#networking

well then you should be able to get some moca adapters

just make sure to put a moca filter on

between ISP and your house network

k thx

Also with Powerline, they don't like extension cords, power strips, or breakers. (Basically they don't like additional "connection points". So it's best to plug them directly in to wall outlets and if possible, have them on the same breaker as well.

I feel like this should be illegal.
student accommodation wifi, so you’re using unencrypted wifi for 1-3 years

I have no problem doing sensitive things on public networks without VPN, why dont you?

literally doesnt matter with https

Also the difference between secured wifi and unsecured wifi is really small when using just standard security

@rocky badge is your uni unsecured?

no

Only the guest wifi is open

students and everyone else has to use a WPA2/3 enterprise network

BRAVE, using 3 already

My accommodation’s private btw, the uni network is encrypted

But, surely someone on the wifi could look at the packets tho

yeah, but the packets are encrypted because of https

most traffic is encrypted now

thats why I hate youtubers who advertise VPNs

Ikr

Fair enough

set your windows to "public" network and thats all the security you really need

non-https is so rare now

I think it’s public and I think I have auto upgrade for https so I should be good

Would they have any reason to have it unencrypted tho?

easier to have people join

also

You still have to sign in, and you have to manually add your devices MAC addresses

oh

then idk

You have to make an account, it’s really annoying

all we have to do for uni network is sign in with your uni account credtials

radius auth

guest wifi here just a captive portal terms of service

but everything else is ad creds

Uni you sign In with your uni account but the accommodation wifi is a private company for sign in

Residence halls are through apogee which is Azure SSO

but you gets a PPSK

residence halls have the same wifi as everywhere else

We’re also only allowed 5 devices unless we want to pay £10 a month

@rocky badge also

library pcs I think also have global IPs

lol nice

yeah every wired device here has public’s

yeah that's how it seems for the most part

idk about the engineering CAD labs, haven't checked

I think we have internal ips??

have you tried making two wifi devices talk? they probably block that

look at blob with a $1000 phone

Could try

lol

blob do be fancy

that part sounds like the real scam lol

college housing is such a racket

my second year i moved from a 4 person suite on campus in a shitty neighborhood to a bigger and totally private studio apartment in a really nice neighborhood and paid less

(it was still tiny though lol)

Yep.

tbh 5 devices as quite a few for a single student

Phone, tablet, a PC, games console...

If you want more than that just set up a router with NAT as one of the five devices

Hey guys, this is my plan for setting up my own network in my dorm. I’ve gotten as far as connecting a device to the internet through my laptop acting as a wifi-to-ethernet bridge. However, when I connect my router to the laptop instead of my test device and then connect my test device to the wifi network created by my own router, I don’t have internet access. I suspect it’s either a DNS issue or some kind of firewall problem. Or maybe the router doesn’t have the correct gateways and stuff configured. But I don’t know how to validate all my settings. Any ideas how I can troubleshoot this?

I actually have a good idea why that's happening, and it's related to what this is describing: https://wiki.mikrotik.com/wiki/Manual:Wireless_Station_Modes#802.11_limitations_for_L2_bridging

Have you considered sidestepping the problem entirely by just setting up a virtual AP on your router, setting it to station/client mode and connecting to the upstream router with NAT?

If I read this correctly, it refers to wireless bridging. But I am bridging via ethernet.

Not according to your diagram you're not

In my text I'm specifying that my laptop acts as a wifi-to-ethernet bridge.

Your diagram talks about a wifi-to-ethernet bridge, with the laptop acting as a station

Maybe I worded it the wrong way.

If the laptop is a station, the above link applies

Maybe I meant ethernet-to-wifi bridge?

Yes

I don't know which way around those things are specified.

See the above link

It's because you can't bridge a network to WiFi from a device acting as a client without some meddling

The laptop is connected to the network via wifi and supplies my own router via ethernet.

I have acknowledged my understanding of this multiple times

That's why you're having problems

I'm sorry, I'm not a native speaker, maybe I'm misunderstanding.

You are using a pure bridge on the laptop between the interfaces

Doesn't work

Yeah, so it works when connecting another computer to the bridge but not with a router?

No.

Devices which are not the laptop connected to the bridge will not receive traffic back

Because of differing MAC addresses

There are ways to work around it, but you likely don't have access to them bar setting up NAT on the laptop

But doing it on the router is more sensible

But I connected a PC to the Ethernet side of the bridge and did receive packets.

I have no access to the host router of the dorm network.

Yes

You received packets from the laptop, correct?

I could access google.com

So the packets did get routed

from Google
[...]
to the gateway of the dorm network
to my laptop (via wifi)
to my PC (via ethernet).

Or what did you mean by this? It wasn't just local packets.

your design is too complicated

look at products like this https://www.amazon.com/TP-Link-Wireless-Travel-Router-TL-WR902AC/dp/B01N5RCZQH

@waxen scroll @clear igloo I'm gonna reverse engineer this control API...

Nice, what for?

🤔

its not that hard but its all through WebSockets

Crestron

why not ask them for the manual

There is none

https://www.crestron.com/getmedia/29921c49-86df-488c-a63b-ab88620d7175/mg_pg_rest-api-crestron-virtual-control

Is there a noticeable difference between wifi 6 and 6e

in terms of what?

speed and latency within about 15-20 feet of the AP or router?
Yah
Beyond that? not really

6E is crazy in like an ideal situation

like actually getting gigabit over wifi

but you have to be super close

So if I have a WAP (wireless access point) in my room it'll be great?

guys i have a serious problem , i broke my tp link archer c20 trying to flash openwrt , now am trying to flash original fremwere using tftp , it accepts the firmwere but reboot in same state 🥴🥴🥴

Do you have access to the UART serial console?

Your speeds depend on the devices you are using also

So it begins...

All of my network cable are attached to fake 8E

trying to setup a server rn and for some reason i can connect to port 8080 but not port 443 even though both are being listened on and both are enabled in firewall. when using tshark to examine the packets i noticed that on port 443 after getting the syn it sends a rst/ack instead of a syn/ack like on 8080. no idea why and looking for help

Is https enabled on your server?

Someone scanned your IP probably

Pretty normal

in the corporate world this usually means a firewall or IPS is in the path and is responding on behalf of the host

Ended up figuring it out. Was just a misunderstanding with setting the port in docker compose since the docs were kinda confusing lol

Needs more work. Waiting for more things. Another patch panel, Ethernet cable to do custom length cables, and a power distribution box.

What do you guys think from that stupid panel that was there before

It's still messy, but hopefully in the next month or two I'll have more time to re-do the wiring

Is wifi 6e worth it over wifi 6? (Ping on reply thx)

I'd say wifi 6e is worth it if you are in an area congested with 2.4Ghz and 5Ghz

Worth like 20 extra bucks?

Is there a lot of wifi in your area and is yours slow?

I'm still using 2.4 and 5 because I don't really benefit from the higher ones. The only things that use the wifi is my TV, phone and my cameras

Plus your devices connected to it would have to support it to actually benefit

If you not gonna swap it in 3 years I would say get 6e over 6 but depends a lot over your location

My area has pretty good wifi

Probably a very stupid question but can't find a straightforward answer. How do you forget a wifi network in command line only Linux? I'm repurposing an old laptop as a server and for ease of setup I had set up wifi during Ubuntu server install but now I want to use it on ethernet only and not have it communicate over wifi that might take away bandwidth from other devices

https://linuxconfig.org/ubuntu-20-04-connect-to-wifi-from-command-line OK this worked except I nuked the file not edited it lol

either that

or you use iwd , iwd is perfectly easy to use

Any advice on ubiquity gear for a three story concrete house?

you probably want in wall units

U6-IW

in every other room if you can afford it.

Concrete is horrible for WiFi

Oof alrighty, so a mesh system probably won’t suffice?

Probably not.

What country are you in?

The Netherlands

if you have coaxial cable in the walls you can use MoCA

and get a 2.5 gigabit Ethernet link

No clue if we have that, we just moved in here. We have a coaxial plug in the living room. But none upstairs

Ah. You can try a mesh system but I would think the concrete walls would seriously decrease the signal

your best option is probably running CAT6

Would love that, but my mother is like: Nope, not gonna drill into any walls. And I don’t want any visible cables going up the stairs.

