#networking

i went in and out quick lol

what is that though the hub for the entire building ?

the box?

yes

it's just a splice cabinet I think it's called?

no electronics at all in there

Find your neighbours cable and unplug it and watch them lose their mind

lmaoooo

TCURIDIN

if you plug a switch into one of the routers port, do the ports of the switch share the bandwith of the one port on the router?

yes
but if traffic is between devices connected on same switch (example: nas and pc) it doesent use bandwidth from switch to router

Yes because it's limited by the link speed between the switch and router

Should be gigabit

so a router with 4 ports is better than a router with one port with a switch attached to it

the second one is better?

if the router has enough bandwidth from the internet provider

pls help

Ok I got a netgear 5 port switch from walmart https://www.walmart.com/ip/NETGEAR-5-Port-Gigabit-Ethernet-Switch-GS605NA/3910252
Before the switch I had 16-18 mbps, now it is down to 9-10. I have a pc and a router connected to it. Any reason why it dropped it in half?

Bandwidth is limited by the slowest link. If you have 1gb Internet and 1 gb LAN to your switch- clients see no difference in speed. Same with a router with 4x 1gb LAN ports.

but if it has 2gb, the second is better, right?

each of second has 500mb and in first one only gigabit port of router so 250 mb, right?

Yes if the LAN PC’s are on 1gb. You can have 2 computers saturate the 2gb WAN link

But you can solve that by getting a router and switch that supports faster LAN speeds. Lol

what do you mean with 2gb wan link

WAN = the link to your ISP/Internet

If your WAN link is gigabit there is no difference

Most routers have an internal switch

WAN technically means “Wide Area Network” and is used to refer to a bigger network - usually one you don’t have authority/jurisdiction over.

if i want 6 lan ports, a router with one gigabit port attached with a switch with 8 ports is worse than a 4 port router with one port attached with a 4 port switch

all ports are gigabit

Depends, it really isn't much of a difference unless you are doing internal lan transfers

Only real difference is if you are transferring large files between LAN devices and for that you would want the two devices on the same switch

As to not saturate the uplink

i only want them to have internet access, not local transfer or something like that

in first case the devices would have 1/6 gb

Then practically there will be little to no difference

No

That's not how it works

how then

if you are using a switch, and there are no other devices doing anything intensive you will get basically gig assuming internet speed is gig

one gigabit port on router, a gigabit switch attached to it, 6 devices attached to the switch

each device?

Not if every device is downloading

if they are working parallel

If they are downloading at same time then yes it will get somewhat split

You are limited by internet speed anyway

The gigabit uplink from switch to router won't be the bottleneck

ok..

of internet provider

the tarif

?

@granite oak Let's visualize this a bit.

Find the slowest link from a single device to the Internet.

In this scenario, there is no "slowest link" because no matter which device is used, or where it is plugged in, they all have to share that 1Gb link to the Internet.

I could have drawn that better. lol. I just realized I didn't connect the external switch to the internal switch. doh!

i love the 3 legged network robot overlord.

How do I find the "bind_address" to create a local ssh tunnel

@waxen saddle thanks for your explanation, i appreciate it very much, i just wanted to make sure i understood everything, but now i get it that practical it doesnt make a big difference since fiberoptic 1gb+ internet isnt going to come in the distant future

Hello, I have an issue, where I have a pihole dns server on my lan, and I want it to be accesible externally from my domain, because android does not support entering an ip as a dns server.

Running a public dns server sounds like a recipe for disaster

You mean a domain as DNS?

i think they mean a public dns server with a fqdn

we're learning about DoT/DoH in #linux

So the onboard ethernet on my new $700 motherboard loses connection every few seconds and then reconnects again. Turns out the Intel I226-V controller is a known POS. Fantastic. If I had known this before, I'd have sent the damned thing back. But now I'm tired of having to tear this new build down over and over so to hell with it. I'll just get an aftermarket controller. Question for you guys... USB 3 ethernet vs a PCIe card? Any particular reason to go with one over the other?

It's a MSI MEG z790 ACE btw. Forgot to mention that.

i tink that might be covered by rma since it isnt functional
but for nic-s, always get pcie ones as you eliminate usb overhead

Yeah MSI wants me to do an RMA for warranty repair. I'm not shipping the mobo out for 3-6 months for them to fix it. If anything, I'll return it for exchange with the retailer.

yea return it

i would if feature on my mobo wasnt functional

Just a PITA

yup

but intel cards are usually top tier

https://www.fudzilla.com/news/network/56196-intel-s-i226-v-2-5gbe-ethernet-controller-might-have-a-design-flaw
looks like I226-V and I225-V are a no go

Sadly, Intel seems to have managed to push it into all the z790 boards

are you pushing 2.5g on it or just gigabit

Just gigabit

Hey guys, I've noticed that while I'm downloading steam games that my download speed increases to 22.4 and then simply just drops significantly. It doesn't feel normal. I've got the download region set to my country but It still seems quite inconsistent, does anyone have a fix to this by any chance?

Went to Amazon to order a basic PCIe gigabit NIC. The one I clicked on showed "last purchased Aug 12, 2015". I did? Checks memory banks...omg I did. But I never used it. Isn't that box right here in my desk drawer? Yep. 😆

Quick Question, I'm not too aware of networking hardware but what's a PCIE gigabyte NIC?

A network card that plugs into the PCIe slots inside your computer. Same kind of slot your video card goes in.

They're not too common these days because most motherboards have functional onboard ethernet.

nic means network interface controller/card
gigabit means its capable of gigabit speeds (1000 Mbit/s)
and pcie means it connects to pcie expansion slot

problem solved

@clear igloo There's no way to pull config from a switch with no password-recovery right

Without the password ofc

Correct

fuck lol

If you try to enter rommon and hit 'n' to input the password then it wipes the config

and the flash I believe, trying to remember

I have no clue if this switch has any VLANs configured

I do see it brought up a Management VLAN1

*Jan 2 00:00:52.269: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan143, changed state to down aw fuck it does have VLANs

Wait, Will a Cisco switch only show that for VLAN interfaces with management/IP configured on them or all VLANs configured @clear igloo

All SVIs

So it only has Vlan1 and Vlan143?

layer 3 interfaces, yah

oh fuck

@clear igloo All of the ports are Vlan143

Nice

Except the two SFP/RJ45 ports which is a trunk

Nerds

@clear igloo Never mind this switch is stupid

it's fast ethernet not gigabit

lol, rip

Is there someone who would be willing to help me with a problem getting additional ethernet ports for a school eSports team without spending thousands of dollars on hardware for a managed network switch via the red tape and "authorized vendors" nightmare that the other coach and I are battling with now?

cant you just get CRS326-24G-2S+RM for 200 ish dollars ?

@rocky badge XD

Can it be donated? As "sporting equipment"?

I have the same motherboard.. There is a firmware update for it that resolves it.

We have to buy through approved vendors who have exclusive contracts with the school district.

Does anyone here have any experience with using ethernet to send a 4K60 signal from PC to TV?

Sounds like a people problem, and not a tech one.

Not really in our scope, though I'd wonder how big of a kickback the people at the top are getting

I've looked on the MSI site. No luck there. Got a link?'

thats a good thing, you can get premium gear for 80% off

if the premium gear at 80% off is still too expensive then IDK what to say

hi sorry not sure if this is the right chat i was wonding if anyone knows how to make a vpn like psiphon if you do not know what psiphon dose i belive it uses exposited ports from a cell phone provider/ sim card and basically give you free internet i want to make my one

So far my experience with such contracts is that everything costs 5x as much

But perhaps the people I've worked for in these situations are just poor negotiators.

