#networking

@peak cloak @clear igloo

Bruh the resnet isp is now doing 11.X ips on WiFi too

anyone knows that these numbers mean on fast.com?

I guess its the data usage of down and upstream test

Like how much data it will use when its testing down and upload

Oh that makes sense yeah

does anyone know anything about miracasting

I just googled it. Interesting, but never heard of it before

i was wondering if someone could help me with it because the internet is somehow not helping

Whatchu need

i dont live in such techly advanced country so lol

its saying i have it available for my pc right but it wont work

i updated drivers, cleaned already updated drivers i did all fixes i could find but wont work

What are you trying to do?

I'm asuming connecting an external display using miracast?

wanting to connect my pc to my tv to watch a movie

my tv is roku

Right. What's your network situation like? All WiFi, partially wired, multiple routers or AP's?

roku is wireless and pc is wired, now thats what i think the problem is because i dont have wifi on my pc

but people said on microsoft forums that it shouldnt really be an issue

Shouldn't be a problem, unless you're doing something weird like having a dedicated router just for WiFi (in router mode)

Have you tried something like AirDroid to check if the casting actually works properly?

no, just simple wifi pod extender thingys

whats an airdroid?

App for your PC or smartphone

i can try rn real quick

Also, do you have any custom firewall things set in your router/modem?

Oh hang on, what kind of roku device do you have? Seems like not every roku supports screen casting/mirroring

https://support.roku.com/article/208754928

mine does, its just i cant get it to work on my pc

im testing the airdroid to see if its even working at all

You could also try it with your smartphone's native screen casting ability (asuming you have an android based phone)

ok it works

the airdroid so im assuming then something is messed up with the casting ability on my pc

Where have you tried this? Smartphone or PC?

pc to smartphone

wirelessly and it just auto connected

Probably not related to network issues then

Windows being windows?

could be

i might try my laptop and call it on my pc but its just annoying since i cant figure it ou t

If you try it on your laptop, do it via a wired connection so you create the same circumstances

https://www.startech.com.bd/tenda-ac23-2033mbps-ac2100-router
is this good?

@thick minnow do you have only 1 router

yes

Hmm then idk

As long as it's on the same L2 network it should work

Lightbulb moment! Do you have client isolation enabled on your WiFi by any chance? This causes issues in tech like this. It can still announce via multicast, but can't actually receive any data

Tbh I’d look at Amazon reviews of this router

amazon not available in the country im in

Hey all, I'm looking for a rather specific device for a specific use case.
So basically what I need it a NAS in the form of a USB stick. I need 10MB of capacity and it needs to run like a plugNplay usb stick on the host device, but integrate into the network like a regular NAS.
Its use case would be transfering CNC code files to a CNC router because I'm too lazy to keep running around with a USB stick
If this doesn't exist, a regular NAS with PSU could work too, but the stick solution would be cooler since I need essentially no capacity

So a NAS with DAS functionality (can also access via USB)?

I don't know if such thing exists due to the difference in how the 2 work

Direct Acess Storage, I suppose? Yes

It seems to exist but 3.5" is definitely not the right form factor for this. I have a bunch of 2.5" ssds spare tho, which I could use

Oh and there is no possibility to plug the NAS into the network, it would need to be wireless even when it's not in the form of a stick

hm would i change this through my routers settings in the browser?

Yeah, depends on the router though

The amount of millions of $ worth of IP space (that is also wasted) that your uni has is 🤮

Waste all the IPs!
You get a /64 and you get a /64 and YOU get a /64
Everyone gets a /64!!!!

Nah, everyone gets a /48 because IPv6 is of course "unlimited"

I was trying to save some space 😦

Every P2P gets a /64 though right?

Oh yeah definitely!

i would be shocked if that wasnt nat tho?

It's not. They own multiple /8s and that's what's handed out

thats quite messed up

my isp gives you few thousand ipv6 ips

so they own 11 and 26?

I dont like ipv6 addressing

can relate

If going of just their AS...No, quite a bit more than the two

7.0.0.0/8          *[BGP/170] 5w2d 19:46:02, localpref 100
                      AS path: --- 1299 3356 749 I, validation-state: unverified
11.0.0.0/8         *[BGP/170] 5w2d 19:46:01, localpref 100
                      AS path: --- 1299 3356 749 I, validation-state: unverified
21.0.0.0/8         *[BGP/170] 5w2d 19:45:58, localpref 100
                      AS path: --- 1299 3356 749 I, validation-state: unverified
22.0.0.0/8         *[BGP/170] 5w2d 19:45:58, localpref 100
                      AS path: --- 1299 3356 749 I, validation-state: unverified
26.0.0.0/8         *[BGP/170] 5w2d 19:45:52, localpref 100
                      AS path: --- 1299 3356 749 I, validation-state: unverified
28.0.0.0/8         *[BGP/170] 5w2d 19:45:52, localpref 100
                      AS path: --- 1299 3356 749 I, validation-state: unverified
29.0.0.0/8         *[BGP/170] 5w2d 19:45:52, localpref 100
                      AS path: --- 1299 3356 749 I, validation-state: unverified
30.0.0.0/8         *[BGP/170] 5w2d 19:45:52, localpref 100
                      AS path: --- 1299 3356 749 I, validation-state: unverified
33.0.0.0/8         *[BGP/170] 5w2d 19:45:51, localpref 100
                      AS path: --- 1299 3356 749 I, validation-state: unverified

😱

now why on earth do they need 144 million ip addresses

The "internet" in the early days was primarily for universities (then funded by the gov.). IPv4 blocks were handed out upon request via email and recorded in a notepad. This was prior to and RIR to oversee allocation.

So you have Unv's with multiple /8 that they own the rights to and cannot be reclaimed legally.

Once it was realized that handed them out was going to be a problem, then the RIRs were created

well at least thats not a problem on ipv6 probably

well that depends on the country I guess

nothing stops a country from going rouge and reclaiming the IP routing it to its own server

yea but they can only do that within their own borders

yeah

Not yet anyway. IPv6 may seem near infinite, but we are closing in on the hardware bubble. Right now there is only so much memory in hardware to hold a few millions prefixes

wdym

ah so we may end up needing a nat like "compression" algorithm to make routing easier?

you wont hold addresses to all other devices on network on your own device

and for google,cloudflare its not a challenge

and actually for ipv6, the router technically doesnt neeeeeeed to store the ips right?

ipv6 went too far with the 128bits imo

64bits are enough

nah
most computers can operate on quads relatively quickly

and it only doubles the storage and memory requirements if you dont use more addresses

you get 18,446,744,073,709,551,615 addresses with 64bits

and 16 bytes for an address is a lot

ipv6 is wasting your ram and will waste ISP's resources too

ipv6 was made in 1995 and still almost no one uses it

except on their phones

?

I still get ipv4 assigned on my phone from GSM

most cell networks use 4on6

In the scope of things, routing in hardware (ASIC) is more recent in the timeline (like mid 2000s). This is major if you want to route at line-rate. However, memory in these ASICs are expensive and can only scale so far and getting worse as we're pushing 400G+.