See if you can get a WiFi 6e mesh system

The increased bandwidth should help a bit

buy it from somewhere you can return it to if it doesn’t work out

Alrighty, I’ll give that a try. Thank you!

no problem!

For wires could look at cable channels

To hide them

yo

anyone knows how to fix my shitty wifi? i live on a school home, and there is only wifi, so i had to buy a usb wifi adapter

but my internet is slow af and when i play rocket league, im lagging like crazy

is it better to buy a pcie network card instead of a usb adapter?

or is there a fix

Could use a wireless router and use it as a repeater then wire straight into it. This would basically allow you to place it somewhere where the signal is better without moving pc

Usb wifi dongles usually suck

Or use a repeater with an ethernet out port

hey umm does anyone know how to get rid off ip conflict warning?

never mind i fixed it

What your internet service profider

KPN

Ok

KPN is roling out fiber in the netherlands slowly so ask them what you have

We have copper temporarily, they will be connecting fiber here at the end of November.

They have disabled copper in this area altogether.

But the house we bought used to be rented.

The last person that lived there was over 70 y/o, so they refurbished the entire house. But I think she didn’t use internet at all.

Yea since your getting fiber in november ask kpn about their line of accespoints

They do provide mesh network points. Problem is, you have to rent em.

And they aren’t that great

Yea they changed it

They used to have wired ap's

Sadge

In our old house we had wooden floors and brick walls, so one wired AP connected to our router & modem was enough to provide a stable connection throughout the entire house. Even on my room in the attic we still had 200Mbps.

Not perfect, but certainly good enough.

Could we continouy this conversation in dms since were both dutch so its saves on translation

Sure, but I’m off to work. So it will be a while before I respond

(Internship)

smoothly sliding into DMs

pls dont

can ufw be used to deny connections to/from a specific user?

@peak cloak Here... In rules.v4 I can specify a rule like this to drop connections from a specific user

but this is iptables v4 and I dont know how to make these rules for v6 too... Was thinking if ufw can be used for this instead

Don't think so

I've never had the need to block things based on user

In this case, the minecraft server itself runs through tunnels (which are setup on all my friends' end devices). Minecraft server doesn't really need to connect to internet to function (have to keep it in offline mode since it's behaving as LAN-Only mode, logically)

I've always kept things as restricted as possible when it comes to networking because if hypothetically, log4j exploit was tried on this server over internet a few years ago, wouldn't work... Also I'm using a lot of mods with fabric and don't want any potential security problems

Does someone know where i can buy 5G NR usb dongle for pc, antenna input is also an good option

You can just block inbound from Ethernet to Minecraft

And that'll do it

Yeah you can can restrict every single little thing, but for me it's impractical

Already done... also - the server is modded and any potential malicious code in any mod on the server also won't be able to connect since I've also denied outbound to that user as well

This current vps is for personal use only, atmost letting a few friends access it in my area (similar subnets) so it's easy... Next setup I'll try won't be shielded by vps cloud firewall like this so

Has anyone used fail2ban?

yes, a long time ago. I couldnt tell you how to configure it right now

you should probably migrate to certs rather than passwords anyway

it's a good thing to have set up (if nothing else to reduce noise in your logs)

but you should have either cert auth or at least pubkey auth and disable password login completely

if you disable password login, you really don't strictly need fail2ban

can't really brute force 4096 bit rsa

well, if you can you have more exciting things to do

i need some help with speeding up steam download speeds

does anyone know any tips

connect by ethernet

get a faster internet plan

Download more ram

Depends on cpu also

Downloads depend on certain things like: Internet speeds, storage speeds, and CPU handling. Not sure what your specifications are but use this as an example

If your download speed from your ISP is 1Gbps, you are going to get that throughput from your ISP. I know in my state, probably within the United States, ISP's can claim 80% of 1Gb is 1Gb. However, if your storage media within your computer does not read or write data at 1Gbps, you will not get the performance and speeds from your network. You will be hardware limited due to the slow HDD or shitty SSD. Make sure that your ethernet controller can support the speeds you are wanting. At home I have two different ethernet controllers on my computer, one of them is the motherboard ethernet controller that can handle 2.5Gbps and the other is USB3.0-to-ethernet, which can handle 1Gbps.

@clear igloo https://www.reddit.com/r/sysadmin/comments/yem27r/meraki_just_disabled_all_our_hardware_in_russia/

rip

is that even legal

If sanctions are forcing their hand then maybe?

But I know for Umbrella and other services they had announcements for months as to when they would cut things off

As much as I hate wars and sht,
This is why we no longer own things.
we may have the hw but they can mess with the software

👀

yeah thats the crappy part. I try to steer places I work away from that model

thats fine if I have to buy a perpetual license for a switch but nothing that expires and nothing cloud managed

they tried pitching to me that I should make my datacenter cloud managed

asked them if they're nuts

@clear igloo they put ACI in before I got here. I would have said no to that too

looking at retro I think we are all agreeing that it was a mistake

😄

really the whole nexus 9k line is just a mess

bug after bug after bug

Sweeeeeet

Just spent an hour breaking my project router's config so I could test my Python script for reconfiguring Quectel modems for use on RouterOS from blank config

So now all I need to do is put a brand new modem into a brand new device, let it boot, run the Python script and it's neatly and fully configured

As far as I'm concerned devices on which I must depend on a vendor's continued benevolence to manage aren't really mine and have negative value - the more utility the hardware offers, the more utility the vendor can take away.

Just don't turn on the bleeding edge features, ez

we dont. it fails at basic BGP, layer 2, and other things

You're doing it wrong! /s

ive never had to worry about a cef table until I started dealing with n9k and NCS

oof

or COPP

Got sent a job posting today for a hospital and they want VXLAN

I'm at a loss as to why any business that isn't an ISP or a public cloud datacenter would need VXLAN

SD-LAN probably

either they did it by hand or just threw it in there because

if by hand its not software and they did spine/leaf at the access

Yah, SD Access uses VXLAN

Reading about it now

my pal @jaunty talon went over kill and did the same at his job

reddit says run away from hospitals tho, so I would pass

NGL my previous job with a US cybersecurity company laid me and a ton of other people off in August and I've been getting silence back from most stuff I've applied to since, so while I'm not broke I just want something at this point before we get there, can always keep applying after and find something else

Been applying for whatever I can find, spinning up a side project in the networking+IoT space I might be able to commercialize as a plan B, diversifying my skillset a bit to help with that and/or look better on a resume

Every news story about a lack of skilled IT people in aus makes my blood boil a little

VXLAN+EVPN is awesome, no more spanning-tree

Because it all terminates at the access level?

yeep

@clear igloo 👀 I love networks

Controlling all of this AV stuff over the network

Our whole network (dcs + office) is evpn+vxlan (not same but separated with routing)

We're probably gonna have to figure out video over fiber soon

I guess it's cool but it does sound a tad overkill for a few hundred seats

but that should be easy since we're an all IP workflow

at dreamhack we did a lot of video over fiber and ethernet :)

and they still do!

are you US based or authorized? what kind of role you looking for

Sadly no, Australia-based without authorization to work in the US at this time, not very fussy on the role - Software dev backend/IoT (I can and have done frontend+app dev but not my passion), Systems/Network/Cloud admin directly and as part of an MSP, TAM support - done all of these, will happily do any of them again.

I know the real money's in the US for those kinds of things

yeah, I have jobs open but its US only

also they pay

Unfortunate, but expected.

I've never heard of claiming 80% of the advertised speed counts. in fact we have to provision 120% of the advertised plan speed to avoid problems if there are slight drops in performance due to bad signal out of our control. maybe you're thinking of the FCC's metrics but that's about overall capacity for a whole area over a longer time period to measure reliability

It's an interesting debate, that one

NBN Co. in Australia used to not overprovision but have since consumer protection authorities decided that users should be able to get the throughput advertised in speedtests and real-world workloads and not just raw throughput of the promised speed.

It's somewhat intuitive to me that advertised speeds offered are the connections raw throughput but it isn't to a typical consumer.

They pay for gigabit and only see 940mbps

i mean, it depends on the ISP and the quality of CPE they're willing to provide 🤔

XB7/8 have 2.5Gbps and can definitely handle routing that, even on the 1.2 Gbps plan that's really provisioned around 1.5Gbps

And have some headroom for future stuff but I'm not sure if i can talk about that lol

Could someone briefly explain DOCSIS to me? I'm rather networking illiterate; is it just another name for a HFC system where fibre is sent to the cabinet and it's regular old coax to the home, or is there fibre and coax going on in the same place or what???