Hey, does Google WiFi mesh connect through powerline? In other words, would it matter if I connect it directly to power outlet or extension cord?

so essentially, I have no use for a PCIE Gigabyte NIC if my motherboard comes with a gigabyte network port

its not gigabyte, its gigabit
and you can use whatever pcie card with only restriction being driver support

im done with this router, it crashes a lot and gives this error message [Critical] Reset reason: out of memory!, Reset time: 2023-01-24 15:03:49 Terminal: ERR-TERMINAL

this thing?

yeah lol

you could switch it to bridge mode (basically making it a modem)
and then connect a good router to it

i can't because it's the fiber gateway that came from my internet provider

call them

i'm just a 17y old and i don't have enough money to replace it with a newer one

i am sure if you complain enough to them they will send a technician to replace it

I installed a new PC and now my ethernet cable cannot be detected when i plug it in

It used to work on my old PC can anyone help

install drivers

i've done it now, it wasn't the drivers

does network controller get recognised in device manager?

For the life of me i can't find it. As a temp solution try fixing the port speed on 1Gbps on both ends if you haven't worked around it yet. I'll keep looking, i went through a different vendor (neither MSI or Intels website for the update. i think it might have been asus, but i haven't found it yet.)

Disclaimer: I've posted this in #linux already -
Right - can anyone help with some iptables rules!? Trying to get just a Ubuntu 22.04 VM to do NAT'ing - enabled ip_forward in sysctl.conf and done a sysctl --system on the machine to do the NATing, disabled UFW:
ens3 is the "external" interface, that can access outbound no problem - IP of 192.168.122.228
ens4 is the "internal" interface, that has an IP address of 10.10.0.1
routing table on routing VM looks as follows:

default via 192.168.122.1 dev ens3 proto dhcp src 192.168.122.228 metric 100 
10.10.0.0/24 dev ens4 proto kernel scope link src 10.10.0.1 
192.168.122.0/24 dev ens3 proto kernel scope link src 192.168.122.228 metric 100 
192.168.122.1 dev ens3 proto dhcp scope link src 192.168.122.228 metric 100 ```
Created x2 iptables rules:
``` /sbin/iptables -t nat -A POSTROUTING -o ens3 -j MASQUERADE
/sbin/iptables -A FORWARD -i ens4 -o ens3 -j ACCEPT```
Another VM on the same network with one interface on `10.10.0.11`, it has its default GW set to `10.10.0.1`, it can ping it no problem, routing table looks like
``` root@node01:~# ip r
default via 10.10.0.1 dev ens3 proto static
10.10.0.0/24 dev ens3 proto kernel scope link src 10.10.0.11```
But cannot ping anything externally... i.e. in the `192.168.122.0` network or anything further than that
Am I missing something?! I swear I've done this plenty of times before and I've never had an issue, but probably not on 22.04, probably CentOS7 or something... Is there something else that's likely to be dropping packets?

it might be that forward rule. I dont recall ever needing to make those and just put it as default accept

if the iptables tables are all default accept the masquerade rule and ip_forward should be all thats needed

I've kinda figured it but I'm not 100% sure what's actually different 😂 I've made it as basic as possible that I know how with just:

iptables -t nat -A POSTROUTING -j MASQUERADE```
and, kicked everything and it started working - odd thing is I'm pretty sure I tried this previously. I'm wondering if other things were going on

but all working fine now - I wonder if there was a packet black-hole somewhere in the bridges that back those networks... After kicking the networks, everything is now working as expected.

Thanks though!

So I just watched the LTT YouTube video where they set up the server room, networking and stuff. https://youtu.be/TzntUW34bv8

I’m curious if anyone could give me advice on where to learn these kind of skills and knowledge. I’m getting my computer science degree right now but am interested in learning more about networking and how setting it all up works.

Is there any certificates/courses I can go through that would teach me. Or if there is any way to teach myself how to do it all, what would the be the best way to go about this? Any advice is appreciated.

My end goal hopefully is to do a home server project where I set one up for my home to practice, have fun with, and even show employers.

Basically everything ltt does not best practice and jank

But you can just checkout r/homelab which is how I stated

With mc server

Who here is familiar with coaxial networking and MoCA adapters? I've got a setup that I need some help/advice on.

Quick bit; Trying to connect three end points to a main router, originally had two working fine, but adding a third does not seem to work at all.

I'm somewhat knowledgeable on MoCA, what's up? 🤣

What's your setup like?

keep in mind moca network is like a hub
more clients there are more congested and collision prone it is

Thanks-

I'm using an Asus Zenwifi router connected to a frontier FCA252 adapter, that's from the upstairs, the coax cable goes downstairs to a nest of cables.

From there I split back up to a "den" room to another of the same FCA252 adapter to a Zenwifi AP.

Split in the same spot to a basement Zenwifi repeater.

This is in a home. Not an apartment thankfully, so the number of clients should be all that I add.

Have a picture you can send of the cable nest?

One moment.

No problem

There was a grand total of three tags for all of the 10ish coax lines

Can you take a close up of the splitter they’re attached to?

On that - I've tried three splitters

Lemme send you pics of all of them

👍

You need to make sure they go above 1002Mhz

2nd pic w/ three, the two way splitter was working for the original setup, 1>2

Interesting that the two way splitter was working.. normally splitters rated for 1000Mhz don't work well with MoCA.

¯_(ツ)_/¯

Do you have active DirecTV or cable internet?

Cable internet. But not to any of these lines.

The MoCA network is on a separate line

Is the input of the green splitter the main router line?

Correct

I ran that line myself

You mentioned 3 MoCA locations, what's that 4th cable on there?

So, I was hoping to run another client to my room.

There should be a total of 4 MoCA adapters, 1 to the router and 3 for client endpoints

Hmm. Are any of the MoCA adapters working right now?

The main router and den

why not just run cat6a?

What output number is the den

Possibly out 2? (I'd really need to label these..)

And have you checked if the coax is connected behind the wallplate?

For the ones that don't work

Yes, the coax is connected.

The one in the basement has never been touched outside of the original 1>2 setup

Only thing I can possibly think of is the splitters..

Either the splitters or the coax fittings (less likely)

That's my thought too, could it possibly be just enough signal loss?

I doubt it IMO. You could also have the line splitting to another location in the attic or somewhere?

Wdym?

Sometimes builders/cable techs will split a single line in an attic space or somewhere before it reaches it's final destination

Possibly? But all the lines I'm using run under the floor.

Yeah, i'm not sure man. You could try a new splitter and see if that works. Have you tried changing the MoCA frequency also?

I did. I tried 1G on the adapters and none connected.

Do you have a recommendation for a splitter?

Yeah let me find it on Amazon

I got all these with maximum frequencies of 2.5ghz

You could also try a MoCA Amplifier if you think it's related to signal loss

Can you recommend one of those if you can find one.

Yeah, give me a sec

I've been going at this for like three days and I'm ready to throw some hands at some electrons

https://www.amazon.com/BAMF-4-Way-Splitter-Bi-Directional-5-2300MHz/dp/B017T9KF1S/ here's a non amplified splitter

Let me find an amplified one

https://www.amazon.com/CommScope-CSMF1APDU9VPI-HomeConnect-Amplifier-Spectrum/dp/B07TN963JJ/

Good thing about Amazon is that you can always return it 😛

That's for sure 😂

With the amplified one, do I need the splitter? Or is this the splitter basically.

It is the splitter basically

Thanks, appreciate the support, I'll let you know if I get any headway.

ok i need some help

so can a netgear 5 port switch cause micro ping spikes?

There's nothing special about Netgear or 5-port switches.

That said, it depends on what you mean by "micro ping spikes" and if you were sending bursts of traffic from other hosts on the switch that exceeded the throughput of your uplink/target port

The simple answer that probably answers your question is "no".

I have a question I feel like people in this channel will most likely know the answer to, its about cyberattacks, do I asked it here or would it be inappropriate?

^ When the essay have a word count so you say random sht

Causing them? Preventing them by application hardening and dependency monitoring/removal, configuration, credential and permission management, architecture?

You prevent cyberattacks by making the techniques used by them not work, and there are lots of ways to do that and they all have differring consequences and results.

You execute cyberattacks by finding new techniques which are not yet protected against by a target or targets

Migrated my Dropbox to a hybrid local NAS and remote AWS hosted backup today. It made me take a more serious look at network security and protection, along with establishing a VPN specifically for the servers

ok

Which one is better for a storage server?