Most service provider routers fall within the mid-range level which can hold a total of a few million IPv4/IPv6 routes. Because IPv6 is around 2-3 times v4 when in memory, each prefix added to the global table is contributing to the maximum number of prefixes in memory.

If IPv6 continues to be allocated without care and not being aggregated. We will be reaching a point where a large portion of SP routers just don't have the memory. There are plenty though that easily have the memory for 16+ millions routes

ipv6 is 4 times bigger than ipv4 in byte size

so it only requires 4x the memory despite being able to address every atom of everyones body on the planet

Correct, but vendors optimized it to reduce memory size by 2-3 times actual prefix size

they have to use normal ipv4 too because there are many services that dont even accept ipv6 connections

4x the memory is not only

its a lot

its alot but it will matter as the number of devices per person balloons

you need ~17GB to store all ipv4 addresses pure

except thats not true

Nat has alooooooot of ips

ipv4 can have only 4,294,967,296 addresses x 4 bytes because its a 32bit

you get 17 179 869 184 bytes

I am referring to strictly to routes. When talking about host within subnet, then that's dealing with ND which is and never will be able to store and entire /64 worth of ND tables

if you were to store all ipv6 addresses the amount of memory needed is incomprehensible

again tho we have plenty of ip addresses that get reused

you would need 5.4445179e+39 bytes to store all of them

sure but not every single router needs to keep track of everyone elses subnets

that is the same number of possible combinations of 12 word seed phrase

combined from 2048 words

again though, not all of it needs to be stored in memory
just like how your computer doesnt need to know my computers exact ip address

my computer doesnt

others do

my computer technically requires 32+16 bits of data to specifically address

if ipv6 will be given away like free candy like it is rn

I wish it good luck

ISP's allocate thousands of ips for you even if you use only one device at home

To give you a perspective on optimization and use of composite-next-hops, this is Juniper MX that is part of my lab at work. 4GB memory, full IPv4/IPv6 tables or 2m/340k in RE and 900k/170k in PFE

Routing Engine status:
  Slot 0:
    Current state                  Master
    Election priority              Master (default)
    Temperature                 43 degrees C / 109 degrees F
    CPU temperature             47 degrees C / 116 degrees F
    DRAM                      3968 MB (4096 MB installed)
    Memory utilization          84 percent

> show route summary
inet.0: 920452 destinations, 2109513 routes (906783 active, 0 holddown, 298639 hidden)
              Direct:     41 routes,     41 active
               Local:     39 routes,     39 active
                OSPF:   2626 routes,   2626 active
                 BGP: 2106785 routes, 904075 active
              Static:      1 routes,      1 active
                RSVP:      8 routes,      0 active
                 LDP:     13 routes,      1 active

inet6.0: 170805 destinations, 341549 routes (170805 active, 0 holddown, 0 hidden)
              Direct:     19 routes,     10 active
               Local:     17 routes,     17 active
               OSPF3:     41 routes,     41 active
                 BGP: 341471 routes, 170736 active
              Static:      1 routes,      1 active

then there comes the problem that ipv6 is too hard to remember or quickly write down unlike ipv4

again tho i dont need to keep track of it, i just need to pass the data to the end device

and then malicious users

you wont be able to just create a blacklist of ip's

if you block one spammer they just change ip instantly gl keeping up with that

now that will be a bit of a problem

but thats already true now

with ipv4 its manageable

The problem with memory that I am talking about is on the global routing table, not at the host or customer level.

there are services that you send a request to api and get if the ip is malicious

or you can generally block the ip on your own device

with ipv6 that will be obsolete

unless the amount of IP's assigned per person will be standardized so we know which exact ip's are the same user just by knowing one of them

then we are screwed when we go to IPv6

sure but quadrupling the cost of all the core routers is better than using nat

because one isp gives you few million other thousands etc etc

with ipv4 getting even 1k addresses is hard to do

it would cost shitton of money for all the vpns

but with ipv6 you just get it for free lol

well not exactly

you cant exactly slac outside of your subnet

my isp gives you thousands of ip's and they are all dynamic

they all keep changing so you can actually never reuse the same ip

I dont use ipv6 tho and have it completely disabled on every device I have

yes but they are all from the same subnet

It not just cost. Our larger MXes are already a few million, whats another million on top.

The problem is continuing to add memory to these large chips while keeping them at line-rate. Not including the standard deployment cycle being 10 years, you cannot just keep purchasing millions worth of equipment because engineers are being careless in the advertisements

they are just from the pool that ISP has

also your isp probably doesnt specify them, it just gives you a range and your devices slac within them

well its good that we dont need ipv6 yet

now thats fair, however there are many very interesting solutions for that, and we need to get started on it asap

I wish people still behaved like in the early days of computers when ram was worth as much as gold

everything was made to use as little memory as possible and be conservative

This perspective of IPv6 not being as infinite as expected has already been discussed and being pushed in the IETF. The respected leaders such as Russ White and Geoff Huston are already pushing it but many other don't see it as an issue

That mentality makes v6 deployments worse

Good

let it die

...

just think of ipv6 like double nat with none of the downsides besides still requiring routers

Here are a few articles that were referenced in APNIC's Ping podcast discussing this if you're interested:
https://blog.apnic.net/2021/03/03/what-will-happen-when-the-routing-table-hits-1024k/
https://blog.apnic.net/2023/01/06/bgp-in-2022-the-routing-table/#:~:text=The growth of the IPv6,of all prefixes are %2F48s.

This is what opened many peoples eyes to IPv6's careless deployment and my main points.

its true that nat does explicitly prevent you from having these sorts of problems

you still have the problem however that besides these super reserved ipv4s, everything eventually will have to be hidden behind nat

IPv6 was standardized in 1995 at a time where memory was in MB and routing in hardware was thought of as impossible. But they designed it after seeing the growth of v4 and wanted to avoid the same problem so it was overengineered.

We need IPv6 along side IPv4 just to keep progress moving. I have my own issues with IPv6 and it's still fragmented in many ways, but I would not say we don't need it.

Android DHCPv6 is so bs

The largest issue with v6 is the OSes. It's super fragmented and in many cases unpredictable. Networking vendor may have much to incorporate, but at least the processes are mostly standardized

Yeah

yeop

Uni only has a /16

They don’t own any in 11.X

It’s the awful company they contracted residential networking out to that’s using 11.X

Ah, I thought that was also your Uni.

Nopee

im looking for a good gigabit router
what router do yall recommend? and what price should i range on for a average quality? (im on a budget too lol)

Look here:

https://www.gl-inet.com

They have cheap gigabit routers with loads of features and plugins you can download

are they good?
like reliable and will last long

jeez its still kinda expensive (120$)

Look on their website their cheaper lol

99%
or 10000TK

I’ve had the Slate Plus for over a year with no issues

i live in bangladesh

Ah

For the features and specs you get it’s still a pretty good price

well ye but
is there a retail for like irl buying

Not that I know of

Could always just use an old PC as a router install pfsense and buy a cheap wifi access point & switch to give wifi and internet to multiple devices

@thorny osprey I would look at local stores

and see what you can find

@clear igloo

PoE Texas splitter to PoE power this PTZ controller

I am happy now lol

😄 PoE all the things!

heck ye!

