#networking

honestly, consumers dont really need 10gb.

I can get symmetrical 5gb where I live, and simply have absolutely no need nor interest in it.

its only 30$ more per month than my 1gb symmetrical too.

its just id be spending probably 2 grand in switch and wifi upgrades to make it have any use...and even then, it still is moderately useless to me. 98% of the internet cant handle that sort of speed.

i do need gigabit internet, as i actually do use the pipe to its absolute maximum in consistent bursts, but those are bursts.

Even 100Mbps is good just for regular browsing and shit, its just downloading large things that sucks

i do way more than just regular browsing, but you arent wrong tbh.

i generally dont recommend most people get more than 250.

gigabit for most homes is so massively overkill

if i didnt have basically a datacenter in my media room, i wouldnt be bothering with gigabit myself.

lol i made my parents get gigabit

even though i'm barely home anymore

it's only $65/mo so who cares

I just want more than 20mbps or so upload that is basically the enforced consumer limit here...

Bothers me more than downloads actually

when i moved into a house part of my decision making was based on internet availability.

i had a demand of at least 2, preferably 3 providers, so there is competition.

I've got 3 providers that can do gigabit

2 that can do 5 gig

the 3rd is Spectrum cable so it doesn't really count lmfao

same. and same.

comcast can fuck right off.

apparently you cant say the words go and the words fuck right after each other lol

very odd filter...

1 can do 10 gig

for only $150

but its not worth it lol

thats a huge waste of money for anyone that isnt a medium sized business

even if its only 150

its still just like ...but why?

@peak cloak I cleaned up my rack lol

i guess you could host a booter service.

sell ddos or something lol

only real use.

That would be solid advice if it didn't require me to live centrally in a capital city, easily multiple thousands of dollars a month more than the too much I already pay. Or leave Australia I guess.

Leveraging high performance cloud storage with near-local throughput if not latency. Hosting many services locally so you don't need to rely on the cloud for everything.

I'd host a few things of moderate but not critical importance locally if throughput made it feasible.

i do this on gigabit.

i dont live in a capital city

i mean, its a city of 9 million people. but its not even a local capital.

The great warranty experiment

This is two and a bit months of running a script that publishes stats to DNS every 5 seconds

The script was modified at one point to try to reduce writes with some improvement

The Mikrotik forums are full of people panicking over 100k writes :P

I need 3+ years

Morning; I'm having very weird network issues and I have no idea what causes this. I noticed the same thing happened yesterday morning (similar ping spikes, disconnects). How can I go about identifying what is causing this further?

I need a recommendation for a nice home wifi/ethernet router

kgo!

lol

What's nice for me might not be nice for you

I'm using a hEX, an ISP router with DHCP off as my AP and an ltAP Mini as my modem.

The ISP router has a CAT6 modem in it of the same specs and nearly the same model as the one in my ltAP mini and could probably do the job of all 3 considering my homelab's in bits anyways

I'd buy a hAP ax3 if I wanted one device to do nearly everything and had an ISP cable/fiber modem though because I use 4G I'd be plugging a USB modem into it.

How large is the space, how many floors?
Any considerations on where it must go?

the living space is about 100m² / 1,076ft², single-story, and the router will go in the lounge room/living area

Is the lounge / living room area center of the areas you want wifi?

The reason I ask is related to the information above in terms of what kind of coverage you are looking for.

i mean...really? get a dual ethernet nuc clone, or a dell r210 II for like 80$, throw a 20$ low power xeon in it, and a 2.5gb nic card

https://www.ebay.com/itm/275444510187?hash=item4021c5adeb:g:27cAAOSw6ZFhS6O9

Intel(R) Xeon(R) CPU E3-1220L V2 @ 2.30GHz

it DESTROYS basically anything consumer

gonna cost more in power...

I always think that stuff that old is loud, and power hungry

heh...

5$ a month.

according to kill-a-watt.