DOCSIS is specifically the protocol for internet as an additional service on top of coax cable tv systems

currently HFC is usually the way it's deployed but afaik that isn't inherently part of the standard

but... I'm also not aware of any other common ways that HFC is deployed so i guess you could say it's another name for it

generally HFC networks are fiber to the node

but that's not mandatory

thanks!

here's my deal:

i'm in the uk. up until now, all isps serving our property have been using this openreach connection; fibre to the cabinet, shitty coax to the home. despite the fact that the green box is right outside my semi-detached neighbour's, this means it'll never exceed 25mbps down and about 6 up. it usually stays around 20-22 or 23 down, can't recall ever seeing it break 27.

but virgin media just charged in and is offering us their Gig1 plans which would give us gigabit. they told us it was 'fttp' but i was like... is docsis really fibre? or are you doing something else, or is this just the shitty marketing tricks we've come to expect from isps... 😅

i'll be able to talk to this rep again soon, maybe tomorrow or a bit later...

regardless, i imagine it will perform better than or equivalent to my current connection in regards to ping and packet loss...

Fttp means fiber to the premise no?

But dociss is a coax protocol, so it's not fiber

what vpn do you guys recommend? im looking for one where I can also get a residential IP. I see so many videos but ik those people are just spammin them so people use their code or wtv

i mean if they're explicitly saying it's fttp that probably means they're running new fiber directly to your home

i can't imagine they'd get away with actually lying about the nature of the service to that extent

true which is why im confused. i'll confront em about it.

i would advise not acknowledging any sponsored messaging about vpns

Ah yes, the old Hybrid-Fiber Coaxial thing

It basically means there is fiber to a node serving a few hundred to a few thousand premises, but after the node it's Coax

It's no more equivalent to fiber to the premises than VDSL is

Calling it a fiber connection is misleading.

idk how they're doing it then, they actively said it was fibre to the home as opposed to our current fttc lol

It can nonetheless still be faster than cellular or VDSL offerings

Much faster.

if im not mistaken we're currently using adsl but i can't recall and my overall knowledge is really hazy

FTTC would be VDSL

probably that then lol sorry

i mean if virgin are saying their stuff can supply gigabit thats obviously a huge step forward regardless

as i mentioned we're stuck at like 20 down 5 up

It can under certain circumstances

Easily over 100mbps down

lol nice

DOCSIS 3.1 offers up to theoretical 10 gigabit speeds down 1 up but it's shared over all subscribers on your node

hm right

tbh i really doubt many people in our neighborhood are tech savvy enough to care about their internet and switch over

theyd probably go for their ~100 megabit plan if so

im presuming then if i get a gigabit plan that just means prioritization

Not necessarily

Just a higher max throughput

It wouldn't do for high bandwidth subscribers to ruin everyone else's experience

If anything I'd deprioritise them, better for a gigabit service to degrade to 800mbps during peak load than 100 megabit services not loading webpages

so, all things considered, would this be better than my current situation?

Probably, in terms of throughput

would packet loss be a problem?

Do you need perfectly consistent throughput and reliable connectivity?

If so home internet is not for you

It's generally adequate though

fairs

thanks for all the help!

No problem

i mean yeah it sounds like they're saying they would run fiber to the home, not use the existing HFC at all

like i said, idk UK laws for sure but if they're explicitly stating fttp and they're actually using the existing HFC network, that would be a slam dunk false advertising or breach of contract etc case

or whatever the term would be in the UK you get my point

either way if they're advertising fttp gigabit it's gonna be a massive improvement over your current connection

the other catch could be that it's not actually available at your location, unfortunately the automated address service checkers can be wrong

Hello, recently I bought a Xiaomi AX3000 to have it as my main WiFi in the house.

I connected an ethernet cable from my Switch to the Wan port of the Xiaomi.
To the switch is also connected my Modem/Router (ZTE ZXHN H108N) which provides internet (wifi disabled).
And lastly my PC is also connected to the Switch.

The Xiaomi can be used as an Access point OR a router. I use it as a router because it has a very nice application for managing everyone who is connected.

My problem is, because the Xiaomi has its own DHCP, my PC has no access to the devices connected to the Xiaomi eg printer and vice versa.

Disabling DHCP and changing to a normal rj45 port on the Xiaomi works but I lose access to the managing app.

Disabling the DHCP on the Modem/Router doesn't seem to change anything at all.

Can anyone help me or direct me to a solution, thank you.

yeah i know most youtubers just take sponsorships as it's easy money, but im still looking for vpn recommendations with residential ips if you know any

Because it's acting as a router and natting

It's not longer a single LAN

Hence your PC can't see the printers since they are behind the nat of the Xiaomi

Isn't there any way, condifg to fix it/ bypass it? or make the two LANs comunicate?

Make the Xiaomi a AP

You can also put EVERYTHING behind the Xiaomi

But you should only NAT at one point

With everything behind Xiaomi you still have double nat but you can resolve that by setting ISP modem/router into bridge mode

How can I put everything behind the Xiaomi when it is connected to the switch via the wan port. Can I connect it to the switch via lan port maybe?

yes
Modem/Router -> Xiaomi -> Switch

Wow can't believe I didn't think of this, it was so simple. Thank you very much.

Now that I think of it again I can't bring my modem/router to the Xiaomi, the service outlet is too far. FML

Run a cable

Longer Ethernet

Thank you for being a person who knows things, I appreciate it

With a dsl service is the router associated with the account or the physical address?

Typically both. They know what modem you're supposed to be using even if it's your own and if it's plugged in at a completely different address it won't work

@peak cloak @waxen scroll Damn, these boxes are pushing 686Mbps over the network for a 4K60 signal 👀

https://media.discordapp.net/attachments/395111204991008769/1035767178428948510/unknown.png

guys whats going on

https://media.discordapp.net/attachments/395111204991008769/1035765540238671872/unknown.png

What service are you running on that port? because you probably want to stop them from doing that

https://www.abuseipdb.com/check/89.248.163.216

I don't have any ports open that I know of?

Oh nvm that's probably their source port

What router is it so I know what I'm looking at better?

Sorry for delay! it's a NETGEAR Nighthawk

Is your internet running slow or dropping

i have been being blocked from google lately

and sometimes they make me put a captcha in, just to google something

i've changed my WAN IP and i'm still getting these:

hello i need help pls

i cant figure out if -70dbm is bad or not

i duno wifi stats but i need help is this good or bad?

nvm

Ok

Hi there, I’m planning to purchase mesh wifi nodes. But I can’t decide between these two options:

• 2x UniFi6 Mesh (€450)
• 3x TP-Link Deco XE75 Mesh Wifi 6E (€460)

What would be the best option for a three story concrete house?

||Yes, I know a wired connection would be better. But my mother doesn’t want any holes drilled into the walls. And we moved to a house with concrete floors and walls.||

It's really hard to say, if it's all concrete walls and ceilings you might have to put a repeater near your stairwell or consider looking at powerline/MoCA to get connections between floors

Failing that you can just leave it broken until everyone's annoyed enough to reconsider on getting the place properly wired up :P

I'd almost lean to the 3x node pack for better coverage with the concrete and whatnot

If you have an existing router it's probably worth seeing where coverage is OK from that so you can decide where a second/third node might go

Good idea

I highly recommend doing your testing on 5ghz only if you can because that's what you usually use for backhaul on a mesh router

Thank you :)

No problem.

Oh there's a potential gotcha for the TP-Link Deco you listed - the backhaul is WiFi 6E rather than WiFi 6, so the mesh APs have to be closer together (6ghz vs 5ghz, higher frequencies don't penetrate walls as well)

Depending on how your testing goes if you do need 3 of them, you might actually be better off picking a slightly lower-end mesh AP instead using Wifi 6 for backhaul

Ohh, I didn’t even think of that.

I just measured the WiFi connection in all rooms. I’ll put it in a nice graph in a minute and share it.

@pseudo blade

lol yeah this is not a good time to use a stacked graph

Yeah no idea where these rooms are relative to your AP, but most bar "bedroom 4" don't look too bad

What's your target speed?