Realtek vs Intel

https://www.amazon.com/dp/B07SNQ2NQ1
2.5 gig one

I don’t really need 2.5

I have 2.5 on my motherboard and I only use 1 gig everywhere else

I'd probably prefer the Intel one for its familiarity.

Should just work

Alright

connect nas to pc directly and set that link as higher priority

I'm sure the Realtek is fine, I'm just not as certain it'll just work

It’s in the same tower

I run the nas through hyper-v

ah

understandable

I got wifi but it’s a pain

virtual 10gig

Why bother with it being a VM?

With the nic I can get the vm to to start automatically when I boot into windows

It was easy to setup

you know you can create a virtual switch

So is Windows filesharing

And I want it separate from my main os

It won't be truly separate as a VM

Tried, too much of a pain and I can’t monitor it easily like I can with truenas

And I mainly access it from my mbp

And the virtual switch is hell to work with

idk why people keep saying Windows filesharing is hard... Right-click a folder, set advanced sharing to permit a user that has a password, set ntfs permissions to permit that user in the security tab, you're done.

I tried and for me hyper v smb is just easier

Takes me 30 seconds

here
i set that up on laptop, used it right after setup to transfer ~100 gb, and it didnt work since
i didnt try to fix it due to not needing it but yea

Remove the share and repeat, or check if the user has a password (mandatory)

maybe its due to ip adress changing but idk

That or you're not connecting as the right user

Might by trying to auth as the other machine's logged in user

i have set it to everybody and just use device password

Well overall what is better

Realtek or Intel

Is it worth the extra money to go intel

you can get this and get extra ports to experiment with https://www.ebay.com/itm/275663038036

If it's the same system why not use a vswitch on your existing 2.5gbe port?

Like I said it messes up stuff and becomes a hassle

Can’t buy from ebay, in a dispute so my account is closed right now

If you want this to not be a hassle, buy a separate NAS

bruhhh

For what though, I got plenty of extra resources on my desktop that Isn’t utilized most of the time

So running a mini nas in the background for my mbp doesn’t hurt

Use whichever

If it works on Windows you can use it

Well my main question is if intel is worth the extra money

just get the cheapest

Alright

It’s why I only buy Windows Pro.

I didnt know that was a windows pro feature, but Ive always used it

I’m looking to build a decent network / server rack for my house. Mainly because I do a lot of editing and archiving. And would need Wi-Fi 6 / 6E. Would Ubiquiti be a good way to go for the networking side of things?

It's good for prosumer, bit pricy

Bit pricey if it's just standard networking going on, netgear have some nice 6E access points.

edit: I take that back, they have some fairly well priced ones.

I wonder why I cant reach the internet

oh well thats why

hard to spot but it make me want to punch my display in the middle of the class

why no dhcp?

Can someone recommend me a good networking cabinet that can do both shallow and deep. Aka can fit network gear and deep enough for a fully fledged server 2u and 4u server chassis

iptables - two rules triggering at the same time. One rule ACCEPT, the other REJECT. How is that possible 👀

Happens only with wireguard server if I use uid-owner match. The matched user cannot ping allowed interface + allowed IP range

I would honestly recommend looking at local listings on fb marketplace or similar, that's where I got mine at a good price

new can be expensive for home

I don’t mind going expensive as this will also be hosting my servers and websites for clients

I would not recommend hosting critical things at home

It won’t be coming from my home network.

I made a typo in the gateway IP, instead of 233 I type in 133

So I can ping the gateway but not the internet

what is the most effective way on getting a new ip address

Like new public IP address? If your ISP uses dynamic addresses (DHCP), which is fairly common for residential accounts, then you could try resetting or unplugging your modem. You might have to leave it unplugged for a bit until that address assignment expires.
If you have fixed IP, then need to contact ISP or get a different one.

anyone have some recommendations on videos I can watch on subnetting and TCP/IP? I've got an entry level IT job interview tomorrow and even though I don't think they're going to want me to be an expert I at least want to be somewhat prepared for any questions regarding networking.

None, I find videos too slow for my tastes and many are full of rubbish

I'll just look around and maybe read some things too, I know basic things like on a network with a subnet mask of 255.255.255.0 that there are 254 usable IP addresses on that network, or 253 not including the default gateway

I also know that a decent portion of the time things are configured automatically through DHCP but that stuff is important to know in case I have to assign a static IP.

Subnetting is easy - it's a bitwise mask your network devices use to tell the difference between local (send directly) and non-local (send to gateway) traffic. CIDR netmasks are usually my preferred notation and just indicate how many bits are "non-local" so /16 is "if the first two octets don't match it's non-local i.e. 255.255.0.0" and a /24 is the same for 255.255.255.0

Usable IPs is (bits^2)-2 and for ipv4 usable bits is 32-cidr netmask

gotcha, I've seen that notation used when I was poking around on my home network with nmap

TCP/IP is not a one-day thing to learn lol but knowing the first four layers of OSI for troubleshooting never made anyone look less competent

I look at it as layers

layers on top of layers

So does everyone?

I suppose people that know it, but people who are learning?

by "first four", I assume you mean physical through transport?

Yes

and not just memorizing the layers, but knowing how they work with each other

And what does what with them

Yeah I mean just memorizing the names doesn't really do much for you, does it? If you're troubleshooting you have to know the functions of each to be able to get a good idea of where something might break.

Thanks, knowing the scope of what I should know is really helpful

is this switch any good if I need something to just hide in the closet and forget about it?

I need it to split one output from modem into 3

Try and get a gigabit one if I were you - they're not much more for an order of magnitude greater performance but otherwise it'll be absolutely fine.

You need a router if it's a modem with a one or two ports and doesn't have built in router functionality

Yeah, if you literally plug one output of modem, but I've not known of many that legitimately don't route/NAT in the last 10 years?!

There are ~~dozens ~~hundreds of modems that have no router functionality you can buy standalone for coax

Haha, I'm so used to the UK, you've got to specifically try and get one to avoid double-NAT!

Infact, trying to find JUST a modem is actually difficult

Yah, you guys have DSL over there mostly

Yeah, either basically it's either DSL or FTTH

In the US/Canada it's a lot of coax which uses (not dial-up) modems which are a huge industry here and those definitely are not something you want to plug a switch into. You'll get 1 public IP on the first device to ask and then nothing for the others

and even the Coax-over-old-cable-tv-shit mostly come with NAT devices

I didn't notice the URL from OP was .ee though, not 100% sure where that is off hand

Estonia?

No idea what the standard is there

Yah, just checked, not sure myself either on the standard. Definitely need info on a model of "modem" they're talking about 🙂

😄 Yeah!

But I also agree on the gigabit switch though

router is at the end of one of one of the cables

Then you'll need to hang the switch off the router but definitely go gigabit if possible

The router is at the other side of the room

and the cable going into my room is in the same closet as the modem

That won't work, you get ONE IP, your computer or router, the first to ask for it will get that IP and nothing else plugged in will get connectivity to the internet

what If I put another router at the end of the cable

unless the ISP didn't set it up correctly, but I highly doubt that's the case

It needs to go modem > router > switch > everything else

put router next to modem, then if you need wifi, add an Access point and/or switch for ethernet

This is the way

This is unmovable, or i am moving the TV box and living room tv

is the router also the TV box??

no but it has to be connected to the router straight

according to isp

by ethernet?

Does the modem/router have WiFi?

router does have wifi

If it has WiFi you've got a very strong chance it's doing NAT and you'll be OK just plugging a switch in.

idk much about IPTV but pretty sure that can work over switches with proper config

on what end?

there is no way I am towing the cable already deep in wall to the living room

Anything after the router (whatever device has the WiFi aerials)

ehh darn it

stupid elisa

ok, i guess I will ask the ISP for solution with their stupid system

it was their idea to lock us out of the router settings and disable 3 ports out of 4 on the modem

hmm yeah, sounds like they switched to modem mode with no routing!

and phobia of end users changing settings apparently

well, that's shit

ima pay them a visit other day

Well only allowing one port makes sense on modem...