That’s why I love my fortigate

7W max power consumption

Intel(R) Xeon(R) CPU E3-1220L V2 @ 2.30GHz

its 13w tdp.

as for how loud it is, its inaudible.

use IPMI commands

ipmitool -I lanplus -H yourip -U root -P 'passwordhere’ raw 0x30 0x30 0x01 0x00
ipmitool -I lanplus -H yourip -U root -P 'passwordhere' raw 0x30 0x30 0x02 0xff 0x14

Rn the 40F is doing 4W

And it’s 100% fanless

yeah, but mine is 1.) upgradeable 2.) can handle literally anything i throw at it and 3.) has OOBM management

^that was redundant. OOBM

I don’t really need all of that lol

i can throw a 10g nic card in this, and have 10g routing

It handles gigabit WAN and all of the firewalling and vpn/inspection needs I have

or more or whatever i want

im not saying your way is wrong, im saying the differences are rather minimal in reality.

but the performance from mine is insane.

i keep my entire 42u rack in my cinema room

and with fan tuning, i cant even hear it

a few, but again, i average between 2 and 5% cpu usage

My entire rack just stays in the basement so it’s completely silent from the areas people are in

its not really taxing it at all, i simply got it, because i will basically never need to upgrade it

right now im just running gigabit, and it has no problem pushing gigabit

@peak cloak I want to redo our production network at work

I could probably hit about 5gb thoroughput before i started having to tune it

$$$

over wireguard that is

@rocky badge I got hired to do CMS work on uni's websites

It’s not that bad

we'll see how it goes

“Production network” aka the network all of our live event production stuff is on

id say if i were to run it at MAX capabilities, it could do 10gb wireguard, but id probably have to upgrade the CPU

Video, lightning, audio

which would cost more power

@peak cloak they are trendnet multi wan vpn routers with netgear AV switches :(((

also im a dumb dumb and forgot to re-enable aes-ni after testing stuff

Tbh the netgear AV switches are fine, but the trend nets are awful

i noticed that by my screenshot

fixed

They handle IGMP snooping and querier correctly

And work well with PTP

also pfblockerng is chefs kiss

i moved from opnsense back to pfsense

opnsense is great, dont get me wrong...but their updates have some...stability questions.

@peak cloak my biggest annoyance with the current production network is only one of the trendnet routers handle DHCP for all of the VLANs which is in the central management rack. Not each of the individual racks with switches & APs

i did the same as you but one of their recent updates completely broke aliases and made me redo it, and i was just like...know what...i didnt have to touch pfsense for years...the fact that i have to go in here and un-break things means its taking time. and time is money.

So you don’t get DHCP if that rack isn’t up

I feel like the video trendnet should handle DHCP for video VLAN, audio one for audio VLAN, etc etc

they pushed a quick hotfix that resolved it

but it was still downtime while i reverted back to previous version

hotfix was out within 6 hours

i usually do just because i like to see new features

but yeah the alias issue broke CARP

meaning i didnt even have HA failover

so i was like aaaaaaaaaaaaaaaaand thats my opnsense adventure coming to an end

no, that's in one corner of the house, but it's pretty much open plan with the living and dining rooms

Okay.
So, I guess my question is, have you determined what speeds you consider acceptable everywhere? what your budget is? And how okay you are with slower speeds / weaker signal the further you are from the one room?

if I can get really fast WiFi speed, great... but what's more important is stability, especially with a bunch of mobile and smart home devices all connecting to it

I can spend about $200-250 AUD (this is roughly $120-150 USD)

might be able to stretch my budget a little more

You probably don't need a mesh system I assume right considering your home's size?

yeah it's not necessary, and I've already got 2 WiFi routers that I can set up as extra access points

they are just old

Are you looking for any advanced features? or just basic features with good reliability

doesn't need to be ultra fancy, but some flexibility is welcome

reliability is important though

I'd definitely go with something WiFi 6 as they have come down in price greatly, ASUS makes good consumer routers, TP-Link is acceptable also

the one I'm looking at right now is the NETGEAR AX1800 Dual Band 4 Stream Wi-Fi 6 Router
https://www.netgear.com/au/home/wifi/routers/rax10/

What is your internet speed?