Yeah, don’t have Excel on my work laptop and never worked with google spreadsheet graphs :p

Right now only 100Mbps

Cuz we’re getting fiber optic in 1-2 months.

Yeah mesh APs should actually work pretty well in that case

Alrighty thank you for all your help!

Ohhh wait

Would it be useful to get a UniFi Long-Range AP first? And hook that up to my router using ethernet, while disabling the wifi from my router?

It wouldn't solve the attenuation problem, so not really

It's also not great for performance if you have a client at the edge of coverage trying to use as much bandwidth as possible

Ah okay

Ty for all your help

Anyone Network+ certified?

Studying for it.

Professor Messer?

No, I am studying using the CompTIA guide

Then after studying I take some lab questions or multiple choice questions

Oh. I'm using YouTube lol. Then gonna do a practice test

I'm a visual or hands-on learner. Reading something doesn't work

Would I need a Ubiquiti router to use their mesh nodes?

Linus made a video exactly like this

Could someone help me out with an internet issue im having?

I actually bought one of those TP-Link ones. Haven't used it yet but only bought 1 for now anyway lol.

hey guys anyone here have any experience with google nest wifi

high download, slow upload.

im not sure why this is, my wifi provider has it unlocked, but im being capped at what seems 27mbps. on upload. whilst my download 1g

Cable?

yes i do use ethernet

I mean your isp

ohh

no its not, cable is a different provider

Who your isp

im in the us, we have windstream rn, and dish cable

So you have fiber?

yes

Did they promise fast upload

yeah they do

With fiber-optic internet, download and upload speeds are identical, which is referred to as symmetrical bandwidth. This ensures that whether you're uploading or downloading data, you'll enjoy the same fast internet speed you've been promised with your internet plan.

"identical"

Did you try unplugging it

There should be 2 fiber lines then. 1 up 1 down. I'd check the ends

Unless it's bidirectional

If it stays slow I'd contact your isp

Idk if anyone is in Australia but,
Telstra internet WTF

What’s The best premium cad 6 10GB weatherproof cable on the market.

Would be hard to determine what the "best" is

trueCable seems pretty good tho. I have 1000 feet of it

Plus depends on if you want to terminate it yourself

is it worth running a lan cable?

Is wireless insufficient for your needs?

Is running a cable of the required length better or worse than dealing with a wireless setup instead?

You need a router

Unless the modem has a built in router you don't connect the modem to the switch. It should go modem - router - switch

Have you already tried using it?

Depends on what kind you have

Usually RJ45 ethernet cable

You connect from the router straight to the switch

If your router and switch have SFP/+ you can use that too but the most common for homes is RJ45

And unless your modem is an all in one modem/router then the modem isn't the router

Could be your port. 800-900 is usually all you'll see on a 1gig port. You won't get the full 1gig

Basically yeah. Unless your modem or router is also limited to 1gig ports

idk what you mean by do your own fiber

Can you use Ubiquiti’s Unifi 6 Pro with PoE adapters for power while connecting them wirelessly to your router? (Like a mesh network)

I kind of want to get those instead of the Unifi 6 Mesh because they are cheaper and run less hot.

Just pulled the trigger, went with the safe option of the U6 Mesh.

egg router

we ordered 3 more of these

wifi 6e apparently

Why is my RAX 43 Netgear Nighthawk not letting phones connect, but letting anything else connect?

Also most of my smart devices can't connect either. Although the router claims they're connected. Yes, we've tried rebooting it dozens of times.

Looks like a giant tic tac

it does

wintergreen mint flavored wifi router

They look smaller in the pics

I was thinking like a tuna can size lol

Factory reset didnt fix it either.

I’ve heard of network bridges. Nice to finally see one.

Airpods case XXL

Does anyone body have a recommendation on ethernet cards for a desktop. Preferably under 30 dollars US.

Anything Intel is fine

You can buy nics used too for cheap

Ok, thanks

Also depends on what speeds you want. If you want a 10g one but go with anything older than the intel X550-T2 wont support 2.5g or 5g

If u want 2.5g then realtek 8125 or intel i225-v are fine

Mine internet is only a few mb/s. I think there may be something wrong with the ethernet port on my motherboard (not driver related) and I was looking for a card to see if it fixes it

I should add that when I say bad, I mean I'm not getting the full bandwidth like everything else in my house that's connected

Have you isolated the issue to be the adapter?

Not the cable?

I have not guaranteed that it's not the cable, but it's been used with other devices in the past and didn't have this problem

Just tried another cable, same speed

Someone know how to configure ipv6 on opnsense?
I have opnsense VM on hetzner dedicated server under xcp-ng virtualization (fork of xenserver) ipv4 working perfect and ipv6 can ping other VMS that have ipv6 IP but can't ping to the wan and the internet.

How can I fix it?
I have /64 subnet from hetzner.

How is your VM connected to the internet? Bridged to the server's ethernet interface? Or is the host forwarding/routing? Is the IPv4 of the VM in the same subnet as the host's interface's IP?

My opnsense have its own public ipv4 address that specified by virtual Mac addresses from hetzner and the Ipv6 is part of this Mac address to

Ok, so you're using DHCP on the VM and it gets its IP from upstream?

Yes

And you have some addresses assigned to you from a pool of Hetzner's public IPv4's and your pfsense router is bridged to your server's internet-facing ethernet port

And you have a /64 allocated to your server on ipv6

Yes, opnsense ipv4 Public IP address is good.
Yes I have/64 subnet of ipv6

And that /64 is assigned to the MAC of your server's internet-facing port?

Yes it's assign to the same Mac address of the ipv4 Public IP

Is the ipv6 address of your pfsense router in that /64 and dynamically assigned?

You have two public ipv4 addresses, correct?

One for pfsense, one for the hypervisor? Which one is the ipv6 block assigned to?

I have 1 public IP address that the IPv6 is assign on his Mac address

Except the other ipv4 I have that allocated to different VMS

Detailed info:
Hetzner ipv4: 1.2.4.5 have his own virtual Mac address that allocated to the VM network card and configured under wan as spoofing Mac address.
Hetzner ipv6: /64 subnet that not yet configured on my opnsense.
Having troubles with configuring it on opnsense.

Hetzner support static / slaac configuration for ipv6

Are you trying to use SLAAC on pfsense?

Yes

I have tried both, slaac and static but without success

It worked ok while I was on VMware after I moved to xcp-ng (xenserver fork) it stopped working

I still have some cables to make. But I’m proud of this…

@sudden kayak how's the er605 router. I'm considering getting it to replace the er-x

I need good v6 support, vlans, and static routes mainly

thinking about a fortigate as well...

@rocky badge you have one right?

Yes

For bulk cat7, do I have to use gg45 ends? And if I do where do I find them, because they seem to be a mythical being only heard about in legend.

no you don’t. You can use RJ45

Also I wouldn’t buy CAT7 in the future

CAT6a is the best Ethernet spec I’d go up to

It was cheap. I think I know why now. Pain in the ass

^^

Shielding is just not worth it 99% of the time when fiber exists

Don't buy fg 60d/c heating like an oven I have 2 here that I ditched and moved to mtik hex-s at home.
Fg is good only in newer versions, I have worked with it for 2 years with 600e I think it was pretty good and stable.

