13

I have a VM running Immich on an outward facing vlan on my main server. I have a old dell with some GPUs in them running llm/ml workloads, on my internal, private vlan. The outward facing vlan can not talk to any other networks other than the internet. I wanted to use the old dell as the remote ML server for Immich, and am looking for possible solutions to my problem.

I have an intel dual x540 nic in the old dell as well as the built in gigabit. I was going to attempt to run the x540 on the external vlan, allowing the old dell to be seen on both networks. Just was not sure if this was the easiest or or most secure solution. I could also set up a wireguard connection between them, but wasn't sure about bandwidth or any other issues that would come with that setup. I was also contemplating just putting the old dell on the same vlan, which there is nothing important or critical on it, just always like to practice best security.

Am I on the right track with wireguard? it seems like it would be the easiest to set up and most secure. Or am I overlooking some other solution someone is using for this predicament?

top 4 comments
sorted by: hot top controversial new old
[-] SwingingTheLamp@midwest.social 5 points 3 days ago

I feel like there's a lot of information missing here. VLANs operate at OSI layer 2, and Immich connects to its ML server via IP in layer 3. It could talk to a remote server in Ecuador over the Internet, so the layer 2 configuration is irrelevant.

What you have is an issue of routing IP packets between subnets. You just need to set up a rule on your router to allow the Immich server on the Internet-facing IP subnet to connect to the correct port(s) for the ML server on the private subnet. Or maybe use the router's port-forwarding feature. Lacking further information about the setup, I have to be vague here. In any case, it's conceptually the same as punching a hole in the firewall to let IP packets from an Immich server in Ecuador get to the ML server on your private subnet, except that the server is not in Ecuador.

[-] snekerpimp@lemmy.world 1 points 2 days ago

Thank you. I knew I was overthinking it. I know I was being vague, wasn’t sure how much info is too much info when it comes to troubleshooting networking.

[-] phanto@lemmy.ca 1 points 2 days ago

I have immich running in a VM in proxmox... There's ML? What does it do? I have internet facing stuff behind a reverse proxy, but I use two different subnets for different kinds of traffic, no issues. My 192.168.0.0/24 network does not everything, but I move files around Plex and immich and stuff on a separate 192.168.3.0/24 network. I imagine you could do the same thing without too much trouble.

[-] snekerpimp@lemmy.world 1 points 2 days ago

I’m trying to figure out what the ML does. I’m pretty sure it does image recognition and helps with searches. I don’t really need it, but I’ve got the graphics cards just sitting there not doing anything. I’ve also thought about splitting the Nvidia p4 in my main server, since it’s supported by grid, and that would solve my issue as well. We will see what I feel up to trying today.

this post was submitted on 21 Dec 2024
13 points (100.0% liked)

Selfhosted

40717 readers
382 users here now

A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.

Rules:

  1. Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.

  2. No spam posting.

  3. Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.

  4. Don't duplicate the full text of your blog or github here. Just post the link for folks to click.

  5. Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).

  6. No trolling.

Resources:

Any issues on the community? Report it using the report flag.

Questions? DM the mods!

founded 2 years ago
MODERATORS