I have a 50 down / 20 up plan

The speed out of that router should be fine then, I'd just research reliability

one of my friends recommended this to me ☝️

Only thing I can't find about that router is if it has MU-MIMO which is pretty important

nevermind.. apparently all wifi 6 routers have mu mimo 😛

well unless all the devices you're trying to connect support MIMO, it's not going to matter, as all it takes is one device without support to switch of the entire feature altogether

That router looks fine. I'd be willing to bet there's custom firmware for it aswell so you should be set if that ever interests you.

I can get a nice deal for it at a local retail store, $179 ($119 USD)

The only real routers I recommend against are eero, Google WiFi and all the other huge "Amazon" like companies that will harvest your data. 😛

Any good router/switch with at least 2,5gbps ports ? small form factor

do you want a combo device or seperate device?

Your best bet either way is probably building something yourself

Combo would be best but those do not exist

Low power is they key here

What's your budget?

There isint one

just yet

Just looking for recomendation as my ISP offers 5gbps

but router/modem box has 1gbps ports -.-

Honestly, the equipment is really expensive. I'd just get gigabit.

already have one

5gbps is 5usd more

you're gonna be paying $500-1000 for equipment that only a few devices can use though.

I would not ask for 2,5gbps ports if I could not use them would I? 🙂

My bad, I've seen way too many people say x speed is only x more and then get turned off by the cost and the fact that only some devices can use it lol

I'd look into OpnSense

https://shop.opnsense.com/dec700-series-opnsense-desktop-security-appliance/ This may interest you?

Oh yeah forgot about them

You could also go with a SFF Optiplex with a dual 10gig card but i'd be worried about power consumption

Open sense could work

You could also look into the UDM SE, just note that the IPS/Firewall functions only go up to like 3.3gbps iirc

#networking

I had to do this lol. Too funny.

What is everyone using for cat cables? I have a cat6 Rohs flat cable ( just theone connected to my pc) and read briefly that flat cables are not that great, as far as up times or something. I am looking to buy all new cat cables for the house and a giga switch as I have an old D-Link Des-105 10/100.
Thanks peeps.

i have at most 2 Mbs per second download and less then 1 Mbs per sec upload.
my house runs on old phone line, and i am in a nieborhood with old AT&T wifi.
tried upgrading out old router to make it slightly better, but it runs off of ethernet cord, and we have cat 4 dsl so the router dosnt work with it....

does anyone have sugestions on how to make it slightly better, ive been living with this for years and im sick of it
(moving or refitting the road is not really an option)

#networking

I bought a handful of inexpensive cat6 cables (very thin round wire) in 2, 6, and 15 ft lengths from monoprice. They are cheap enough you don't need to bother with cat5e anymore.

I got them when I bought a pair of 5 port 10 gig switches to use as our LAN backbone, with 2.5, 5, and 10 gig wired connections to computers and wifi AP.

I admit, 10 gig is complete overkill since our Internet is 1 gig fiber, but it was fun putting it together and all my local disk backups are REALLY fast now.

Plus, they offer 2 and 5 gig internet now, although we don't need it now, but who knows about next year

Wow, great deal. I'm finally switching over and have had gig+ for a while...and have not really looked into the speeds until the other day. sigh Figured everything and now don't need a giga switch as I found a dell power connect 5424 optimized switch ( total overkill) but plan on building my owner server for testing and learning purposes.

Yah you never know when we'll need 2g,5g or even 10g lol..I'll check this out and appreciate the feedback!

My Mac Studio came with a 10 gig Ethernet port. When I bought the M1 Mac Mini, I stupidly didn't upgrade to the 10 gig port, but it turns out 2.5 and 5.0 gig usb3 adapters are inexpensive. I use them on a couple of mini-servers, and they are working quite well.