IPv6 won't die, no matter how back asswards your thinking wishes it to

Its so STUPID this doesn't do this built in

Yah, there are a lot of things that should have PoE but remember, that's a few cents they can't keep for themselves by adding it

The newer ones support it

Ah, so it's a legacy model then?

technically

"legacy"

not the newest shiny off the assembly line, lol

https://na.panasonic.com/us/panasonic-professional-ptz-camera-control/selecting-controller-your-ptz-camera#:~:text=Comparing PTZ Camera Controllers

this is the AW-RP50

the newer version is the RP60

i dont care if it dies, I just dont like it and wont use it until it will be mandatory

It shall become mandatory then

which it probably wont, I assume something better will be made when we run out of space

I shall make it so with the introduction of IPv8

256-bit alphanumeric addresses for everyone!!

IPv6 is already the norm in a lot of countries. In Japan, Rakutan is IPv6 only in it's infra even, it's just slow in the west because there are more IPv4 addresses still around

sucks for them not being able to play some games and use nice services

NAT64 still exists

as does CG-NAT, being IPv6 only doesn't stop you from accessing IPv4 only services if done properly

some ps4 and steam games wont work with ipv6 at all, same with smart tvs

some HP printers wont work with ipv6

@rocky badge You have IPv6 yet on your home connection?

Just because you don't get an IPv4 external address doesn't mean you can't use IPv4 internally

ISP is slowly rolling it out which I hate but

the point is they wont work if you dont have an external ipv4

thats an infrastructure problem on the server side

but its problematic for user

people at HP couldnt care less you cant use your printer because of ipv6

buy a newer one that can

which is why we need to push to transition to it asap so that noone makes any of the new legacy bs

theres nothing preventing you from setting up 4on6 on your router

NAT64 rewrites & maps

that's the whole point

many ISP given routers dont allow you to choose settings like that

which is why we need to force them to transition asap
at some point it will be forced for technical reasons, we want them to transition before that

@clear igloo I thought WiFi 6 required WPA3

or was it 6E

6 definetly doesnt

seems that e requires it ye

I love how the entire campus is WiFi 6

very sweet

They did the final wave of AP replacements over Spring break

got our second site up on wifi 6 out of just under 100

:/

for this building they do 20MHz only

in the academic buildings they do 40MHz wide 5GHz

PHY speed is like 1037Mbps

yeee

now for the university to get more than 20Gbps of connectivity to the internet lol

6E

That's an issue with vendor support we were discussing before not with the protocol fundamentally

I'm trying to setup wol on 2 computers
First is optiplex 3020
Second is my main pc with msi mobo

First had wol enabled and working some time ago but it's not working since i connected it through other switch and then connected it back normally
System shows that wol is enabled on magic packet (after enabling it on every boot)
But ethernet link led is off after i turn off pc
And it does nothing after i try to turn it on using any wol client
Wol is enabled in bios and system

Second one have similar setup and while pc is off, 100M link LED is blinking
But ... port LED on mobo is somehow off
And it's not starting after using wol

Is this even possible?

hi there
is anyone here familiar/regular with TrueNAS ?

noone is familiar enough to know what your problem is without you asking about it

^ true

I don't have a problem, I'm making my own file server and wanted to ask if there was "bullet points" of stuff to know about that you don't find on the popular reviews or info like that

it's my first time so I'm not aware of what to look out for at all

Does anybody know why this Ubuntu server static IP file isn't working?

Isn't working in what way?

Isn't applying? No internet access?

It's giving error claiming inconsistent indentation right now

Well I can see "addresses" is one space too far in for valid yaml straight up

Ok yeah had a look at netplan's structure and neither are correct

Nameservers, gateway4 and addresses are keys on the interface

Blindly typing into Discord on my phone, something more like this:

network:
  version: 2
  ethernets:
    enp3s0:
      dhcp: no
      addresses: [10.0.0.231/22]
      gateway4: [10.0.0.1]
      nameservers:
        addresses: [10.0.0.22, 10.0.0.21]

Can't speak for the accuracy of the addresses as that's obviously on you

idk if "renderer" is a mandatory key or not

Is it 2 more indentations when it indents more?

2 is standard, any works as long as it's consistent

If so copy the renderer specified in your distro's default config

It was dhcp so it didn't have any other lines other than the dhcp yes

I mean below

It'd be above actually, goes in the network object

I mean you can structure it to be below if you wanted but it probably wasn't

Very possible LTT got breached

Doesn't surprise me tbh

It may not be just their yt channel

it got breached?

@peak cloak if you were to look at #public-chat, #tech-chat-1 or the subreddit in the last 2 hours you'd know that they got pwned by crypto scammers

Yeah but it could be a bigger thing than just the channel

main channel is already banned by YT, Techlinked and Techquickie are currently streaming the crypto scam

so they'll go down soon too

Maybe got access to internal systems like pw vault if they use one

Which would be a really messy situation

Lastpass had a massive breach a few months back, could be spoofed sponsor link, could be a backdoor in some YT extension for content creators

it's not the first time scammers take over a YT channel and start broadcasting crypto chats with Elon while removing old videos. What is fairly new is reuploading old vids with links to the scam

https://www.youtube.com/user/LinusTechTips

@clear igloo

https://www.reddit.com/r/LinusTechTips/comments/11zftc5/welp/?utm_source=share&utm_medium=ios_app&utm_name=ioscss&utm_content=1&utm_term=1

That would be a PITA to recover from

1: SSL certs

2: very possible that acc/pw combinations were already used

But I don't think that's the case, they should have a strict access policy

Does anyone have a good place online when it comes to ordering a 9U server rack in the US?

Anywhere really. TrippLite is a solid brand now owned by Eaton.

Linksys Question - Can I add a wifi 6 child node (MR7350) to a MR8300 (wifi 5) parent/main router? With the Linksys mesh app (which is sorely lacking) It appears i can create a separate network with the MR7350, or use it as a bridge with a second SSID. Also looking at the MX4200 (White velop wifi 6 node). Thanks for any insights

@waxen scroll @hollow marlin Well....University seems to be doing 802.1X on wired now...

Which means we need to contact networking to get a MAC bypass for several devices.

Or you can just install the certificates on those devices

We can't

why not?

because they're not devices like that. One's a PTZ controller, several embedded stuff, etc.

802.1x isn't exactly now. Why should they not support it? It supports IP

because there's no way to set it up?

not exactly gonna be installing 802.1X certificates on this

I mean, still don't see why not. If it communicates via IP, surly it does more?

But that device might not have support for that

It does not support 802.1X

just because it's in IP spec doesn't mean that the device itself supports that feature

or implements it correctly

what's the maximum bandwidth of 5ghz? I had to plug the ethernet because downloading a game was slow

Depends

But Ethernet is always more consistent and reliable

In a perfect environment you can get over gigabit, but no environment is perfect. You have noise, interference, etc.

it was downloading at 35mbits more or less, with peaks of 120mbits

with ethernet I was getting triple the speed

Makes sense

I’m running cat6 in my house for PoE APs. Is now a bad time to buy Wi-Fi 5 APs when Wi-Fi 6 and 6e are out?

Depends, are you on a strict budget?