Wat

You said you have fiber

A coax cable modem isn't fiber

You won't get full speed with a 1 gig port

And you said they are using coax

You need a faster network card or router

You can't

There's protocol overhead as well

If you're saying you want to run your own fiber line to the nearest node outside you can't

No

What router do you already have

Not at router level

ISP rate limiting is done not at your house

He's wanting new hardware to get the extra 100mbps lol

Can you take a pic of it and the connectors

I wanna see the ports

The ports are limited to 1gig

So 900 is normal

I don't see it happening lol

Crazy they giving 1000 up over coax

That's about what you'll see

You won't always get your max speed even with faster hardware

that's normal

not much to report, that ended up at my parents place so I'm not doing anything crazy with it. pretty much just a flat network. but it's been working well and they told me the network is rock solid

question: what happens if i plug in a 3Amp plug into my 3.5Amp requiring AP?

gigabit/1000Mbps is the link rate, there is overhead in the protocols (at every layer) so 920-940Mbps is the fastest you can get in real life with actual IP traffic

you can try to find a router with 2.5GbE (the next step up) which will be massively more expensive to get you 80Mbps more throughput

yea even just going locally to my server i dont see it going above 950 on a gbe

yeah that is pretty good for GbE

it will probably be fine. but there's a decent chance it will brown out and reboot under heavy load

or worst case scenario the power brick gets overheated and explodes and burns your house down. idk if I'd risk it

brown out? that sounds gross lol

oh yea im 1 dude, no way i'm going to overload this monstrosity

if you're lucky and you have a direct point to point connection and do an artificial test with something very low overhead, yeah you might hit 1000 but that's not gonna happen in most scenarios

$60 for a bloody power adapter wtaf

yeah try it and if you don't see any smoke you're probably fine lol

or PoE for more convenient & easily hidden wiring

but that's a bigger investment

can an ethernet cable really do 2.5Gbe AND 30W of power?

i think they can do up to 60W yeah

oh wait maybe not

but the answer is yes for 2.5Gbe & 30W https://www.amazon.com/TRENDnet-TPE-215GI-2-5GBASE-T-Compliant-Integrated/dp/B08BS5C3HY

Just in L2 overhead, the maximum payload you can get with IPv4 is ~965mbps. That with no UDP/TCP header either. 940-950 is the best case real world speeds you can expect

I'm sure there's something that does 2.5 and poe++ but maybe only in a big ass switch

yeah that sounds more correct based on my experience but this guy is saying he somehow got 1000 on the dot

apparently i need two +s

maybe with jumbo frames? dunno

ahhh yeah I'm not sure there's any of those in the form of a single poe++ injector on the market

Jumbos net you like 990mbps if I recall. You'll always have 34bytes of L2 headers.

it's only for a week...tomorow my last day to return the stupid tp-link AP (all TP link wifi 6 AP's have a confirmed bug in that they are unable to use MU-MIMO)

yeah that sounds about right 😆

sigh i'm torn...shd i hook this up? alternative is, i think i have an old AP in storage i can dig out for a week

i mean it's not gonna blow up if you try it for 5 minutes

whatr is...what kind of nonsense adapter has an analog knob for selecting voltage

I have 1200 plan from Comcast and spent $500 on a 2.5g x8, 10g x2 switch and a quad 2.5g card for my router because I was tired of only getting 900ish lol. Now I get 1200-1400

But it actually wasn't a waste since the plan is going to be 2000/200 eventually

I have 1gb/1gb and can upgrade to 5gb/5gb max. I was looking at different router options to manage my home lab in my rack. I've looked into Ubiquity but I didn't know if that was the best option for me because some of their products are designed for cameras which I wouldn't necessarily utilize. I also didn't know if it was worth it to try and install PfSense on a system and use that instead with a dual 10gb nic.

I have a downside in which my provider installs boxes that are modem/router aio in which I would have to passthrough whatever router I choose

Does anyone have any suggestions?

can someone convince me thatt MU-MIMO is real?
because i have yet to see evidence of this

It is

How well it works in your environment is another question

If your isp allows it always bridge mode the modem they provide. And a lot of people recommend ubiquiti but I've never used it. I actually use a QNAP switch and does the job for me

it does what exactly? allow me to simultaneously use multiple streams? because...that's not a thing that is happening

i've loked around i am yet to see ANYONE post a screenshot of 2 2x2 devices connected to a 4x4 AP and BOTH getting 1Gbps AT THE SAME TIME

So your QNAP switch is in place of your router? Or performs routing functions?

No. You still need a router. I use an old Dell Poweredge R210 II

Upgrading it soon tho lol

The switch basically just adds more ports. But I have a managed switch which allows more functions like vlan, link aggregation and more

can someoen please help me get MUMIMO to work ? this is like the 3rd AP i've tried

The plan was to have a managed switch behind it so I could link aggregate instead of buying 10gb nics for my VMs

Do you have software installed on the Dell poweredge?

Libk aggregation doesn't fully combine the networks. If one is 1g and the other is also 1g and your internet is 2g you'd still only get 1g speeds on each device but you'll have the other 1g available for when someone else wants to download

Just pfsense

The link aggregation was for inter-network communication like a file server everything would refer to and possible test PXE boot

Then yea it would be useful because you'd increase your overall available local bandwidth

Thats mine. But it's all in a server rack other than the pc and ap

I have tried once to install PfSense but it couldnt get a LAN IP. I didn't look too far into it

What AP do you have?

Ok. Cool. Any problems with it?

I haven't used it yet lol

Won't be home til Nov 21st

I plan on upgrading my router to a Dell Poweredge R330 with 4 x 3.5inch bays and slap 4 16TB hard drives in it and use it as my new router and NAS

Lol. With PfSense, do you know of any issues that would cause that? I was attempting to run it behind the existing network to test it

Current cpu is from 2011 new one will be from 2017

What did you have the other port plugged into

With a pfsense router you need at least 2 ports. 1 is WAN which your modem goes into and the other is LAN which your switch goes into or another router but preferably a switch

My current plan was to use a dual Xeon x5550 with 48gb ram. I didn't know if that was overkill. 2 1gb integrated nics, 2 port 10gb nic, & 4 port 1gb nics

You don't need the ports on the server really. All you need is 2 and go to the switch unless you want link aggregation going on

I have 2 1g and 4 2.5g but only 3 2.5g are being used

Do I need to tell it which port it should should be excepting wan and which ports are lan?

Or does it auto-negotiate?

I've always had ti manually do it

During thr setup it will ask you which is wan and lan

There's an auto detect but I never got it to work so I just manually type one of the options it gives and hope it's right. If it's not right I change which one is plugged in until I figure it out lol

It names them like in0 in1 or re0 re1

For like intel, realtek, and Broadcom is something like br0

Butttt it doesn't know where it's actually located. So if you have a 4 port it can literally name them 3,0,1,2

Ok. I'll try manually do it manually. One nic is an Intel; the other is a HP

And common ones to use are intel and Broadcom

I actually use realtek even tho it doesn't play well with pfsense. As long as you install the proper drivers it's fine tho

Does pfesnse have a gui I would be able to log into?

A web gui yes. You'll have to complete the setup tho first

There's lots of videos on how. Level1techs might have one

Wendell is one smart man but says things that are way over my head lol

Ok. Will look into it

Thx

Do you think the hardware is alright to use pfsense or too overkill?

Kinda old cpu

While desktop/server cpus are good at being used as a router it's not what they are designed for. So typically the newer/faster the cpu you have the better it can handle traffic. Wendell did a video where they used an i5-12400 and he was impressed because it's performance cores are good

That's what I have to fit a 1U. Was trying to have it be its own system. No hypervisor. The rest of my systems are dual socket is 2697 V2s & V3s. Other than that I have gaming CPUs but I didn't know how to fit that into a rack if they are already in PC/gaming cases

I'd use thr 2697s

Run proxmox or whatever hypervisor and virtualize pfsense.

I didn't know if that would cause issues. Thought I heard from somewhere that it would so I've been focused on the older hardware I have

I havent personally done it yet but I don't see any issues lol

What is a good mix then of cores vs ram for 10gb speeds

I'll be running Unraid with pfsense

You can just give it all cores and 8-16GB RAM is plenty. Storage doesn't really need much

I tend to use Proxmox because it has pretty seamless integration of CephFS for storage pools

May want to disable hyper threading tho. It can cause issues sometimes

Duly noted

It's wild overkill, you won't have to tune much for 2.5gbps, it's just that all the above hardware will waste power like mad while mostly idling

Hello, i personally use a virtualized pfSense as my home router. I've run into some bottlenecks which i've mostly resolve doing pci passtrough. You can also in some case suffer from degraded performance because of spectre and meltdown mitigation. You can run over that simply by putting hw.mds_disable=0 into your System Tunables wich are located in System > Advanced > System Tunables

Sorry if my message is inconsistent, my english is broken 😅

I think that it's generally poor advice to unconditionally suggest people disable meltdown/spectre mitigations on a VM for performance.