I installed ntopng on my Linux home firewall, which is handy for seeing what's using my LAN/Internet.

just use normal cat6

Good to know. I just started using Linux ( on the side, for classes etc) It's not too shabby! Still lots to learn.

Thank you for the input. 🙂

I use Monoprice CAT6A slimrun cables

they are super slim.. and can do full 10gig

What modem do y'all recommend for general purpose/gaming? ISP-Cox

Just upgraded our network to TP-Link Deco AXE5400 (https://www.amazon.com/TP-Link-Deco-Tri-Band-XE75-Pro/dp/B0B8B8MCF1) and we just put our old netgear nighthawk AC1900 in bridged mode but having some sporadic download issues and increased latency

Arris SB8200

or Arris S33

bless, I want the most no-nonsense and tbh I kinda hate netgear products

Arris is the best for DOCSIS cable modems overall

buying a new cable modem won't always improve your speeds or reliability, but if you're paying the cable company money every month to RENT one, buying one will save you real money. Sometimes, replacing a modem with a newer one can provide access to higher speeds, but that really depends on your cable service. Cable modems use multiple "channels" of bandwidth, and older ones aren't capable of using enough channels to reach 1 gig or faster, but newer ones can. If that's your case, an upgrade will help a lot.

but research may be prudent, before spending cash

Plus cable modems use shared bandwidth with all your neighbors on the same cable, so even if you upgrade to gig cable modem, you might not be able to get that during prime time evening streaming, since all the neighbors want that too.

^

Also, I’ve heard of a bunch of people having ping / latency issues on Cox so it could just be the internet provider. Definitely do your research.

The main issue I’ve heard from people that have Cox is them “over-subscribing” nodes. (More people are signed up at each “splitter” than there should be)

Yeah this was the main idea. I kinda want an excuse to get rid of their device anyway. I have a feeling though I'll need to "Upgrade my internet package" with them to end up resolving the issue. I'm grandfathered into an old plan so I have enough download for our usage but I'm also in southern california so sometimes it just sucks.

You might want to see if they have any restrictions, or recommended (supported) makers/models they recommend. Those are more likely to get working easily, or at least, to get any questions answered.

Comcast used to charge me $7/month to rent me a cable modem, back when I had 70 mbps cable modem. I bought one for like $70-80, and kept it for at least 4 years, so I saved a ton.

But I made sure I bought one they wouldn't complain about

there's no "sometimes it just sucks". Cable modems ALL suck.

All cable companies are money sucking vampires

preach

thanks for the recs and tips, I'll double check it's on the supported list. I have a hard time following reviews on network stuff

Heya so I have a small issue. I’m wanting to upgrade my router (possibly modem if I have to) cause currently I’m on a gig speed internet plan through spectrum. My internet is going from around 500 when I run a test to suddenly dropping almost as low as 150 download. Seems like it’s super shakey with everything. The router that I have now is probably the issue cause I’ve read really bad things about it since it’s the usual one spectrum gives out. Anyone got any suggestions?

If it's faster in the middle of the night, it's not your hardware, it's oversubscription (too many people with gig internet trying to use the same 10 gig backbone)

Yeah, WiFi is notoriously inconsistent. Wired connections FTW

It’s plugged in through Ethernet, I prefer Ethernet fully cause it’s more stable but in this case it’s not really.

Also it’s not an aio like where the modem and router is mixed in, they are both separate

I could give both those two if that’s not gonna give out too much info on me lol

As dumb as this may make me sound, how do I plug it in directly 😅

46% 😮

It’s an iOS app

https://apps.apple.com/us/app/adguard-home/id1667119601

I’d assume you mean the yellow port on that? Since that one is my modem and not the router

ooh, 2.5Gig modem.. interesting

Is that.. bad? Lol

No that’s good lol

most ISP modems have only 1G ports

Also would I need to use the yellow cord that came with the modem?