It's not a router and you dont have a business plan for more than 1 IP

fair but how much it is to ask to have wired internet in my damn "office"

Well you have to set it up correctly, it's not just a matter of connecting cable to cable

has anyone ever set up a wireguard server that can use 2 external IPs? sort of like load balancing between two ISPs

I see no reason why you can run wireguard on a server with 2 interfaces. 2 IPs and have some clients connect to each IP. It won't fail over if one interface fails, because the backup is a different IP. It won't load balance, but it will reduce the load on each interface.

If it can’t load balance.
Then what do you call spreading the load into multiple

Load balancing typically involves routing on a per-packet basis based on certain criteria. The “load balancing” described is per-connection. So if 1 interface dies, all the connections on it fail.

Or am I thinking of LAGG?

Load-balancing per-packet died out ages ago due to out of order packets. Load-balancing either L2 with LAG or L3 with ECMP is always per-flow. At least in the professional world it is.

I know these are not mean to be outside but has been fine for years but go filled up with water from a pressure washer but a little bit of cooking in the air fryer and she lives on. add new water drainable holes on the case xD

Usually load balancing also includes failover

I had limited sucess with utilising multiple connections by simply pluging both into pc and letting windows handle it, tho it only worked for steam and torrents

Fair but does it have to be connected straight to router? It would be optimal that it has straigt connection to tv box

I could in theory make them move the router but it means gettinf rid of clothes up there

Are your clothes connected through wire or wifi? Think you can move it up

Just a warning, but when people cook PCBs there are vapors that get in the air that are not good to consume, so that cooker then becomes only for PCBs. This is done so that the dangerous chemicals used in PCB making do not get into the food.

It was only 50degC.

Only the plastics have any chance of cooking off at that temp (and probably not even)

50 degrees won't cause much of anything to happen bar it drying off

Most modern load balancers work at layer 4, accepting inbound TCP connections (mostly http/https) on the outside interface(s), and distributing the connections to one of the available servers on the inside interface. If one of the backend servers goes down, the LB detects that, and stops sending new connections to that host.

It's not common to load balance at the packet level. Doing so at the WAN level will inevitably leads to packets arriving at the destination out of order, which causes worse performance due to retransmissions.

Even ethernet switches with bonded ports (2 upstream links) will hash the sender/receiver's mac addresses to determine which upstream trunk to use, then it will use that same trunk for all of that sessions packets. If one of the uplinks dies, all the traffic gets sent to the remaining link.

Lets see how long it lasts lol

lol, don't think my parents would let me without any bullshit or talking to them for hour

Ah. I was mistaken about LAGG then.

art-net controlled pixel mappable suit is wireless🙂

What ethernet cables do you all recommend? I'm looking for a good quality CAT6A or CAT7 (recently upgraded to fiber internet), and I'm getting major sketch vibes from Amazon.

(this needs to span 75ft)

I buy premade cables from monoprice. Haven't had any problems with them.

monoprice's search engine leaves something to be desired, doesn't always reveal what I'm looking for the first time, but ethernet cables, they have everything, at any length.

Well considering that Cat7 needs to use TERA and not 8p8c connectors to be in spec, don't bother
Anything that's Cat6 or Cat6a and not CCA based cable is fine

monoprice and cables2go are my usual sellers though

Yeah basically all cat7 cables you see are not up to real cat7 spec

Cat6 is perfectly fine

nowhere because nothing uses TERA connectors, or nothing at large does

Yah, TIA/EIA skipped over Cat7 completely to Cat8.1 and 8.2 which does 25g and 40g respectively, although nothing uses 8p8c 25g or up anyway so it's useless too, lol
ISO was the only certification body to ratify Cat7

Besides, aren't cat6a cables really expensive, compared to cat5e? Does that mean cat7 cables are even more?

Cat6a really isn't much more, if any more, expensive if you go UTP but can add up for F/STP and the like

whats the difference between 6 and 6a

6 does 10g up to 55m
6a does 10g up to 100m
both do 10/100/1000/2500/5000 up to 100m though

i see, so 6a was just a change to the signal integrity over long distance

yup

Basically what every increase in spec does

You can do 10 gig over 5e over a short distance

how far can it go? like 10m or something?

If you're lucky, possibly

probably depends on electrical interference and other things like that

Bingo 🙂

i get a solid 900 mbps download speed but yet I never download anything above 100 really, most things are capped below 10 and for some services like steam it only downloads game below 100

does anyone know why

same. I dont have the patience to make 24x 1' cables

@clear igloo one of my jobs made us make all of the patch cables

they finally bought premade after a while

@rocky badge progress on static IP?

When I worked for the phone company (Cingular) we made our own too. But it was all 10/100 back then

none

Cat5e cables, as I understand, are much more difficult to make and pass testers

sounds like your e-sports manager needs to open an internal ticket

Oh I haven't even asked him yet lol

just because your network has that bandwidth does not mean that your storage has that insane write speed, and or your cpu doesnt have the horsepower

also depends on the servers from whatever service youre using

i have the same bandwidth at home and i also rarely see above 200, i can sometimes hit 150 in steam

but usual is between 30-100

im on the fastest server and my pc is really good

still doesnt mean youll get anywhere near that bandwidth. theres a difference between bandwidth and speed. if your computer downloads at the full 900, no one else on your network will get any speed for themselves.

if youve seen linus's videos about the 10g networking, even his download speeds were around like 300 iirc

youll only really get those kinds of speeds when transferring files locally, like from a nas

Steam reports in megaBytes

Speed tests report in megaBits

i have do not buy list rather than a "reccomendation" list
do not buy list:
categories above cat6a are useless for home use
do not buy cca cable (copper clad aluminium)
if you will crimp it yourself get one with 22awg wires

CAT5e cables are very easy to make in my opinion. Just don’t rush and it’ll pass a tester no problem. CAT6a cables though are significantly more difficult to crimp.

yeah cat5e is easy af, i had to terminate a lot of it recently

Yeah just minimize how much is untwisted

Passthrough help with that

Or the ones where you have a little plastic thing that then goes into the plug

yeah we used passthrough

although majority of it was keystones

i volunteered to help my companies IT department with installing the network infrastructure for the new building that we moved into

so it was A LOT

as it should be...

yep

bits vs bytes

@peak cloak @clear igloo I found out why my university chose lumen

yo hello why my download speed drops from 60mbs to 0mbs

because the server you're connected to for your download is die

Why is it die

heyyooo guys, so i'm dead serious i've got too much ram like way to much over a few terabyte of ddr3 ECC ram so if anyone need ram DDR3 for server i can do some cheap deal, i don't need to sell this asap for like 1$ but i really need some space and all my server stuff is taking way to much space ofc by paypal and no fnf

https://cdn.discordapp.com/attachments/363700017216618497/1073065245704208414/Snapchat-1429032508.mp4

i've got all kind btw

some HPE one or Dell one or any other brand

but mostly some HP and dell branded stuff

it's only some 16gb stick btw

and this is an exemple got like a bunch of stacks of these

$10

wym by 10$ ?

😒

$9 and 100 cents!

I don't have any DDR3 server platforms, went from DDR2 to a bunch of HP desktops to DDR4 and not having anything I want to run

@clear igloo til Microsoft uses Dell for campus switches

And they switched to FS because Dell is delayed to much

until they find out FS is using that as advertising likely without consent XD

I’m looking to extend my Wifi range by using an Eero mesh router + extender system. Is there a way to connect the extender to the router via a cable (ex. Cable from socket?)

Probably, what model?

You could do this quite cheaply using an ordinary access point by the way

Would prefer a mesh system for the one single network

You can still achieve that though it's a little late once you've bought a mesh system

Pro 6E

You use a controller/use APs that support that anyways

I also bought it for the integration with some of the devices

Like Alexa that acts as a extender

Mehhhhh

Seems so.

https://support.eero.com/hc/en-us/articles/207548436-Can-I-connect-my-eeros-with-Ethernet-

Makes sense, thank you

No problem.