If mitigated on the host there shouldn't be a problem i guess

how much would cost 200m of Optical Wire trough citypath

so here's something...my tablet (Lenovo Duet 5 Chromebook) is ONLY able to get 700Mbps whereas my phone using the same wifi network, same speedtest etc can get over 1Gbps

any idea why? that's an odd thing to happen (they're both on 5Ghz)

ok guys i have smthg weird happening which i CAN explain but that's not how i was taught wifi works

WiFi antenna

different antennas get different speeds

Same reason I can pull 940mbps over WiFi on a surface laptop go but only 550 Mbps on my MacBook Air

here's what i'm seeing. it gets weirder
1 device can connect to 2x2 160Mhz channel at full width on 5ghz. If an attempt is made to connect TWO devices for some reason they seem to BOTH pull down to 80Mhz channels and they both SHARE a single 2x2 80Mhz bandwidth

what access point are you using

so...what exactly am i getting for the extra 2x2 on my AP?

WAX630e

I’m not sure with that access point tbh. It may have something weird going on with the software

what precisely do i gain between a 5Ghz 2x2 AP vs a 5Ghz 4x4 AP?

if you have 4x4 clients you can get higher speeds

assuming i don't own anything that can do more than 2x2

you don’t really gain much in that case

afaik

ok so the thing abouut how "mu mimo means one can use 2x2 whiel the other uses the other 2x2" is NOT how it works? cuz thats what the netgear dude tells me and im hearing otherwise from the internets

I’m not an expert on WiFi haha. So I’m not 100% sure

same band btw, not 5G hi vs 5G lo

this makes sens because triband non 6Ghz APs have 5Ghz lo and 5ghz hi...the only reason they'd do that is to get a full 1200 on two devices at once

I just know that usually higher bandwidth (2x2 vs 4x4) lead to higher speeds on supported devices

ugh, i may have to finally give up on chromebooks and just get a microsoft surface or whatever. Hard enough to get a chromebook tablet, and they all have such poor wifi

for some reason, something is going on with our internet where webpages are slow to load on every device

DNS is Cloudflare (1.1.1.1), switching between it and Google Public DNS makes no difference

i should add: once loaded, they're fine

something...seems not correct about this dns time

found the problem: our isp's IPv6 is messed up, forced ipv4 and problem went away instantly

..or not, this is via PingPlotter. does that packet loss matter? that's the router btw

Huh interesting

I have the er-x and I have this issue with ipv6 and hardware nat acceleration turned on

With it off it's not an issue

I did some packet captures and I concluded it to be some issue with the way its handling tcp syn and ack packets. Don't remember the exact reason

I have come into a lot of Cisco networking equipment, there are:
3x2911 routers
1x PoE 24 catalyst 3750G
1x PoE 48 catalyst 3750G
3x2811
1x2P11
2x2921
1x 2960 Catalyst 48
2xCyberPower CSW8RU

Are these of any sort of use? Can they be used for any sort of secondary/home function?

all of it is out of warranty, so no more updated software, they also tend to be more power hungry being older, but depending on your current level of networking understanding, they can make a fun lab to play around with

eventually the more power friendly and cheaper optin to leran is to use something like EVE-ng/GNS3/CML to build labs and learn things, but there really is nothing like the feel of real hardware in your hands when starting out

I was in CCNA in HS but never tested into it and didn’t really retain the info well, since it’s been ten years, but was thinking they could be fun, we’re a steal for free in my mind

It's all ancient crap over a decade old and imminently leaving support, if you need a ton of gig ports on the cheap the 3750G's might be OK but other than that it's all pretty useless

If you want to relearn networking you will benefit from modern kit anyways, if you want Cisco specifically look at the simulation tools above, particularly Cisco Modeling Labs

is there any way for me to connect to my cisco router? i dont have a serial port on my pc (due to the fact that most pc's dont nowadays) and i dont have a cord from rj45 to serial... idk whether i should order a usb to rj45 to use the router?

Is it new enough to have a MicroUSB serial port?

the router or pc?

Router

no i dont think so

You don't think so? What is the router specifically?

i believe its a 860 series

its an old one from my uncle he gave it to me so i could learn networking, he didnt use it anymore

I guess you can learn basic networking on one but the 860s kinda suck (2 vlans, yay) and are also very old

You can buy Cisco rollover cables that go from USB, or buy a serial rollover and usb to serial adapter

the only problem was that i didnt know how to connect to it to access the console, becasue he didnt give me a manual or anything, just the router and power cord.

where, from amazon au? if so how much?

Go look, idk where you are

.

would this work? - https://www.amazon.com.au/Console-Essential-Accesory-Ubiquity-Switches/dp/B01AFNBC3K/ref=sr_1_2?crid=13Z1V7OEDB4WL&keywords=cisco+rollover+cable&qid=1667360675&qu=eyJxc2MiOiIwLjAwIiwicXNhIjoiMC4wMCIsInFzcCI6IjAuMDAifQ%3D%3D&sprefix=Cisco+rollover%2Caps%2C799&sr=8-2

I'm sure it's not too hard to search Amazon yourself

Your link crashes my client

Should work?

i just put "cisco rollover cable" in amazon au and found "USB Console Cable USB to RJ45 Cable Essential Accesory of Cisco, NETGEAR, Ubiquity, LINKSYS, TP-Link Routers/Switches for Laptops in Windows, Mac, Linux (Blue)" its the first time ive done something like this before so i dont want to buy the cord to find out it dont work

There's not much to go wrong there

ill try it then

thanks

Ubiquiti goes brrr

My U6 Mesh access points arrived yesterday. One is sufficient for 2.4GHz coverage of the entire house xD. But imma install the next one when I’m back from work.

That's about expected. Back to your original comment, you will not pull 1000/1000 over the internet on a gig link because as stated, there is overhead involved.

What do you mean overhead, I demand to speak to networks manager!!!

Hello, I bought a Xiaomi AX3000. I have it as a router + wifi to connect every device I have to it.

On the Xiaomi's WAN port I connected my modem/router (ZTE ZXHN H108N) also I have disabled wifi on my modem/router since I don't need it.

Do I need to do any configuration since they are 2 routers connected to each other or will it work with no issues at all?

what modem? you should have no problem getting the full 1500Mbps

I imagine the result of doing that without further configuration will be a double NAT, so you probably want to try to set the ZTE to bridge mode and use your Xiaomi as your edge router, as the ZTE's specs are awful and shouldn't be used for more than modem duties

I’m pretty sure they make you have XFi complete for the 200 up

I really want to like the LtAP mini, I really do https://mikrotik.com/product/ltap_mini

But every time I go to use it in a project it falls ever so slightly short

It's a totally fine portable router with a PCIe slot and an ethernet interface, and if that's all you want it's a great option

I'm trying to offer some basic information about cellular signal to users but RouterOS's permissions are insufficiently granular to offer just modem stats without providing your entire config, and if you want to edit a few basic things you have to expose the ability to edit almost everything

so query it on your backend and let the website display it

It's a 4G modem, if users want stats it probably can't reach the backend because it's probably not in coverage range/no sim/troubleshooting

But Mikrotik doesn't offer container functionality on MIPS so I can't host it on device

if its open source why not make a page that can be viewed with no login and package your own firmware

Replace RouterOS with OpenWRT or similar?

isnt router OS open source?

No

It is built on Linux but the parts that make it RouterOS are closed-source and not distributed separately

There's multiple ways to get something together but it's either the hardware's not quite good enough (metarouter on 64mb boards isn't feasible) or it's RouterOS not quite doing what I want to make a product around it (insufficiently granular permissions, container not available on MIPS/MMIPS boards but they only have ARM in long-range radios+nonportable form factors)

And yeah providing a second board to run a backend along with this is kinda stupid when the idea is a small portable router with some smarts

It has USB but it's power in only and unlike all other products Mikrotik makes with that CPU doesn't offer data lines on its MicroUSB port because the mini pcie slot uses the one usb2 PHY offered by the SoC, and is power in only

So i know i should know the answer to this but im running a 300 feet run of cat 6 cable from my house to my dads barn outback all inside then running it through conduit to get it out there but my question is do I need a booster on the line before it goes into the conduit or will i be fine with just a switch on the other side

Should be fine

So dont need a booster correct

No

The only possible gotcha is the risk of a ground loop

Which is what and how do I prevent because all were using it for out there is a router and streaming tv

Oh and if your 300ft isn't the total length between your network switch/router in your house to the barn you should factor that in as > 28 ft will take you out of compliance

No its the total length

Roughly

As long as it's within 10%, spec is 328ft, it's not going to die at 329 feet but it won't be compliant and the further out of spec you take it the more likely something goes wrong

Ok

Is the conduit metal or plastic?