You can use any Ethernet cord

But yes you can use that cord if you want

the cord it came with is likely cat6, so I'd use that

Most routers I’ve seen come with CAT5 or CAT5e, not sure if a modem would be any different

I think I confused myself bad when reading that, I’m so tired lol

some of the hubs I’ve bought only negotiate at 100mbps.. found out why the other day.. the manufacturers were so cheap and only connected 4 of the 8 wires for 10/100

So should I take my pc in there directly? Cause currently I live in like an apartment with other people that’s why that’s in the other room for now

I literally just downloaded this app right before I posted that image 😂

Usually I just use the website

also fyi it prob will not work with both router and PC plugged in

Yeah that looks pretty nice.

Looks like it goes by the stock android guidelines also which is nice

Do you know of any Portainer mobile apps by chance?

👍

Been struggling to find one haha

Modem is on the left and router is on the right. Sorry btw got busy talking to my roommate

Plug the black cable where the yellow cable is currently on the modem

Yes it is

When I did that earlier it didn’t even show anything on my pc for Ethernet

I’ll do it again to see

is that the ISP WiFi router?

Yes it is

Wouldn’t surprise me

Both router and modem provided by them

Yeah when I did that it doesn’t show me on Ethernet at all.

cable systems restrict the MAC address to the one of your router. It's very common.

Yeah they say it should be fine. Saying there shouldn’t be issues. Does make me wonder if it’s the router

If you can figure that out, Linux firewalls can change their Mac, and emulate it

Cause can’t the router cause internet issues too?

Like Ethernet wise

So should I upgrade then..?

Yeah I’ve called, got them to reset it, tried doing other stuff to reset it personally and make sure it isn’t me. Seems to be just the internet itself being an issue.

I’ll go from 500mbps to sudden drops below that

Like almost 150 as I stated

Pretty consistent at times

Like at night it does the same even when everyone in my area should be asleep. Mid day it does it too. It just seems to be an issue hardware wise. My modem is an ET2251 and the router is a SAX1V1S

Maybe but idk.

I’ll definitely have to buy whenever I get paid Thursday

Yeah I’m currently doing it. My download is 236 rn

190 now, it seems very funky lol

decided on buying the Netgear AX1800... it's going great, works better than my old WiFi setup

the Nighthawk mobile app is also handy

Should I probably get a router at the same time possibly?

routers will become "bogged down" and run slow after left running constantly, much like a PC does... they will need a reboot every now and then

I rebooted earlier and it honestly seemed to get a bit worse

.... they absolutely should not. They might but it's certainly not a given thing.

of course there are other factors, but generally speaking, it has been a common thing in the home networking h/w... even Linus was talking about this in the past
https://youtu.be/WXbidC6q5-Y

I expect my networking devices to Just Work - and they do. If I needed to restart a router periodically I would replace it, because aint nobody got time for that

but shit tier stuff? yeah, sure

well you know, when you break it all down, they are just computers right?

I'm well aware

so they can be prone to the same issues as PC's

What you're asking of a networking device vs what you're asking of a PC is vastly vastly different, and the software used to achieve it is vastly different

not only that, but the design goals and software approach are different.

ok, so then Linus is pulling sh%& out of his ass in that video then? lol

just like everything... there's nuance.

and like I said, shit tier hardware is likely to have more of these problems.

also depending on your connection type and situation, it may have been a network disconnection, and rebooting the router re-established the connection (but the router was fine)

My main complaint is you said they will become bogged down. That's absolutely not the case.

Not to mention decent routers have a watchdog that will reboot itself so you don't have to.

well I'll admit my knowledge about home routers is severely outdated, so the "bogging down" thing could be a non-issue now afaik

I haven't bought a new router for at least a full decade up until now

So you think I need to buy Both a new router and modem? Is that what you’re saying??

If so what’s your suggestions.

Honestly... Not sure.

