.
Ubiquiti goes further especially for the recent u7 pro max series, where they added a wifi heatmap so to speak
tplink omada does not have fancy things like that.
a shame, but at the end of the day all i care most is the performance.
thats my take so far. i should get the parts in 1-2 weeks time roughly
note: one thing to keep in mind, for certain configurations, you are expected to have the controller running because you donât, your wifi ap access might no longer work
Reddit - Dive into anythingso i will have to keep my truenas running the docker omada controller if i expect to have wifi access. just something to be mindful. cause if your truenas gets taken down, your wifi might go down with it
compared to ubiquiti unifi, unifi seems more flexible/forgiving in allowing the ap to continue operation even if the controller goes down. but refer to the reddit that explains any possible caveats for unifi in that scenario.
1 Like
One thing Iâm not a huge fan of re Uniquiti is the heat. Their APs are designed to cool passively and reach impressive temperatures.
1 Like