Personally I would just jump to 6

Depends on your clients. No reason to spend a ton of money on wifi6(e) APs if your clients can't utilize them. This table shows the differences in speed/frequency/standard. https://en.wikipedia.org/wiki/IEEE_802.11#Generations

Looks like I’m not on a 6e budget but I could probably swing for the 6

good point. Also thinking about the future and new phones and tablets in the next couple of years might have 6e

I mean it also depends on what your situation is. Wifi 6 is really an improvement in congested areas

And what your internet connection is

yeah. I do have gigabit fiber

Until everyone defaults to 320mhz and we end up with 5ghz all over again 😦

As far as clients go, really just 3 devices at a time high bandwidth. And lots of IoT

Well the actual specification is better

On how it handles lots of devices

Curious, what does everyone prefer openwrt linux or opnsese bsd? I'd do vyos but that seems like a lot of effort tbh dunno if it would be worth it

for what exactly?

just a home network, have a small x86 machine laying around with 4x i225 nics lol thought process was

xfinity xb7 in bridge mode -> small computer router -> unmanaged switch -> other devices/asus router in ap mode - pretty basic needs honestly, adguard home dns and codel/qos for latency lol

Anyone ever seen a massive fluctuation in internet speed like this? I ran 3 speed tests back to back and got 65mbps the first time, 12 the second, and 40 the third. Real life reflects that pattern

Recommendations for a budget network switch

Can you be more specific as to what it should be capable of? Port counts, speeds, management...

4+ ports 1gig and not trash

Just about any switch will work just fine for you then.

I suggest an RB260GS or - if you can resist the urge to plug it into itself - whatever you can find in your local tech or office supply store lol

Andddd it doesn't ship to canada

Basic desktop gigabit switches are all much alike unless you're buying a managed one like the probably unnecessary RB260GS

They're available in Canada, you buy from resellers

80 bucks

Buy an unmanaged one then

Or find a reseller that isn't ripping you off

Looks like a unmanged one is 15 bucks

Hmmm 15 bucks or 80

Well there you go

I wouldn't buy a 6-port switchOS switch for $80 either

Now I'm wondering metal case for 3 bucks more or plastic

Well I lied I thought the plan was to run part off the router part from the switch

Were running it all off the switch

I need like 10-15 ports

Also whats managed vs unmanaged

managed gives you network configuration options to tweak. on unmanaged, you just plug your cables and let it do its thang

managed allows you to configure features such as vlans, STP, and more

unmanaged doesn't allow for such features

most people do not need a managed switch

But I want it now

you prob do not

most features are useless without other network devices supporting them, and that you configure your network in a way that can utilize those features. Other than that it's just more money for nothing

Its only 10 bucks

which one

https://www.amazon.ca/TP-Link-Gigabit-Ethernet-Network-TL-SG116E/dp/B07GRG63P6/ref=asc_df_B07GRG63P6/? https://a.co/d/j0WMmb9

I guess it's fine. Don't know much about tplink managed switches

also i just wanna fuck around with tech

I've got one they're pretty solid I'd say just as good as any other brand of consumer managed switches

bah I need to find a 24x2.5" chassis

i can vouch for there normal switches

do they switch?

yes

and swap

yeah, problem is a vlan capable switch is basically almost useless without a router that can support them

That does need a router that can handle vlans and the isp shit probs wont

Or even turn your switch into a router

Even the cheap older enterprise switches do l3

And you don't need to use a crappy gui

Not a good one

And that' requires a L3 switch

Problem is they are loud and power hungry

They do routing in the tbps

In hardware

Maybe routing, but not NAT

Fuck nat nevertheless

Which is essentially what a home router does

For nat just use a Linux box

and many do not...

Anything 10g does ish

I mean, Cisco, Arista, juniper

Those i meant

again wont be cheap tho

unless it requires licenses and doesnt have them ofc

Cisco you can use without, it's all honor based

Arista doesn't have on hardware checking

ah nice love it

but still, that's noise and power for the old stuff to deal with too

You can even deactivate vendor lock

expecially noise

Im building a new PC soon and the new motherboard has 2.5g ethernet. I have a Catalyst 3750X running my house and it has a spare SFP port. Is 10g backwards compatible to 2.5g? like will it negotiate to 2.5g? I probably dont need 2.5g but its there, so I kinda want to use it lol. My server is also connected via 10g. Or is there a 2.5g SFP module I should use instead?

50W for a 1.5 tbps switch

i removed the fan from my switch, but now its probably gonna die

It is not

Noise however, true

also what model?

that seems like a very modern number

50w at 100% idle with no optics and the OS stopped?

Yes, you can, if you get the right insert

probably better off getting a switch

You'll have to disable autoneg

@lucid siren any suggestions for the insert?

The 3750X was out LONG before 2.5g was even a twinkle in the eye

patrick just did a roundup that included a few 2x10g+ #x2.5g switches

Yah, instead of attempting to try a nBase-T SFP, of which there are maybe two or three on the market, just get an nBase-T switch with 10g uplinks

and those sfps are super power hungry

so Im probably better off keeping at 1g as my switch it probably too old and doesnt support 2.5g?

It 100% doesn't

bummer lol

you can always get a second switch for faster stuffs

oh well, not like I would need it anyways. only have a 200/10 internet connection

Yah, if you have 10g ports on it via the module you could uplink from a 2.5G switch with a 10g uplink to that with 10g fiber or DAC

gotcha. makes sense

Could just get an old 10 gig NIC for fun

yep

I'll check which one we used in a sec

also 40g qsfp can be turned into 10g sfp+ with a $12 adapter and is often alot more than $12 cheaper

SFP or SFP+?

Just use dac

Then u have 4 10g in one

Ultimate space saver

or a 40g mpo optic with mpo breakout cable

dac is cheaper

DAC is cheaper and less power though

you guys lost me lol. I really need to brush up on my networking. Spent too long in client services.

10G is SFP+ always
1G is SFP

I wasn't Shure if he said SFP or SFP+

SFP's only capable of a tiny bit more than gigabit

So it's useless when talking anything beyond gigabit interfaces

SFP28 is 25G
SFP56 is 50G
QSFP+ is 40G
QSFP28 is 100G
QSFP56 is 200G
QSFP-DD is 400G
QSFP-DD800 is 800G
Still waiting to see what they'll use for 1.6Tb

I added a C3KX-NM-10G to get the extra ports

Yah, thats got 2x SFP+ for 10g ports

I'm sure it'll have a fun new name

and I think 2x 1g ports too, it's been so long since I worked with the 3750s 😦

1.6TB link, Linus wet dream

Pretty shure just qsfp-dd1600

1.6Tb
it's bits not bytes, capital is important 😉

So 200GB/s

I mean, most DWDM waves barely got turned into 800g ones lately here in europe

@clear igloo I believe you are right. 2x capable of 10g

ok.