I haven’t bought it yet, what are the other options?

If you already have the cabling you can use Ubiquiti UniFi, Mikrotik with capsman, TP-Link Omada seems popular with a few here but never used it

Ubiquiti and TP-Link need special software controllers you have to run on a computer/buy their box to sync everything up, Mikrotik you just run it on one of your Mikrotiks and that can be more involved

Up to you, the Eeros will definitely work and can be a tad less complicated unless you're fine just entering your settings into each AP each time you want to change WiFi settings

I think I will choose the eero, but I’m a little confused. I currently have a ZTE Router setup with T-Mobile LTE. On the setup app of the eero, it says to unplug the router and the modem, then switch the modem to the eero. Modem in my case would be the antena with the SIM card in it?

Ok, so you have a ZTE router and it has a SIM card in it?

No, I have a ZTE Router thats connected to an antana that has the SIM Card in it

Failing that just take a picture of your router and the stuff that makes your internet work and I'll tell you what you have

My setup (google picture but I have the same exact equipment)

Ok so you have an outdoor unit on the right there and an ethernet cable runs out of it?

Yes thats correct

It has SIM Card in it

How about this. This isn't really a support channel but if you make a thread in #1027757333117415424 I'll follow you there.

Sure, what should I name the topic?

¯_(ツ)_/¯

2023 tech supports

i would take but im not in us and shipping is expensive af

:(

Pay me 10$ dollars and shipping. I’ll take all of them

My funny cat pictures no work

@pseudo blade #1073243838602285086

I just got pointed at a tutorial for running Wireguard in a container.

I read it because I was curious if they used the userland build because wireguard on linux is usually a kernel thing

version: "2.1"
services:
wireguard:
image: ghcr.io/linuxserver/wireguard
container_name: wireguard
cap_add:
- NET_ADMIN
- SYS_MODULE
environment:
- PUID=1000
- PGID=1000
- TZ=America/New_York
volumes:
- /var/tmp/config:/config
- /lib/modules:/lib/modules
ports:
- 8000:8000/udp
sysctls:
- net.ipv4.conf.all.src_valid_mark=1
restart: unless-stopped

Oh.

Cool just let this container load and unload kernel modules and do whatever it pleases to the host's networking

​

Good.

Meagus do you think for my case the eero router is enough?

Cause honestly I’m a beginner and I don’t really know if that’s a good choice

I assume your ZTE router probably tops out at real speeds 200mbps or less when you plug right into it?

4G can go faster but you never hit the theoretical speeds promised

A 1ghz dual-core CPU is a bit rubbish at that price point, no dedicated backhaul radio is a big minus but that doesn't matter if you're wiring them up anyways, I'd prefer 4x4 for the 5ghz... but is it enough? I'd have to say yes at those speeds.

Yh around that

Thing is the speeds are fine, but my network range isn’t good enough

And i have to use repeaters that use diffrent network names

So need to switch networks when in a new room to maintain a good connection

Can i ask about the wiring here? I am a bit confused where my conductors go

I guess the half colored are the mixed ones, and the full one is the solid color. But I don't know if some of the conductors are supposed to go on the upper part or together 🤷

On the diagram Top 2 rows are the A wiring bottom 2 are B

So if doing B, top row would be dahed green, green, dashed brown, brown then bottom, dashed orange, orange, blue dahed blue

And none go together

And that's punch down so it's advised to get some tool for that if you don't have one

So im supposed to follow the color that's at the most bottom and top?

Not the ones that are in the middle

Wait oh, think I understand it

The half top is one way and the other half is another way to wire them?

yes

you want to have the same on both ends

Got it, thanks. I see on the other end which type it is now

Can anyone recommend a good router (work, gaming, casual stuff) with WiFi6? I bought Asus XT8, but it's disaster and looking for something that actually works, I get better Wi-Fi signal from my neighbour than from my own router ;)

There's no point replacing the router if the positioning is bad for where and how you want to use it

The XT8 is a mesh, so make sure any extra nodes are close enough to the first one to get a good signal

I had 3 routers, all in the same spot, same as PC, and one of them gave me 500Mbps, and good online gaming experience, two others didn't.

Which one did?

I don't remember the model, Sagem something, I know it does not tell much, it was bad because it did not allow me to set separate SSID for 2.4 and 5Ghz so ISP sent me Fritzbox, and then it got worse, slower DL and UL, lag in every PC game (but not in Xbox) and then I decided to buy XT8, same issues.

So I am thinking about TP-Link Deco X20 AX1800

But not sure what is good TBH.

I know wired connection is the way, but I can't, I wish I could.

Tbh separate SSIDs often mean worse performance

You'll never get high speeds on 2.4ghz if that's your problem

No, I am sticking to 5Ghz when possible, but some smart home devices work only with 2.4.

If you were getting 500mbps before, you could possibly just drop the mesh

I need help
Since I'm changing my nginx from port 80 to port 443, I need help on how to setup a private certificate on my rpi4 and on Cloudflare

self signed cert?

or one from CF?

which one is easier?

i assume CF

both are pretty easy, but from CF is more secure I guess

keep in mind CF can read all traffic

https://developers.cloudflare.com/ssl/origin-configuration/origin-ca/

like, everything?

well yes, in theory they can, and need to in order to provide CDN and caching services

they hold the let's encrypt private key for you, and that allows decryption of traffic

what if i use my own self signed cert?

doesn't matter, in cloudflare proxy mode, they act as the endpoint and are basically a reverse proxy

ight, i'll try to follow this properly if i can

with a self signed cert it's encrypted but it's not a trusted cert so in theory somone can MITM it

ok, do i need to own these two .key files from cf and openssl?

i am now on the nginx csr & ssl installation

but i haven't started doing the process yet on the nginx

wait, now i need to send the cert to digicert and then pay?

do i need to skip section 1 of this step?
https://www.digicert.com/kb/csr-ssl-installation/nginx-openssl.htm

if you have the certs from cloudflare you use those

yea, i just recently generated it

so i have to skip it to section 2, right?

ye

cool, i'll update here once i got it working or not

ok, now i got it working

before i get the lock with red slash and it seems working

i almost forgot to open port 443 on my router

keep in mind cf isn't strictly needed for SSL, you can always get certs from let's encrypt directly

i see
also, another problem but it might not be related to networking setup anymore

i can't get cockpit navigator to work outside the local network or on proxy

aside from that, thanks for the bit of help

well change the logs

2. I would advise against putting cockpit out on the open internet

what should i use to manage files without using ftp?

tiny file manager? i need to update the web server when we need to update the webpage

Does anyone have any recommendations for a proper nighthawk router from netgear that does NOT have WiFi issues after reboot every damn time?

put cockpit behind a vpn. I would only open ssh with key auth open

Currently have an RAX43

alternativly, if this is a static site you could forgo hosting yourself and use something like cloudflare pages

unless this is for homelab/learning

this is for school purposes

but one thing about tfm is that it only manages files in the root folder of the webpage

the website part or IT

which makes it safer than cockpit

IT? i only use this to host the website we make from school

sftp?

scp

or some fm plugin for it

IT as in learning webservers, and that whole process. If you are just learning html/css/js you can host on like cf pages

but for files I would recommend scp since that runs over ssh

maybe sftp does that too, not sure

which means, i need to open port and proxy it on nginx

no

nginx doesn't deal with ssh

sftp is what scp runs calls in the background

so... which means i need to use the public ip

but because PH internet is mostly dynamic ip, if my router gets out of power and then goes back on i would be f'd up

yes, if you meant that by proxying, that would be cloudflare proxying, not nginx that allows you to not use public IP

well that would happen also with cloudflare

cloudflare still points to your public IP

unless you have dynamic DNS setup

then you can just setup a seperate domain for ssh that's not proxied through cf and use that

yea, i know that and i keep changing it on the dashboard
and also, my .cf top-level domain does not work with dynamic dns setup

you can use the cloudflare api to change it automatically

it still doesn't work

?