Plastic

Because I would be weary of running copper outside because of lightning risk

If you're running cable anyways fiber's actually not much more expensive btw

Hmm, I would get shielded wire and ground it

Or fiber

Basically when running ethernet cables between buildings you have to be careful about ensuring the cable is isolated so the cable shielding isn't connected to ground on both sides. The actual data pins are usually well shielded against this but the metal housing around the ports if connected to ground may cause current to pass through it if there is ground potential between the two buildings

Ok and plastic is designed for direct barry metal is not and i know fiber isnt much more but i have no way of hooking up or running fiber i live in the country were still using coaxial cable to a modem to a router

You misunderstand

You can get adapters that convert between ethernet and fiber optic

Yeah the whole point is for it to be electrically isolated

So you end up with home router/switch > media converter > fiber > media converter > switch in barn

Because the whole lot running between buildings is fiber optic you can skip all the messy electrical problems

Ok that makes sense

They look like this btw

Yep, looks like that

Ok

And they're cheap as dirt

Perfect now to get pricing

You can use multimode optics and OM3/4 fiber at that distance easy

Have you already got a trench/conduit, by the way?

If not and you'd be paying to make that happen, consider using point-to-point wireless instead because it's cheaper and can be quite fast

Yeah trench is dug and conduit in because we are running gas electric and wifi out there

Neato

MC220L is very cheap, one for each side, then get a pair of gigabit 550M multimode optics for them, then your 100M OM3 cable

I have it because it was the only way to have unlimited data. Just waiting for them to roll it out in my area

Should work, I do not guarantee any of my advice though and suggest you do your own research.

Don't buy singlemode/OS fiber with multimode optics or vice-versa, don't buy longrange singlemode optics

What setup you guys suggest for home opensource router like opnsense with 10gig network card that I already own I need a case that can fit full size network card with 2 RJ-45 and 1x SFTP connection

yeah :( for now at least. sorry

why isn't openwrt an option here? I'm currently running a mikrotik hex and openwrt is great, runs perfectly and frees up a lot of customization

It is an option.

But I will then have to test stability of the result, OpenWRT has published warnings for platforms with 64MB RAM, and I must do a few things that are otherwise done for me.

Seems openWRT support for this device isn't complete either, and specifically around the pcie slot I'm using - fixable I'm sure, but it's something to consider

Aiming to reinvent as few wheels as possible

Still quite likely worthwhile, the alternatives suck

2.5g NIC PCIE recommendations ?

Intel i225v

Or realtek 8125

The actual brand will vary. Just check the ratings.

okay thanks

egg carton

So many giant smooth teeth

Wut? Those 2 aren't correlated

Everyone is telling you, you can't get 1000/1000 on a gig link because of overhead

Rack setup etc can be done either way but as someone who recently tried to go that route it ended up being way more expensive than it was worth...ymmv ofc and it is cool but too much at least for me

on that note, can someone explain this please? How is that happening?

fast.com isn't the best

it like estimates

kinda

Ooh... Damn it has the best servers

Yeah Netflix is compensating for overhead in their results. That said it's still reliable enough and the fact you can enable a run for a set amount of time is a nice touch

@peak cloak Apogee is a fucking joke

I broke it

I remember a long time ago if you refreshed speedtest and stopped it just in time it would sometimes bug out and say you have like 5gig+ lol

I was like "yup that's exactly what my DSL is capable of"

I mean that's not far off my actual speed

I'm thinking of signing up for Comcast 6gig but idk

I would use speedtest.net for better estimates.

Hi, has anyone here used OpenWRT? I'm trying to setup my old router as a relay, but I can't get it to work

What device?

Its a netgear r8000 nighthawk

Did you find the directions? Here they are.
https://openwrt.org/toh/netgear/r8000

You download a file to your machine and then go to the nighthawk firmware upgrade and select the file.

The network I had connected the router to flashes between disabled and enabled every few seconds

So I got it to flash fine it seems, but when i try to create a relay bridge following the instructions on the openWRT wiki, it doesn't work

I tried pressing the reset button on the router and now I can't access the router settings at all. It tells me that the requested URL /webpages/login.html was not found on the server

So I tried doing a 30/30/30 reset with no luck

The lights are no longer flashing but I cannot access the router

Hello, I have a ZTE ZXHN H108N modem/router and a Xiaomi AX3000 router connected to each other. This has the issue of Double NAT (Confirmed with tracert as well).

I tried putting the ZTE in bridge mode but it doesn't have that option thought it has the option to disable NAT but it's greyed out (as can be seen in the 1st pic) so not really an option.

Checking the xiaomi, it doesn't have any options regarding NAT but it has a DMZ option. (as you can see in the 2nd pic)

The ZTE also has a DMZ option (as you can see in the 3rd pic)

I read on an article that DMZ can fix double NAT but I m not sure how to do it. I would be very thankful if you can help me fix my double nat issue.

PS I have made a reserved IP address in the ZTE for the Xiaomi if that helps.
PS2 I want the xiaomi as the main router as every device will be connected and managed there, for the ZTE I care only as a modem.

if you want that you need to put the ZTE in bridge mode aka disable NAT

you can't do anything on xiami regarding it, if you want it to be main router

DMZ doesn't fix double nat

Just allows you to handle port-forwarding on the Xiaomi without having to do it twice

You might be best suited buying an ADSL2+ modem for your use case and connecting that to your new router

Or if you're feeling adventurous...

Your (ZTE)router apparently exposes telnet with creds: username:1234 password:1234

It's Linux underneath

OK so I managed to get into my router again after another 30/30/30 reset, I've set most of the settings to create a relay according to the openWRT wiki page, but when I try to ping openwrt.org it says bad address

You might need to configure your router first

How so?

Just set it up normally first?

yeah but my issue is I dont know how to disable NAT on the ZTE

*sight* I guess I ll have to go on an adventure. Wish me luck xD

yeah ik, but that's the only way to achieve what you want

Hey LMG staff, I'm looking for a point to point wireless transmitter that does at least 10gbps. Directional is okay but if I could get omni that would be perfect. Are there any recommendations you have?

I only ask because I know Linus recently did this with your building infrastructure

Can a USB-C port on the back of a TUF X570 motherboard provide wifi?

Only if it's connected to a wireless adapter

It can't act as an antenna if that's what you're thinking

Can look at unifi's and mikrotiks product lines

I personally never use p2p, but for 10gig that starts to stretch the limit

It's for 800 units spread over long distances with multiple connection points

WISP?

I was curious about what product they use

Nope, it's basically to connect different server rooms together

Instead of trenching a bunch of conduit

It's a full fibre network

Ltt didn't have a good experience with wireless

Your use case warrants direct fiber connections

Yup I know

I was requested by my higher ups to explore different options

My issue right now is the 10gbps units I've found have 1gbps or 2.5 gbps ethernet ports

Which makes no sense XD

unifi makes some with sfp+ no?

I'm not sure, I'm looking around

https://ca.store.ui.com/ca/en/collections/recently-added-products/products/airfiber-60-hd

This is potentially a good option I think

Well. OCI is being quite annoying now... Restarted the server after 46 days, perfection. Everything working perfectly even after the restart - no problems. After a certain time of day, my networking stops working, everything just stops working. I have no clue why. Finally upon troubleshooting a lot of stuff, found out that vnic has no internal ipv4 and I changed absolutely nothing... No amount of configs or even manually re-assigning the same exact ipv4 is working... Internal ipv4 is assigned, services can bind to it but can't be reached externally whatsoever. I create an alt vnic and try it - that one works??? This was an ephermal IPv4 = it'll change if I reassign it = I'll have to update the IPv4 on all my domain names and re-enable SSL on it with certbot all over again.

WHY?

Even in the logs of my services I can see - regular sync working, relay servers accepting clients, etc... at 1:37pm - bam - errors. Everywhere. Relay server throws errors and dies, nginx throws errors and dies, I notice it heavily because private DNS on android + SimpleDNScrypt on windows on all my devices everywhere simply stops loading anything at all.

100% sure something was messed up on oracle's side, my config was perfect.

First question

Is your IP config set with the correct subnet?

Did you also add valid DNS options and a valid gateway?

The DNS and Gateway sometimes doesn't apply correctly so the traffic is like "Wtf, what is this?"