Yeah good luck pulling data off disks at a speed and scale reachable by ltt

Most still only 200

PCIe 5.0 is too slow

So i don't see 1.6 being mass soon, 800g barely made it to DC's now

it aint matter

You'd need multiple sources and destinations

actually youd be surprised
a single epyc processor has the required bandwidth

Yah, 800g is still barely in it infancy for switching, most of that is backhaul stuff right now

Ah, but does it have double?

just about yep

but it doesnt need double for just file transfers

I'm happy I got my stuff to 100g peering ports now

It does unless your files live in memory and your memory is also fast enough

I stick with my 1GBit home network, no need for me to upgrade at the moment

and that was on 7702s, i suspect that the 9000 series is plenty capable on its own

nope
nvidias demo was nvme to gpu

unless you count nvme as memory

rdma is quite OP

This

And how do these NVME drives electrically connect, hm? You still need double bandwidth, rdma is a CPU-saving feature

why?

Has to get off the drives and to the NICs

2x

oh no i mean throughput bandwidth

Rx tx

Yes, but to have that capacity bidirectionally you need a bus or switch with double the bandwidth

Usually switches are Rx tx

good idea but worded wrong
to get that capacity full duplex yes
bidirectionally no you can just be half duplex

hi there fellas
I'm looking for external opinions on my project, suggestions, advice, relevant questions...
thanks in advance
https://linustechtips.com/topic/1496088-my-first-personal-tinker-project-as-an-it-student/

I mean it wasn't worded wrong thanks, I just used different terminology

bidirectional doesnt guarantee full duplex

No. But I'm talking about the busses

which can be half duplex

but they arent

Not in this case

If they were on a switch, it would be true to the CPU

But they aren't on a switch

They are electrically connected directly to the CPU

As such, all connections are full-duplex

actually in nvidias example they were connected to the cpu through a switch

but the switch was full duplex so it didnt matter

This is in the weeds and I mostly replied because you said I phrased stuff wrong when I didn't

So whatever lol

regardless, pcie is full duplex, and 1x epyc 7003 has 4096gbps of bandwidth for a theoretical maximum of 4096gbps of data

I mean that doesn't really hold up when you need to do anything more with your data than stream it.

and?

Nothing. It's pretty self-explanatory.

point is this is incorrect

Go actually think about that statement a bit

Tbh, unless you're building a supercomputer you don't need more than 100g on a single socket

Or unless you got unlimited money

Density is valuable

It's nice being able to scale stuff up further rather than out

and 100g isnt enough to saturate a single nvme drive any more with gen 5

That's usually supercomputer shenanigans tho

i want to be able to copy files to my nas at full speed of my drives 🤷

I mean

Should be 64gbps each direction, should be able to saturate gen 5 with 4 lanes

Do you REALLY need that speed

a single gen 5x4 drive is 128gbps full duplex

need ofc not
but can use? yes

Uh... 4GB/s, x4 is 16GB/s... oh ffs yep 128gbps

i remember bc its the same as 3.0x16

which there are plenty of 1x100g 3.0x16 nics

but to get 2x100g on a single nic like i have you need 2x3.0x16 or 4.0x16

speaking of 100g tho, does anyone know of anything like the intel cwdm4 modules in the 40g generation price wise?

$7 per 100g singlemode transceiver is such a good deal, but they arent compatible with 40g

Just use fscom ones

Cheap asf

They are pretty reliable

For some reason I did 4^3 mentally, instead of 4*4*8

Which is not helpful

they are individually more expensive than an entire cable using the intel modules

You mean cables with attached modules?

nope

eg 2x intel modules = $14, 50 meters of os2 lcto lc duplex cable is $20ish

$34 for 50m
the cheapest 40g transceiver i can find on fs is $40
min price being $80

I can't find 10$ 100g transcievers anywhere in europe

Only used

yes used

Trust me, don't use used in a prod env

I tried

my home is not really a production environment

Oh well

Then go for it xD

the problem is they arent compatible with the connectx-3 nics that are cheap

you need cx-4 or cx-5

Well, why you want 100g @ home tho

i would prefer 40g, but i bought 100g because it was cheaper

but 40g should be cheaper

right?

I also much prefer duplex lc transceivers

Just get fscom ones, i think ur time worth more than scouring ebay 🤣

meh got plenty of time to do mindless tasks while troubleshooting aps

We're still waiting for the equipment for 100g upgrade on all our backbone links. I don't think I will ever see even 400g even though most our core/edge supports it, let alone 800g

Yah, I think there are 3 or 4 ASICs in total for 51.2T switches right now and I don't know of any on the market for routing yet. I'm sure Broadcom and others are working on them for routing but just haven't released yet afaik

my work has a 1g backbone lol

Just got 100g a year ago

The biggest thing is the gap between hyperscale and enterprise is probably just going to widen in the coming years as companies stop needing as much in terms of bandwidth increases year over year. I see it hitting a plateau for most around the 800/1.6T mark for a lot of places outside of the hyperscale realm for at least a while until moar data is needed lower down the stack

Plus until CPO catches on you're going to start seeing 20-30+ watts of power per optic meaning a 64 port switch would chug down over a kilowatt of power in optics alone let alone the probably 2-4+kW of power for fans and the ASICs

the google dlp switch is insanely sweet

Yeah nothing I know of on the routing side either. I know Juniper's PTX is the first on the road map followed by MX for 800g. But most their MX/PTX line support 400g with the Trio.

I see it hitting a plateau for most around the 800/1.6T mark for a lot of places

Agreed. Even with the hyperscalers, load-balancing/ECMP being priority for resiliency/redundancy/uptime, 400g -> 800g is really 4x increase or more in capacity depending on n links.

They do that already

Yah, I was checking and broadcom's fastest routing silicon is 12.8T still. Everything above that is all switching focused. Cisco has their SiliconOne 19.2T ASIC but still nothing at 25.6T even but I think Juniper might have something for that if I remember right

If you use XR or er transcievers

For long haul

400G optics only pull about 10-15w in most applications
Yes ER/XR optics pull more but you're not filling a data center switch with those 😛

In the SP space, multiple 10/40g links with ECMP > single 100g so we never had the need for 100g. However, with the stark increase in customer traffic over the past 1.5 years, we need the increase to 100g.

We do DDoS protection Soo we need shittons of bandwidth

@clear igloo I had a little adventure last night with the network here lol

Actually ZR optics are targeted at 15w, ZR+ is 25w x.x

did you get all the MAB stuff sorted?

No

I got a couple ports shutdown by accident Lmfao

lol, rip

University port security shuts down multiple MACs on the same port

And plugged in a Windows machine with a bridge and it cut that drop lol

welp, time to call IT

@clear igloo I do hate how the AV integrator designed the tech booth

If it were me I would’ve done 10G or 20G fiber to the rack in the tech booth instead of running individual lines

Yeah that'll do it too. In the SP space, outside of long backhaul, throughput is not as high as most people think unlike DC environments.

We only have 8 “user accessible” data drops for the AV LAN and they’re all taken

i asked my boss why we werent using the sfp+ ports on our switch, but he had been monitoring it and discovered that we had not even once in several months hit full gigabit on any port of our core switch

Sounds about right. We have multiple downstream region providers and as an example, one of them has 500/100mbps as their base plan and they're barely pushing 16-19gbps at peak. Netflow shows around ~2100 customers.

i mean internally within our network even

and we have most of our documents stored on the network

That said, if he is going off SNMP monitoring with standard 5m polling, you won't catch the burst unless you look for output drops

ill check how fast it polls

p sure its 60s

and users waiting 60s for their documents is fine

at least on our budget lol

60s is pretty low but fine in a "small" environment. Our NMS would keel over at that rate with the number of nodes.