it will if setup correctly

i've tried ddclient, and that thing on the screenshot

check the error

ah, didn't know cloudflare restricts it

I just buy domains, they are cheap

yea, i was just, frick

so, back to sftp

i could just sftp over ssh, yes?

sftp runs over ssh

but because of the complexity, the tiny file manager is just a .php file and it works out-of-the-box

but it's php...

wdym it's php...

php has been known for being a pita with security. Sure if it's well writen then it's ok. But I personally would stick with the trusted ssh protocol

it's open source tho
also, cockpit works if i just use public ip instead through cf with nginx

open source doesn't guarantee quality

lotta shitcode out there

hmmm, if things gets too complicated on the sftp setup i just fallback to tfm

Hey, are you trying to set up ddns?

and something to share on my web server, if people are trying to access my nginx with my public ip they see the welcome to nginx message
if they use my shizuvoice.cf link they will see my website

yes, i was trying to set it before but cloudflare api says it doesn't let me with my current TLD

Hmm, I wasn't expecting that haha

I wanted to share a docker-compose file which had it running in no-time for me

version: '2'
services:
  cloudflare-ddns:
    image: oznu/cloudflare-ddns:latest

    restart: always
    environment:
      - API_KEY=MY_API_KEY
      - ZONE=mydomain.tld
      - PROXIED=false

But if the tld does not support it, I dont think it will work

i don't use docker on my rpi4

It's quite useful tho

and it's 3:22am here, i need to sleep

I can really recommend docker with portainer (portainer is a management interface which runs as container in docker)

I ran it on a raspberry pi 3, it's not the quickest with downloading and extracting, but once the container is running it's working well.

anyways, good night @stark otter

yes, even someone from another server recommends me to use docket
but yea, everything is good right now with my nginx server having ssl and using port 443

good night

U can always see if cloudflare tunnels can solve your ddns issue

But I have 0 experience with that

If you read the error you can't use the API on .cf domains

After that message I also said that the solution I proposed would probably also not work if the tld is not supported. So yes, I did read it, maybe I shouldn't've proposed it tho.

I'm extremely confused. Router says my smart devices are connected, yet they don't reflect that. Can't talk to them with the app, and they're blinking, which means no connection.

How is this possible? Using a Netgear Nighthawk RAX43

I can connect when using a static IP.

But not when using automatic

Factory resetting it used to work, but doesn't appear to anymore.

Every time the router reboots or loses power this crap happens

Prob software bug

It's Netgear after all

Could also be the iot devices fault

Would it be better to just replace it?

Idk

idk where to ask but i need to make an antenna for science olympiad and is there a video explaining sma connectors and stuffs related to that 🙂

don't know where to ask this but i'm in need of help with building my own cloud NAS or using a prebuilt solution. basically, i want google drive capabilities but without paying for a subscription

specifically, i'm trying to get my volunteer group of 30-ish people to be able to access the offsite NAS (at my home) over internet (via android/iPadOS) to download and upload files onto it. unsure if i should just buy a 2bay synology nas or build one myself and use something like TrueNAS. completely new to this but I'm willing to learn.

Synology would be the easy option as a nice little box that just sits somewhere.

Have an idea of how much capacity you need?

Hi I have just moved we have internet but and a fiber optics modem but not a router I tried my
rp-ac68u extender in access point mode but can seem to figure it out is it the router?

rp-ac68u is not a router

i got my sftp working, and welcome lower security

dw, i use authentication key log in with password

idk if this is the right place to ask but uhhh

i get 135 mbps

but steam only uses 25 mbps theres no cap set and im on the nearest server any ideas why?

Steam, by default, displays in bytes (8 bits in a byte)
Have you checked the option to display in bits?

oh wait

That's bytes, 20.6*8 = 165Mbps

it worked thanks m8

Yah, it's just a unit conversion 🙂

i feel dumb now 💀

Nah, it's common
Internet data is transmitted in bits (1 or 0/on or off)
Data can only be stored in bytes (8 bits) as the smallest unit
Capital B matters for Bytes but what doesn't help is ISPS WHO ADVERTISE LIKE THIS!

my secondary AP is at 450% retries

For setting up a pc router any good wikis

Nobody ever got fired for buying ubiquiti, Mr. G

they do get fired for PC routers

@clear igloo SYN

SYN ACK

RST

😦

Thanks for replying. I’m gonna have 4+4 in parity for now.

60up 120down. I don’t mind building but I just want the users to access the files through their tablets.

"People skilled in Dynamic Host Configuration Protocol (DHCP) are following these creators. Follow to see interesting content in your feed."```

@rocky badge huehuehuehue

Alright network guru’s. Ready for an obscure one?
Wiped windows 11 21H2 pro off my machine completely.
Installed Win 11 22H2 pro and now multicast isn’t working.
I’ve tried manually setting the metric of my Ethernet to “1”, no dice.
Any ideas?

You know multicast not working is definitely the issue?

Pretty sure it’s on my computer end. I just don’t know why, yet. Typically it’s having Virtualbox installed where I have to set the VirtualBox NIC to a metric of “800” for Multicast to work again. But I don’t have Virtualbox installed.

No changes were made to my network or any of the devices that output multicast.

@meager ginkgo yay shared access mediums

nice

I have OPNsense PIA Wireguard, wondering what does Wireguard on Docker do, like would I be able to route my devices through it and do the same as OPNsense?

@south blade Relevant

Ensure you use a userland wireguard build if you must use a container

Else you're just giving a container kernel privileges and that's bad practice

If you do use a userland build, routing will probably suck

i.e. run it outside the container in its own VM or set up wireguard on your router

I'm not saying it's impossible but there will be macvlan and no kernel niceties and wheel reinventing

So I don't have long rj45 yet but I do have short one
Is possible to connect my laptop to the desktop?
My laptop connects via WiFi

Your ask isn't written well, so I'm going to assume you meant "Can I connect my laptop and desktop together with an ethernet cable I have to transfer files? Sending them via WiFi is too slow" and answer that. Yes, but you'll have to manually set an IP on both sides in the same subnet, do your copy and then change it all back to auto/dhcp so it works later.

TP Link Archer C6, will disabling QoS reduce some load on the router and maybe improve performance?

Apparently the v3's a lot faster than the v2, what's your desired throughput?

I have a v2... ISP bandwidth is 100Mbps but I do a lot of heavy local transfers between storage server and main build, often reaching close to 100 MB/s (800 Mbps)

idk if QoS affects local transfers

No, the MT7628DAT has a 5-port gigabit switch and transfers through it do not hit the CPU

Oh wait you don't have the mt7628

You have v2

It'd still be a switch

So no CPU involvement

ah ok ill leave it on then... thanks

hey guys

is there someone who could help me with mikrotik switch config pls?

Can you be much, much more specific?

Perhaps tell us what your goals are, what switch/es you're using, some specifics of your current config and what it's doing?

hi

okay so I am using a CRS125-24G-1S

and I was trying to run a DHCP server on it

but I got an error saying that DHCP cannot run on slave interfaces

I found out that all 24 ports are in slave mode

and I can't figure out why

there is no bridge or any other interface

the only thing that I managed to set is a DHCP client on port 1, which should server as the WAN port

Is your goal to use this switch as a big router with NAT?

i honeslty dont know what NAT is exactly, I am a complete novice

my intention is to use this as a router in my apartment, it should run things like PCS, printers etc. and also an ubiquiti AP

tho I also use it to learn this stuff

It can do that, but the CRS1xx switches miss out on the layer 3 offload offered on the CRS3xx switches, so it's not going to be very good at routing as it has a pretty slow CPU and to act as a home router it'll need to do NAT and everything.

Put very simply, NAT takes the IP given to you by your ISP (you usually only get one) and puts all your devices and their private IPs behind it and rewrites the "from" label on outbound traffic so the internet knows to send traffic back to your router so it can pass it on.

well actually

the switch shold be connected to a DSL modem

that was provided by my ISP

however I figured out it would be good to run the network from the switch so I can learn how to configure it

my main concern right now is the slave mode

since I can't get rid of it

Can you upgrade the switch to the latest version of RouterOS v7 if it isn't running it already?