Yes and yes. Here's the thing -- it was working perfectly until certain time of day

Try changing your DNS to 8.8.8.8

and see if that works

It does

Then you have a DNS issue

Your network is likely fine

-.- my self hosted pihole + unbound DNS server on my VPS stopped working because the VNIC's internal IPv4 disappeared for no reason

I manually set it up for all my devices myself and to have a full log of all accessed domains

Yes. My own network is fine. Network for all my devices is fine. Oracle Cloud VPS that I have is the issue

Their admin team could have made a configuration change on their virtual switch settings hosting your virtual environment

That's why cloud hosted stuff can be a PITA. Because at times, when hardware changes happen or a glitch happens that impacts that. It can cause all virtual appliances hosted on that machine to wipe their information

Essentially the machine sees it as a new card instead of seeing it as the same card

I recommend contacting Oracle about it

That'll take days of back and forth on email

It's not a common issue but it does happen

Yea, welcome to my life lol

I need things to work right now... Had to delete and create another vnic so I can configure it myself

Not expected from cloud services...

It's not a common occurrence

Glad that the primary vnic is still working so atleast I can ssh into it

New created vnic works fine. No idea why it couldn't connect even when I manually reconfigured the ips and ran their script too.

Time to update everything to the new IP...

Have fun

wasted 4 hours of this day 😂 learned a lot though...
Didn't take much long to fix this either. Im already done fixing

Back up and running

Awesome!

I know I’m a filthy casual but does this have any merit? Is it actually quick? Using a mesh Wi-Fi system

decent enough, not like youll be using more than that

for resolution i mean

Does anyone have any suggestions for studying guides/practice for the Comptia Netowork+?

Professor Messer videos for learning part

Would it be more beneficial (time/money) to aim for the CCNA if that is what I want to get in the end?

Not sure. Some don't recommend any certs and just find someone that will teach you. But the Network+ is vender neutral so it might help while Cisco ones will only really apply to Cisco. I might get network+ and get ccna later

Ok. Thx

does anyone know a good x86 box (with ECC) (like these pfsense router) with multiple ethernet or pice extensions for for adding multiple Ethernets?
I found something like Supermicro Mini-Tower

Why do you need multiple ports

Moar ports

Is routing the primary goal for the box or is it also a hypervisor? What scale, ram, storage, CPU perf is needed?...

Because you've basically asked for "any computer" at this point bar the ECC ask

low power for infrastructure services, and maybe it runs security onion

https://docs.securityonion.net/en/2.3/hardware.html

What throughput do you need?

It can be a bit hard to size an IDS/IPS because obviously your ruleset has a massive impact

But if you're talking like 200mbps it's super easy

it is for really small office with few computers.

Is wireguard e2e encrypted?

If that's all you need then you only need 2 ports. 1 WAN and other LAN going to a switch

Making pfsense use different ports with multiple lans and all the devices plugged into it is more complicated than just using a switch

Wireguard requires encryption for connections, wireguard connections are therefore inherently "end to end encrypted". But what you do with that's on you. If your client or target on either end is outside the encrypted tunnel, say a network or the internet, your connection to that resource is not end-to-end encrypted, because the encrypted tunnel stops before the "end".

I'm using it like this
wg client -> internet (isp nat) -> home router (wan to lan nat) -> wg server

I would like to avoid DPI on the isp side, any anything in between

You're not going to avoid DPI (they'll know it's wireguard), but they can't decrypt the connection or view the tunnelled contents in that scenario.

So, am I safe in my current wireguard config?

If all resources you're accessing are on the Wireguard server and nowhere else, and that server is secure? Sure.

big brains only

Another example of not end to end is a single wire guard host at let's say Google cloud or AWS and clients that connect to that. By default of one of those clients connects to another it is not end to end encrypted, but instead end to host then host to end encrypted.

Because it's decrypted in the middle on the wireguard server yes

Whether or not that is an unacceptable security risk depends on your needs and ability to secure said wireguard server

Hypothetically you could set up another second layer of wire guard to get end to end encrypted.

"end to end" is misused a lot in marketing for consumer apps like chat or document sharing. the thing you should be worrying about in the context of networking infrastructure/wireguard tunnels is whether the traffic is visible to untrusted parties

you have to understand your actual threat model. if your traffic is encrypted everywhere except in memory by the wireguard server you operate, you probably shouldn't be worried

truly end to end encrypted traffic is important if your traffic is passing through someone else's infrastructure and you don't necessarily trust them

Wdym by safe

Because just raw https can be considered safe

It's my home lan

i use a local unbound container for my dns queries

So I just want my dns requests and all traffic to be not visible, save for the target

Just use DNS over https

If that's your goal

Not just dns over https, all the other protocols too

Yep, that's what's happening. Phone -> isp -> home

i don't think that's what's happening. what i mean is that your traffic is not technically end to end encrypted, but the only place it's not encrypted is your own infrastructure

if you're trying to use your home network as a vpn relay and then the traffic is going back out through your normal connection over HTTPS to the target website, it's meaningless anyway

are you trying to use your home unbound container?

I can tell you that most ISPs are not using DPI on customer traffic. The cost to do that at scale doesn't make sense. When it is done, it's offered as a paid service and usually only for business customers.

At most you're just obfuscating your traffic from netflow as it's just going to show the tunnel endpoints.

also depending on where you live there are pretty strict data laws on isps

I see

I live in the country of asia

That's not a country

ProtonVPN custom DNS doesn't work 😐

so you want to connect to home in which it is connected to a different ISP in same country? or different country?

Well, both

If I travel to a country whose government dastardly bans vpns, I need a way to obfuscate the information

yo Im trying to study for comptia network + exam N10-008, does any one know any good resources?
[4:11 PM]
or where I can get free exam study guide?

Anyone use Netgears "insight"

@clear igloo @peak cloak I almost accidentially shutdown both DNS servers at home lol

Couldn't figure out why my new phone stopped connecting to my home WIFI after a few weeks of use, turns out it is set to randomize MACs on each connection and used up all of my DHCP address space. Guess I'll have to drop the lease time, but clearing the old leases is a pain.

What phone

@feral cipher

Pixel 6. But I'm testing GrapheneOS on it so that may not be a default function. I think stock android randomizes the MAC but keeps it the same each time it connects to a certain network. Graphene defauts to random Mac every time but you can change it per network.

yeah I know stock Android and iOS just do random MAC per SSID

Yeah I changed it to not randomize on my home network but I still have to clear the old leases. And I'm (unrelatedly) probably not gonna stay on graphene but try Calyx instead.

Thermal soak testing modem

24 GB?? dang

cries in 500 kb/s - 1 mb/s

sheesh

sheesh

SaskTell is supposed to come put in direct fiber next month for symmetrical 2GB

But its the third time they have promised to come out so im not hopfull

lol, i live in the uk my isp is a virgin. so i got the 1gb fibre package

Thats your "1gb" plan?

I wish I could get affordable symmetrical fiber

Because it's that or $109 for 100mbps down/40mbps up, everything between is priced in a similarly useless way

I'd say maybe in 2040

Welcome to NBN

You can get 1000/1000 on other provider.

thats affordable. its a business product, afterall

Yeah but there is no consumer product

The 2G is $135

But its costing me $1200 for the line

Other providers are much the same because they all resell the same product

Even 100/40 is now classified as a business service, pricing is pushing consumers to 100/20

Its crazy how variable internet cost is from place to place

because the bulk of the cost is the physical link

crazy how variable costs are Not really, it was highly political in Australia so they rolled out VDSL+HFC on DOCSIS 3 instead of fiber, crippling our digital infrastructure

they did this in the US too. they got money for fiber and all they did was to the curb and then convert to vdsl

The US has far greater percentages of people on affordable high speed plans

ATT has been running fiber for years and claiming "in your area soon"

It's not even close

@hollow marlin comcast is doing 200mbit up and my friend is all excited asking if im getting it. No. 10mbit up is fine why would I pay more and be required to use a comcast modem?

Mine is over a 1 GB and it all depend on the type of modem and router you are using. Configuration is the "KEY"

I have 1000 Down and like 100 Up

Depending on locations of Provider

Ye

this is just to start with b/c of the issues w/ coam equipment supporting mid split

it may still require the xfi complete addon but the intention isn't to gate it behind actually using the rental gateway