I mainly gave the example from an average residential user as many overestimate how much throughput they use. It's even lower in most average business scenarios too.

oh wait no it is 5 mins

So LTT hack was classic email attachment phishing

Yeah, we have terabits to the level 1's and 10s of t's in some pni's

sure on average i use nothing, but i want to be able to download stuff super fast
and i want to be able to do complete backups of my computer in minutes locally

Yeah

I wonder if they even have some sort of filtering system

Yeah we have no where near the need for more than a few 100g to our L1s nor to our IXs.

Looking at major wifi upgrade

Does the Ubiquiti Dream router have any huge glaring issues

Besides imo it’s lack of wifi 6e for $200

Doubt it

Is this good for a home internet set up? The repeaters only go up to 300 mbs but they will be for the other side of my home that doesn't get great wifi coverage.

Or did I maybe overpay?

you definetly overpaid, and for asus routers its highly recommended to use other asus routers in mesh mode as the extenders rather than repeaters

Hoping to get some help. I have OPNsense set up with Adguard plugin set for my DNS server. I am not using UnboundDNS on this so nothing is going through that. I set up a wireguard client to connect to a VPN server (surfshark). The tunnel is up, but when i enable the rules I set based off of this guide, all external traffic fails but my internal traffic connects fine, ie to my router or my servers. I'm guessing I am having an issue with a firewall policy somewhere... I am doing policy based routing and set for only device to go out through the vpn connection right now. Link for the guide I used. I followed these settings to a T, except did not add the Kill switch. I have tripled checked the settings and double checked that. Any thoughts is appreciated, let me know if needing screenshots of anything.

https://docs.opnsense.org/manual/how-tos/wireguard-selective-routing.html

It does, If I disable this rule my connection works through my normal outbound ISP connection. When I turn it back on, my traffic does not go out.

As for outbound NAT rules, here it is.

Reading some other posts, do I need to have a firewall rule that allows access to the Adguard DNS server, even if it is hosted on my OPNsense box?

Hey all, does anyone here have experience with Mikrotiks and their performance with GRE over IPSEC?

I have a RB5009 and I'd like to have a fully meshed site to site IPSEC VPN topology with 5 remote sites and to be able to use OSPF in the future, I need an internface which is why I'd like to use GRE on the Mikrotiks. But I remember reading somewhere that using GRE has quite the performance impact CPU wise (of course MTU and fragmentation also plays a role).

Why do you need to do it with a virtual interface?

because Mikrotiks don't support VTI, so without GRE or EoIP or something like that I do not have ANY interface on the Mikrotiks

Ok, let me rephrase sorry. Why do you need an interface?

Everything has a performance impact, what kind of throughput are you expecting over the tunnel?

RB5009's are pretty good for performance, you might get away with whatever you're looking for

If you're not married to IPsec wireguard's great on my Mikrotiks and does expose an interface

how to make internet better?

that I mentioned initially. so I can implement OSPF, later on

Sorry mate, I skimmed 🙂

I would probably actually switch to Wireguard but unfortunately I will still be having some older Fortigate peers for the time being and they do not support Wireguard.

no worries

Have you tested perf over gre/ipip on those devices?

throughput max. 80/20 Mbit anyway but my concern was also due to the big amount of low bandwith sessions I'm expecting. also syslog logging of all traffic, that's gonna put some load on the Tiks 😄

Can't the 5009 do like 1.5Gbps of ipsec?

no, I'm doing a "pilot"/PoC in a virtual environment with the free CHRs but they are limited to 1 Mbit. I'll get my 5009s in the next few days and will test with them

I use a 5009 as my edge at home, if there's any sort of basic testing you would like me to do :p

yeah, something like that, but GRE seemingly is loading the routers hard

i'm planning to replace my aged Fortigate 60D which is currently my edge firewall + vlan router for all my labs and DMZ networks with one 5009

I have like 25 VLANs on that fortigate + something like 7 or 8 ipsec tunnels with quite strong encryption (site to site and client to site) and I hope that I can route wire speed between the VLANs with the 5009 + logging all the edge traffic to a syslog server 😄

• later OSPF

that 5009 is gonna be under load lol, especially if I use the 10G interface for my DMZ uplink

that firewall filter rule config is gonna be a pain in the butt compared to the fortigate xD

I'm also concerned because of that crapton of firewall filter rules that i'll have to put on the 5009... but I guess there's no better way to find out than to do it

?

That seems pretty achievable even with an inefficient config, I wouldn't be worried at all, low bandwidth sessions aren't very expensive

RB5009 has hardware-accelerated IPsec and GRE's cheap enough to get 100mbps easy - even on Mikrotik's older single-core MIPS stuff the RB5009 beats the pants off.

Boy howdy pfsense sure is fun

not sure if correct channel but I use a tp link T3U plus wifi adaptor and my wifi speed is stable 200mbps but sometimes on my pc I get 50mbps or even 5mbps I have newest driver installed any idea why?

Tech support question should go in #1027757333117415424 , but could be interference on the frequencies used in your house, could be driver issues. WiFi is a shared medium and can be very difficult to troubleshoot, which is why running a cable, MoCA and powerline ethernet are common recommendations for people who want consistent performance.

I will say that my experience so far with USB WiFi adapters has been consistently abysmal.

💀

bruh

how

Datacenter 🤣

How to get fast internet:

1. Spin up a large VM in AWS/similar
2. Perform speedtest

or get colo :)

speedtest kinda slow

Or have a fiber plan with 2 and 5Gb options 😛

or 3/3 😻

This is on 100g tho 😂

you may be running into system hardware limitations. most systems can't keep up with that much network bandwidth. Cache, Memory, I/O bus, network interface, tcp overhead, all have a price.

When it comes to home routers, is there any specific one that is superior to another? I've been looking at these three, which all have extremely different price points

TP-Link AXE5400 ($200)
ASUS RT-AXE7800 ($300)
ASUS GT-AXE16000 ($630)

what sort of speeds could I get with 2.5g ethernet?

I was going to start typing about that

that's with 2.5Gbe NIC on a 3/3 fiber plan

this is direct from my modem/ont combo https://i.imgur.com/SYeDPNY.png

Without nat

there we go

Didn't find a Speedtest server with more than 10g yet however

once I get my plexyserv active again I want to look into a pair of 10gbit nics and a switch with a handful of 10gbit ports

Should technically be 25gb the Speedtest (uplink to the switch from the hypervisor)

few years back it was hard to find speedtest server with more than a gig bandwidth

I think I can't get around setting a 100g Speedtest server up...

this is what speedtest cli is for

Up to 2.5Gb/s if you pay for it

Depends on which one you use 😄

this is the speed i dont pay for (its free real estate)

just host your own

icic

and as whistl said earlier there are some things that can limit you other than your NIC

1gbe fiber is only $70/mo here. 2.5gbe would require a router upgrade, and would be closer to $125/mo

I've never saturated my 1gbe internet link. See no reason to pay more. I'm the only heavy user on this lan

Bell offered us 3/3 for $60CAD the other week for 2 years so I took it

cool!