I'm super rusty on doing stuff on CRS1xx switches as I have not touched one since 2018, but you'd add all the ports other than the eth1 you mentioned is your upstream connection to a bridge and give the bridge an IP, add the dhcp server to that. If that blows out the CPU usage when sending local traffic you need to do whatever the 1xx series expects to allow hardware accelerated switching and then do your routing from your connection to the switch from the CPU.

If your ISP expects pppoe this will perform even worse

Though if it's xDSL you'll probably get away with doing this even though the switch CPU is rubbish so that's kinda good news

Because it probably isn't very fast

It'll probably do NAT and PPPoE at 100mbps with some help

can you automatically shut down a Windows-based server when it is in idle ? via the task scheduler I couldn't do it, it always shuts down even though data is being read from the hard disk

If you automatically shut it down, how will you connect later?

i just wake it via wol

dont know if there is any better solution

Ok, so pick what you'd define as idle and check for that periodically

Is it idle when users still have active sessions?

If not, check if there are active user sessions and decide via that

Is it defined by usage of a specific service remotely?

my definition of idle in this case would be if data is being read or written to its hard disk

I have already updated it to the lastest RouterOS

I tried to bridge all the ports

or its nas drives

but I still got the same error

Reset configuration to full defaults, remove eth1 from the bridge, add dhcp client and server?

You will never get that to work because everything writes to disk intermittently, including the OS

You need a more reliable indicator of user activity for whatever services it provides.

the machine has 3 drives 2 for storage and one boot drive cant it just loom if the 2 storage drives have any activity ?

it does not have any logged in users

No, the indexer and caching will make that not reliable

well I tried to flash a complete new RouterOS with netinstall

the issue remains

Probably overkill but ok

my issue with my homeserver is that it would run the whole night without any usecase but i want the most comfort and energy efficiency as possible

i.e. when i want to use my nas it should turn on and then back of after a certain time

Can you run export terse hide-sensitive file=config.rsc, grab the exported config, give it a quick look over for anything you don't want to share and then send it here?

Make it run for n number of hours after boot then

You can create a startup task calling for a shutdown in 3 hours or whatever

this would not solve my issue then it would shutdown mid work maybe

Manually initiate a shutdown when you're done

this would require manual intervention

My final suggestion is to have your script check smb sessions if it is a fileserver then https://learn.microsoft.com/en-us/powershell/module/smbshare/get-smbsession?view=windowsserver2022-ps

this sounds like the right thing thanks

here's the other issue

I just ran into it again

the switch goes to a boot loop after I reset it

How old is it?

If it's new from some reseller, return it and get a crs326, if it's old... who knows

Mikrotik discontinued them a while back

Im sorry for the late response

I dont know how old it is

I thought a fw update might fix it

but it looks like thats not the cas

Where do I find OPNsense 21.7.7, I'm versions behind and honestly don't remember how I set everything up exactly (search and research, setup and forget), so would like to have a backup to restore incase trying to upgrade to 23.1 fails. Networking Youtuber I had been watching made it sound like it's a 70% chance of upgrade going wrong so I never did it. LOL

https://pkg.opnsense.org/releases/

I've looked on there but just see 21.7.1, that should be good enough?

Yah, that's the main release, the last .7 is probably from patches

Peak internet speeds right here in iraq

Before mine went as low as 1bps

WAIT lol

More than a year to download jesus 🤣

can somebody here check out my post in tech support and help me if you wouldnt mind

I like how someone programmed in “>1 year remaining”

hi there, not sure if it's the right place to ask. how come it's so difficult to use SMB file sharing between my Mac and PC? Is there a good NAS/network sharing system? Not sure what to Google here. Homelab/htpc type setup

now i feel more grateful for my internet i was going crazy because i have 3 gbps and for some reason my network card drops it to 1.1-2 gbps but looking at that speed makes me feel a lot better about it

Should work just fine I think. What troubles are you having?

Yeah, I can access windows no problem from Mac, but the Mac remains inaccessible from windows. I just look for some NAS software? Or just fuggit and run FTP

I have my moca set up and pc is good but is there a way to i guess split this ethernet between my game consoles and pc, just need a solution cause wifi still sucks in the back room

Unmanaged switch

Ive got my moca running to a 4 port which runs to my xbox and steam link

Just be careful about using advanced settings with an unmanaged switch (server doing stuff with multiple ips plus standard devices for example). Basic stuff like splitting for gaming pc and consoles is whats its for tho

Solves my ethernet port issue but is there also a way to get the wifi in the room for my devices that dont use ethernet port? Like tablets

You can do all that with an unmanaged switch just fine, you just can't implement isolation or do anything to traffic in the switch

There's nothing to be careful about, you just can't make the switch do anything but what it was configured to do.

I only say that because of issues ive had but maybe it's something about my config specifically idk. I just know everything goes crazy if i dont give my server its own direct connection to my modem

What do you mean goes crazy? I have a 8 port switch that runs into a modem. That switch serves a direct "isolated" connection from my LAN. I use that isolated connection for my server. Granted, it is not the up most secure server, but I have some precautions in place. I then have a VPN client connection on my router to serve some devices security and privacy and my TV to have ads unblocked and geo hop.

Like it just acted like it didnt have internet. Unraid showed i had it but then nothing else in unraid could see it. But if yall are saying it should work then i guess it was a config issue on my side. Not too worried about it now

I havent tried it in a bit because when i couldn't figure it out i just assumed i was trying to use the switch in an unsupported manner

If you've routed your network correctly from your server to your switch, it should work like a charm. If your network is routed to your switch from your modem, should be fine.

I'm guessing i know the issue between yall saying it should work and me discovering ive had my torrenting vpn configured wrong for idk how long now

Realized this morning i mixed up the everything when setting up my server and routed BitTorrent through my personal vpn instead of the real one. That may have contributed to the confusion on the network

anybody having the same issue with fiber internet? i'm on wifi but it's the same on gigabit ethernet and a pretty capable handful of devices

just on ethernet ping is better

but upload stays lower than 1Mbps

how much is upload speed on ethernet

less than 1 mbps too

literally the same

it is awful

Sounds like an ISP issue, I would call and complain

been calling since october

i tried swapping my cables, nothing

No VPN or QoS on the router?

not at all

if I reset my router, the upload goes to 70mbps, and after some minutes, it goes down to 1mbps

sometimes, right after a reboot, it still doesn't go any faster

What router model?

ISP's router

I'd almost wager that the router is getting a bad configuration file or something from the ISP but that's just insane sometimes a reboot fixes it for a few minutes and other times not but the fact it always goes back to that says something on the ISP side is the issue

made by Sagemcom

Yeah your ISP is doing this

They usually limit upload idk why

I pay for 300 mbps both ways

I've that ISP at many locations, and it's the only place it does that

Depends, cable (coax) is because of signal allocation and the fact most consumers don't host or aren't supposed to host stuff so they "don't need it"
Other times it's for other reasons to push people who need it to business plans

I mean yeah some ISPs and type of connection have limited upload

but in my case, I should get 300 mbps both ways

I used to, and it started last october being this way

Yah, then it's a line issue or something but it's just wild and the fact you've been calling for like 4+ months and they've done nothing is even more wild

uploading is really bad, and even though download says 200, playing a game is awful

"it works on our side, so"

Yah, games don't use much but having so little upload can impact games in this case

everytime I call "have you rebooted your router?"

lol, well get a tech out to check from my side

"yes mam, i did it 64516546878654 times"

"do it again NOW, or we don't help you"

does not compute, script says it should work

"ok beesh i just did it and it's still slow" "oh okay,'im sorry maybe we will send someone"... twice they say, never they did

that's crap they haven't sent someone =/

well that's what you get for 30 euros/month

but I can't afford more... and again, that ISP, I have it in other places and it's fine... i even get 500mbps with the same isp at home

both ways!

wow

Like for real... anyway

enough computer for today

Can someone help? I was going to get a network switch and I've found 3 (TP-Link TL-SG105S, TP-Link LS1005G and TP-Link TL-SG1005D). which one would be better to get beacuse I don't know the difference between them.