But it does seem that something is weird

I’ll test it again rn

Download speed is 353, when I first got the internet like maybe a few months ago my internet stayed around 700 mbps download with nearly no issues.

for me, even that would be too loud, with the only viable, accessible option for my network rack being under my desk in my bedroom

should it be looking like this?

A networking question to peeps that are more knowledgeable than me
I have a network of over 300 cameras that their IP address is different from the NVR because of limitations so my workaround was changing the subnet to 255.255.0.0 instead of the default
If there's a better solution that anyone has in mind because I need to add even more devices in the upcoming months

instead of moving over to a straight /16 network you could use something like 255.255.252.0 which would be a /22 network and vie you 1024 ips in the ip range

255.255.254.0 would give you 512 ips

More networking but better

Beautiful connection

Perfect cable runs

its dead silent

read the IPMI commands i sent earlier lol

its quieter than my desktop pc

also if you really want to make it silent, you can throw noctua fans in it if your comfortable with splicing wires.

i have a set that I did, but i ended up just leaving the original fans in and setting up an ipmitool cronjob.

dell does some funny shit with the wires in which they didnt make them standard so you basically have to swap 2 wires

just dell things.

😭

there’s like 20 things wrong with that picture..

It’s phone line and coax line soldered to cat 6

It’s perfect

sounds like something an electrician would do

“Lemme just combine your phone line and coax” the more voltage the better! 💀

No it’s Ethernet to phone and coax then back to Ethernet

So I don’t need to run a new line

I have no words.

just use gaffer tape and tape some ethernet to the coax. and pull the coax.

actually even better, gaffer tape a fish string.

and then you can pull as many as you want in the future.

Oh what I do for networking

And no I’m not doing a mafia right now

I’m installing a sump pump so the server room doesn’t flood

Whats the best way to set up 3 routers connected to one access point

Do I disable dhcp

And do I set the main router ip range beyond the main router range?

what/why are you trying to do that

?

Technically I want 2 routers as a switch

And i got the main one

I dunno I watch a YouTube video and was like ? Eh,??

I dont have a switch but I have 3 routers . I need 2 of them as switches someone said to me that said changing my ip of my router to 168.1.2 then set the range to .10

Oh and apparently on the second router I need to apparently disable dhcp

ah so you just want them to act as switches

you don't need to do anything to IPs if you want them to act as switches

you should be able to just disable dhcp, and then only plug ethernet into the LAN ports

What lan to lan

yes?

Do I need to contact figure the second router

just dont use wan port/ports on secondary routers

@opal pagoda I'm planning atmo

Essentially I need a router on my TV to serve xbox etc

atmo?

The am upstairs pc

At the moment *

how bout you get some cheap unmanaged switches instead of doing stuff with routers

Can't afford it lol

I've just cashed out 4000 on carpet

I'm on a budget lol

It might be s**t

But I need something doable lol

.

majority of home routers have internal switches

Is it possible ?

yes

well, depends on the router

Errrm disable dhcp and leave that to te main router

What about the ip pool

what about it?

that doesn't matter

well, unless you want to connect to the routers

problem is most don't let you even change their IP address

so again, it depends on router

within your home LAN that is

So If I connect each router together and disable dhcp will that cause ip conflict?

Or am I making it worse

My plan is to use the router in the living room as a switch sane as the one upstairs and have one on the landing that does all the actual routing

Amd connect to my nas

no ip conflict if there is only one dchp server on the lan

Ahhhhhhh

Thank you @opal pagoda

Solved lol 😆

also disable NAT on the secondary routers.

your youre gonna have a bad time

@meager ginkgo I really wanna buy https://www.justaddpower.com/products/maxcolor-transmitter/ https://www.justaddpower.com/products/maxcolor-receiver/ a few each of these just to play around with it

that looks interesting

The problem is finding a switch lol

Needs:

• IGMP Snooping & Fast Leave
• PoE
  Wants:
• Not a lot of power consumption (asides from PoE)
• Not sucky switch lol
• Not that expensive

They also finally have a multicast switching config

Just Add Power used to be only VLAN switching which required something to SSH/telnet into the switch and update VLANs on the switch.