1.5/940 is the next tier down, so 2.5Gbe is still nice to have coming in on more consumer devices

they offer 5gbe too, but really, I'd only be getting that for bragging rights.

I was coming from very consistent and stable 1gbit/50mbit cable, the download speeds were over 900mbit most of the time but cutting the latency by more than 50% and the massive upload increase will be very nice

i cant even get more than 16mbps down 1mbps up

I need to find some good literature and dig into some things and see if I can get my current 2.5Gbe nic to perform a bit better when I run into a server that can feed it

only thing you could do is enable jumbo frames

How much network info might I learn from nothing if I read every message from this channel?

Do you know of any that you recommend?

ccent is dead, CCNA is the lowest and it covers EVERYTHING in the networking realm (collab, security, automation, etc)

but I would focus on routing and switching portions of the CCNA at least to get a good footing

I’ll have to give these a look. I appreciate the feedback. If you have other ideas too feel free to ping me as well. Ty guys

that didn't work.

I'll have to go through and rebuild that. Is there something I need to do with Adgaurd and the vpn tunnel? Unbound is off and I have my dns set to adgaurd on opnsense.

should probably fix this 🙃

Ran into some random issue

I have a live view screen shot and do see some blocks coming from the device i have set to go out through that tunnel. I can post it, but need to know the best way to redact IP address but to give good information still. How can you tell what rule is causing the block?

Nevermind. this is a different device getting blocked. Need to find out what device that is, but it's not going through my vpn tunnel

my home network now runs on pfsense

did i do my ethernet cable wireing right

You mixed up the last two color pairs 😦

ahhh fuck thats why its not working then

do sometimes mix up the orange and striped orange tho so a few of my cables got them swaped dont cause issues anyway so no big deal

So I rebuilt my wireguard tunnel, removed all the firewall rules for it and rebuilt those as well. Went back to unboundDNS and turned off adguard for now and still nothing. 😦 And used the docs.opsense.org/manual/how-tos/wireguard-selective-routing.html guide to the T. Might have to pop on their forums and post this there... So confusing.

Fucked up some routing 😂

Easy to fuck bgp

Deco x20 honestly surprised me,I am temporarily using it as a router and it's been pretty decent

I find it quite difficult to fuck BGP up. It gives the most granular control to user so nothing is advertised without your consent

Who here is familiar with DumaOS? Is it stable yet?

what is dumaOS?

A gaming oriented router OS, typically ran on Netgear’s gaming routers such as the XR1000 which was totally bunk for the first year it came out

I dropped it after getting their R2 as a replacement for the XR1000 and ended up going Ubiquiti instead, because the R2 literally bricked itself one day without any user input

It’s got cool features though, it’s just very buggy and kinda slow

Gaming routers are all bloated software wise.

Yeah definitely

if you announce routes trough your network trough up to 5 routers behind each other it gets complicated

Ubiquiti has been a breeze so far, but I got the UDMP right before the SE came out so that kinda upset me

and if you then add anycast to the mix

you can have fun if you fuck up

Why would anyone ever have 5 routers behind each other? And with BGP?

https://tenor.com/view/colbert-popcorn-popcorn-stephen-colbert-eat-popcorn-popcorn2020-gif-16075618

BEHOLD: THE NETDUMA R1

HAHAHAHA

It’s a gaming switch bro

That's not a switch

I know

well, 2 out of them are filtering, 1 is core, 1 up to 2 are distribution

It just looks like one

all my switches do routing / bgp

That's a Mikrotik Routerboard with a sticker

Their R2 is dogshit

But uh yeah it's gaming-optimised routing with a healthy dose of snake oil

I mean you can class traffic and prioritise it sure

But the VPN features that were the main selling point for me was removed from the XR1000 after launch when I bought it because of some dumb partnership with some shitty anti virus security company which bundled its paid-only VPN service with it

And don’t get me started with the Wi-Fi drop outs

That were only resolvable through a reboot

I actually knew a few people who sold rebadged Mikrotiks with "gaming-optimised VPNs" way back in 2014 or so

Though unlike Netduma they pivoted

Something like Exit Lag?

The app

Honestly I don't keep track of them

Netduma just blocks connections to/from countries, exitlag actually does route you differently iirc

I actually ran a VPN for a few days to bypass a routing issue that made Brawlhalla unplayable

add vxlan evpn or srv6 when?

It was helpful then, and only then

I think James runs a netduma router

vxlan for customer shit

They used one in one of the Wi-Fi upgrade videos a year ago

but theres switches in there that dont support it so theyre carried along xD

OSPF or IS to IS underlay?

I think it was the XR500 which doesn’t have features ripped out, but only supports 500Mbit/s

ospf

Wut?

bot go brrrrr

Anyone used IS to IS in production?

ISPs mostly

i hope not, but probably

true, forgot about those suckers

I haven’t seen yet. I work at ISP

Perhaps older ones use it

could explain some things

My customer wants IS to IS because Arista can't do SRv6 in OSPF so we need to convert to it from OSPF

mikrotik goes brr

i do it diffrent for v6

its not a legacy setup

Ooh.

v6 is just straight switching to core router

It really does, I've sold Mikrotiks as something else/ part thereof in two companies now

I think I'm done with RouterOS for that kind of shit though, the hardware's neat but the software just doesn't real allow for that bullshit

I hate Mikroshit for routing

They ok for l2

But l3, hell nahw

Mikrotik's fine for routing though dynamic can be fun

They do a lot on the cpu

Not in this decade they don't

v7 moved off the CPU right?

So they die if you send a few Mpps

You can do switch hardware accelerated L3 now yes

And what you can't offload gets calculated and put back on the switch wherever possible

Would it really kill them to put a semi-decent CPU in their switches though?

@clear igloo

??????

rip

we do cisco only

“Disable APIPA” bruhhh

but why??

Yeah Cisco doesn't offer anything that would do anything I'm trying to do lol

those octal cables on top 👀 ?

I mean sure their super big switches with Xeons in them would, if you'd like to strap one of those to your car

Do it, it'd be funny

no, power cords with this kind of end

ah, picture was a bit blurry and looked blue-ish from a distance

cat9k switches or cat8k routers?

its blurry for a reason

haha, fair 😛

Yeah they look blue in the preview but not if you open it fuly

c9200

Nice, they're good switches

Just be careful with TACACS on the latest releases 😛
Until 17.6.6, 17.9.4, or 17.11.1 or later

I wish university would just rollout PEAP TLS/cert based auth @clear igloo

That would be easy, lol

Logging into a laptop is so fucking annoying

yah

It’s doing pre logon user wireless authentication

Not a machine cert

damn, that stinks, super slow and annoying

It is…

Computers already auto enroll to client authentication certs too

But they have a shitty PKI

this computer was issued a certificate DIRECTLY FROM THE CA

lel

“Firepower rpc access” lol

“Firepower dynamically mapped ports”

Hello, could someone help me with that situation?