Go look for their spec sheets and find the differences.

They'll be listed.

the sg105s is fine

guys can anyone help me trouble shoot bluetooth

You're probably looking for #1027757333117415424

OPNsense Unbound DNS + Pi-Hole, is there a new guide for this? I'm just finding crumbs sprinkled around different places of people trying to figure it out but no full picture of how it's setup. Edit: Adguard Home, thought I needed a custom OPNsense firmware, nope, just added a repository and added it like any other available package, trying this out instead.

Da hell does that mean

This is what I get outside the city limits, it's what my T-Mobile Home Internet is jumping onto off and on and giving me lower speeds. LOL

You're not connected to your carrier's towers but rather other networks

Doesn't say I'm roaming when it shows this for me, just not the band 41 main towers, it's the slower band 71 when I see this.

Extended Network typically means you're being served by other towers than your carrier ¯_(ツ)_/¯

Extended Network typically means there's agreements to serve customers from your carrier by the other

Well the carrier im on is Verizon

15 up which isn’t awful

https://forum.opnsense.org/index.php?topic=22162.msg155309#msg155309 Setup Adguard on OPNsense and it seems to have broken checking for updates on OPNsense? https://dnsleak.com/ Never get's past 'Waiting for results...'

do i have to use 23awg wire for 23awg keystones? the connection i have is dog ankle with these cat6 keystones when using 26awg wire

lol, I was just about to reply that I think it's a Windows thing, I tried to ping my phone from my OPNsense box and it goes right through, pinged my Ubuntu machine running my Docker containers, passed with flying colors, Windows machine 100% packet loss.

I bought this HP Prodesk for $120 on eBay for my Ubuntu media server stuff, been running it for like 3 years now (maybe longer actually), 1080p x265 on everything. 2TB internal, 2TB external, need to expand it some more.

Yeah, one day I'll do the same. If you go the cheap route I did just make sure you don't waste your time on hardware that can't do the encoding/decoding you want. I got lucky because I didn't even check but mine does what I needed. LOL https://www.intel.com/content/www/us/en/developer/articles/technical/encode-and-decode-capabilities-for-7th-generation-intel-core-processors-and-newer.html

@peak cloak i need mental help

This is still after I NAT all of my wired devices

What are you doing in a campus dorm that needs that many devices anyways

A laptop, a phone, games console, streaming stick if that's your jam, a desktop maybe, I'm guessing a server of some sort

If I bring my desktop upstairs and leave my router downstairs, would my connection be noticeably slower? I would be 1 floor above it and would be using wireless Wi-Fi on my desktop

Yes

Do I need to do any sort of port forwarding on any routers to allow incoming ipv6 connections to my systems?

Have allowed 443 and 80 via iptables in ubuntu server at home but can't seem to access it from ipv6 (connection timed out)

My current network config is ISP Router --> Home Router --> Every end device
If I set IPv6 to "Pass through - Bridge", all devices do get an address and can make connections but incoming doesn't work for some reason

Depends on what you expect? It certainly will be less capable but whether it'll matter or not depends on you

Usually/hopefully you'll have a firewall in place that will restrict connections, you'd have to allow connections through that firewall in some sort of settings menu if supported. You could also be using the link-local IP by mistake to try to connect, that won't work.

Not the link local IP for sure... starts with my ISP's ipv6 prefix

Also where would that firewall be... ubuntu server has iptables and ufw so far (with iptables-persistent, i made sure rule changes are reloaded properly)

The router

I have a TP Link Archer C6 v2 which gets it's connection from the ISP router. IPv6 is set to pass through (bridged) otherwise it doesn't work

I have no idea how they've implemented that, sorry

But it's entirely possible that's your problem

As far as I know, Tailscale IPs (starting from fd7a) are considered not-local, but I can connect through them to get to a webpage on the ubuntu server... But can't do that via ISP's IPv6. I even tried temporary IPv6, same result

How is Tailscale involved here? Just as a comparison or somehow involved with your expected network path?

Yup just a comparison

Gotcha

I'm going to point my finger at the router then, unless your ISP has added some sort of well-meaning block in incoming traffic for ipv6

Also worth checking/doublechecking: if you've bound your services so that your public IP is bound (::), firewall specifics on the target devices

ISP Router, firewall is the only thing I could think of and it's configured to OFF... allows everything inbound and outbound. On windows systems I manage network security using NetLimiter4 very precisely, and on my ubuntu server I have iptables to do the same. On Android I have magisk root with afwall+ that also denies everything to sensitive processes/apps

Ah I don't have a static IPv6 yet... it'll take a few days. I thought I could use dynamic IPv6 to see if I could've hosted a website using dynamic DNS

Strangely enough, flood and attack protection was getting triggered in both the routers if I did a speedtest from my desktop... Speed being just 100 Mbps. Had to disable them to get full speed. My own router blocked my own system and it took a long time to figure out why all internet suddenly dropped

I know some home routers insist on a messed up version of port forwarding for ipv6

So I've had firewall and attack protection disabled since well over a year

Tbh if you're doing stuff with ipv6 I'd be going for something a bit better anyways

Since every end device gets a dedicated IPv6 address, no NAT should be needed... so no port forwarding should be needed in theory. I've never setup any port forwarding with IPv6 before since it always simply worked with the direct address...

I know

It's just how they present firewalling on ivp6

So you think it's something from ISP's side?

No that was in reference to the router though such a thing is not impossible

Ah ok... feels complicated atm

I used to host a minecraft server when I had dedicated IPs and no CGNAT, 2 years ago

If you just want to get out from behind a CGNAT... considered a VPN?

But back then ISP didn't have IPv6 here

Ah I did set up oracle cloud, it was working really well. Multiple routes, multiple VPN servers, 24GB RAM so I could do almost everything that wasn't too CPU intensive.

Until they decided to just yeet the whole instance without notice or warning, deleted everything, said I broke some terms of use and never bothered clearing it up 😐 Turns out they did this to a lot of other people. Basically if you start using free tier and keep using it for too long, they delete it 🤷‍♂️

Get a digitalocean/vultr/aws lightsail vps (they start at like $US3.50/mo with a terabyte of throughput for most countries), set up wireguard on both sides, expose your host via NAT

Not free so much less likely to do arbitrary stuff

But still quite cheap

Was using it as a nextcloud instance that helped sharing photos/videos to friends very easily

I plan on doing that too... Need a handful of backup servers in case my home server goes down

Those aren't high spec enough to run a Minecraft server but are plenty fast enough to forward game server traffic and the like

IPv4 won't be an issue at all, I'm quite sure once I get a static IP from ISP, configuring everything else would be super easy

Oh also about that... if I have 30ms latency to the cloud server, the total one-way time to a friend who's in the same city as me would be 30+30 = 60ms

Since it's going from My PC --30ms--> VPS --30ms--> Friend's PC

That makes RTT time 120ms at least...

Not necessarily

I had the same setup just a few weeks ago... With a VPS as sort of a relay server with wireguard/OpenVPN, friends were constantly lagging out

AWS peers well with most ISPs so if you're going the 30ms to where your ISP concentrates traffic to peer with your friend's ISP you won't be going far to a datacenter

-if you pick a nearby datacenter

Also if I just wanted to host a minecraft server, playit.gg and ngrok work exceptionally well and are effortless

I also want to host a nextcloud instance, jellyfin server, wireguard/openvpn servers, etc etc

I will get a VPS too but after setting up the home server

Would you personally recommend AWS... or any other cloud provider? if you've used one that is

My preference is AWS as they are reliable, have lots of datacenters and can be very cost effective if you know what to avoid

But I mostly deal with it from a low-use personal or business perspective where I run a ton of stuff on the smallest instance that will work

I don't run gameservers or stuff on there

All I need is a lightweight compute VM with good networking speed, more storage the better

Yeah low personal use is all im going for right now

AWS and Google are about the best you'll get for locations but figure out where your ISP connects to other networks and find the closest datacenter to that