So you have ethernet running from the switch to each outbuilding?
Tbh I can provide suggestions but I'm not sure how many of them you'd adopt - do you trust the people in the outbuildings, is this an airbnb-style situation?
If they're not trusted you want to replace the switch with a router and isolate each one from the others. it also sidesteps a bunch of problems - collisions as you say but probably more relevantly if you plug one of them in wrong and you end up with two competing DHCP servers

I notice you've got it isolated from the home network and can't think of another reason why you'd do that

-Or have four buildings unless you sleep in them on rotation :P

Yes, the people in outbuildings are airbnb style situation, and I thought about putting another router in lieu of the ethernet switch

I'd suggest having them all nicely isolated on individual subnets and using the routers in the outbuildings as plain access points

Thing is, I'm not knowledgeable enough to know how to do that

It took me a lot of time to develop that huge network (it's a big place, and I ran a lot between the 4 buildings and was sweating a lot haha)

the only thing I didn't do myself is runnin the ethernet of the 3 cottages (an electrician did it)

and the ethernet switch was existant

get a managed switch, mikrotiks are deacent value

Well if they generate revenue for you, you could always get a consultant to do the setup for you, testing and all.
Else you can learn to use something like a Mikrotik hEX in place of your office switch.

It's not my home/cottages, and I'm the one paid to do the setup, I usually do computers more than everything, but here they called me for their macbook, HDD and then asked me to make this network...

I tried and failed, well not entirely, the internet is the house is very very good

aren't these expensive? what about a managed wifi router with 1 WAN and 3 LAN? I have one in hands

Mikrotik's don't really do WAN/LAN, you define it all yourself as per your needs

is the MikroTik Hex Lite, priced 50eur okay? thanks a ton for your inputs @pseudo blade and @opal pagoda

I'd suggest not going for a managed switch because you'll be doing NAT for each unless your 4G router is awesome and need to do that somewhere

hEX lite is 100mbps only and half the CPU speed

I don't go over 40mbps with 4G+ internet

It'll do 40mbps but will be useless if they ever decide to offer more than 100

and people in cottage won't be able to much a lot of stuff

The regular hEX isn't much more expensive

okay okay, and if I have a router that does gigabit, it would be good, right?

double the price in my crap country

I mean you're going to give the customer a quote, right?

IS to IS > OSPF

what country? since you use eur i assume somewhere in eu

idk, I get bad feelings on this one - don't be afraid to tell your customer to get someone else to do the work if you're not really familiar with networking like this. Especially if you're coming down to the last euro on pricing. Beats a bad experience.

Otherwise you're signing yourself up for a fair bit of learning

Well, to them they spent enough already and they told me that "last summer, all three cottages were working before you installed internet in the home"... the 4G internet for the cottages was EXISTANT and when I tried them, I realised Internet wasn't working in the 3 at the same time

so I told them and they were like "well it worked before"

thing is these are clients potentially bringing me other clients, like a f*ck ton and all are paying money

I'm sorry but I prefer to avoid answering this

But you're right @pseudo blade, shouldn't have taken a task I cannot compelte

well!! again, the house part I did everything and it works

then for "fun" I checked the cottages part and it wasn't working

I told them and they think it's because of the house networking

even though both aren't linked at all

anyway, senetic is a store where lots of networking equipment can be found and prices are resonable and also they ship preatty much everywhere

https://www.senetic.net/

In fact, I tried to plug the "PowerLine Wifi" onto the "Ethernet Switch" to get the Starlink internet is both the house and the 3 cottages, and it didn't work

but when I plugged back the 4G router to the Ethernet Switch, it wasn't working either

Cottage 3 constantly get access, but If I put power into Cottage 1 & 2, they don't get internet from their respective router

80% chance either you've got a router's switch ports plugged in a loop or you've got the "LAN" port facing the house with DHCP enabled

but if I plug a PC into the wall ethernet socket, it works

which LAN port? on which device I mean?

On the routers in the outbuildings

oh

That would nicely bridge the house's networking with any guests who connect to the access points, offering no security or isolation whatsoever considering the lack of any network design to prevent it.

Absolutely awful idea unless you had a router set up with appropriate firewalling rules in place where they can't touch it.

We abandonned the idea, the cottages will work using the 4G+ internet router, so that it's separated from the house network

So I need to check if the cottages's routers are DHCP enabled and disable that?

Depends on the rest of their config

And what you plugged into where

If you actually just had them set up as per default with the WAN port facing the house they need DHCP because they're actually each doing NAT

they are defaulted with WAN port facing the house, indeed

Cottage 1 & 2 have the same router model, Cottage 3 has a different one (Netgear), and this one works nicely

I suspect the brand of Cottage 1 & 2's routers to be crappy, they're the same brand of the Ethernet Switch and they were in place when I arrived

So why is it your fault they're broken if they were already in place?

because the client tells me it worked before I worked on them

I'd be correcting that misconception before any networking problems tbh

the only thing I did is renaming the SSID so that the guests could find them easier to connect

but if we only take this

You can't and should not be responsible for any networking equipment you've ever touched, especially if it failed later and you didn't supply it

But I get it, money

it's not a complicated network, is it?

No. But it's also not properly isolated.

And that lack of isolation (and of course your lack of control over the equipment in use) leaves you with a few particularly fun failure modes

so in order to isolate every cottage on the network side, I'd need to replace the Ethernet Switch, right?

Sure, but I'd hate to see how you get paid for it if they'd reject a $30 more expensive router

well, I got a free wifi router with 3 LAN 100 plugs, a client gave it to me

if I can reuse it in that scenario, i'm okay

my working time is nicely paid, and the client is nice and cool

he just wants it working for next summer

Does it allow you to independently manage the interfaces?

If not it's no better than the switch was

i'm plugging it to check the management intercace

if it's a consumer-grade router you can default to "no"

it's tp link

No chance lol

many routers employ this kind of structure
router>internal ethernet switch
and not
router > bunch of independant interfaces

-So it's basically just adding an extra NAT in and you get a crappy 3-port switch.

It will let you determine if the existing switch has dead ports but little else.

And it's not an especially likely failure mode though it does happen.

Here's a block diagram for the hEX lite - it's architecturally the same as described above but the switch and router operating system expose them as if they were regular interfaces attached to the router CPU, which is not something a home router manufacturer is going to bother to do.

Well, trying to use the tplink router broke my Internet

And I don't really understand the difference to be honest, but if I need to order that... I will

It's not just ordering that

It's knowing how to do what you want

And what a secure and robust enough configuration is so they can't break it again

Honestly the tplink home router interface seems pretty "complete" to me

May I try it ? to replace the ethernet switch?

could I be able to isolate the 3 cottages with it?

thanks for the help anyway, sorry if I'm a bit dumb

It's not hard for something to look complete if you don't know what complete is, and your product targets a different market with different requirements.
This is a hEX I'm using to stage and configure another attached router and handle a few failure cases, with two networks.

it's configuration is an absolute mess but that's beyond the point, I attach and remove stuff from this all the time

Just for fun, this one has three ways out to the internet and two are disabled or removed

But I don't need 6265431 settings for my use case, do I? I mean, what specific SETTING to I need for my usecase?

Multiple LAN networks

or some way to define them

zero computer will be connected to LAN

only through Wi-Fi, all I want is 4G+ internet <-> 3 LAN ports <-> 3 Wi-Fi routers

You could also use port isolation on a managed switch