Multicast switching is the correct way

Guys, if I had a nas server online in LAN, and I wanted to make my POE security cameras record their footage and put it on that pc, would the POE cameras only be able be accessed from LAN?

In that topology traffic never hits their CPUs so it doesn't matter

Not necessarily.

Normally you would do this by running software to connect to the cameras and stream that to disk, rather than the cameras doing it themselves.

The accessibility of the cameras remotely is going to depend on your firewalling+port forwarding rules (please don't put them right on the internet)

That's how you get hacked and spied on

If you have cloud software for managing them remotely that's probably not going to care

I’ve had security cameras run on SD cards and DVR (non poe cameras) and never had to port forward, and I don’t even know if these are good firewall rules for a Xfinity router, but the maximum one doesn’t allow some of my cameras stream

How do I know if it’s safe? And that I’m not being spied on?

well a vpn and vlan setup will go a longggg way on your home network for starters

@clear igloo hElP

This video was showing cisco dna center and this guy was like “I switched to tp link”

To be fair Cisco pricing is just dumb for most people

this

If a 10 minute outage will cost you a million dollars or whatever design a properly redundant network sure

i mean if you're buying new cisco gear as a person not a company you might have other problems

If you're dropping a few million on DNA Center you're insane

Exactly

Big companies have bigger problems than expensive networking gear

..like crazy lead times for that expensive networking gear

I mean everyone had/has crazy lead times depending on the gear these days it seems

It's wild seeing some gear now with 14 day lead times and others at 6+ months still, I see people all the time complaining they ordered gear a year or more ago and are still waiting on various parts. Really doesn't seem to make sense or follow a pattern either.

I'm glad I can reliably get gear for my little business now, even if it is more expensive

But I'm small and would have just picked a different device if it was available instead

juniper did the funniest thing when they eoled mx204 and then uneoled it a few months later

Yah, at the peak I heard anecdotal evidence some vendors were even selling priority for orders regardless of who ordered first. I've not heard that in about 8 months though so thankfully that crap seems to have died out

idk about selling queue places, but they certainly prioritized some customers over others

oh yah for sure, bigger orders = more priority for a lot of them usually

The company I worked for at the height of it had basically infinite lead times because they needed lots of a cheap TI RF chip they weren't making

TI said 1 year, but it was obvious that would be pushed back as many times as they pleased if more automotive microcontrollers were needed

no, it's more of how damaging for the long-term relationship it would be if they pushed back the delivery date

That too, yes, that played a big part too

Yah, I remember that, wasn't it Ford who was selling some vehicles without chips and you could come back later to get it added in?

What a joke

i've heard cisco folded on lead times after a company cancelled a multi-million dollar order and turned to another vendor, despite having a large cisco-only network with 50M+ of equipment

must've felt really good

yah, that's not surprising, so many companies were desperate for gear so they didn't care who got them the gear it was first to get it and ship it and they'd cancel the others after getting it in from another vendor

Now we're getting into a glut of too much gear with multiple vendors signaling orders are softening as lead times improve now so stocks are taking a beating

DRAM prices are lovely now

oh yah, they're dirt cheap from what I hear

I refuse to bring DNA in

I will switch to another vendor

I wish. This is not the case.

source: I buy using millions a year

infact if you dont structure your order into multiple POs, cisco will sit on the order until every last unit is good to ship

one day i hope to work at a real company that does millions a year in networking

What's stopping you

Finding the jobs/my qualifications. Started looking at new jobs recently so we'll see where I end up

Really? Do you buy direct or like through partner?

Partner

Big boys like LaSalle, WWT, etc

There are rumors that Cisco let's a few go direct but I've never seen it

Can confirm a large company I work with hade a big shootout for a new massive campus and Arista wiped the floor of all the other vendors. They had the whole test network up hours before the other vendors and it handled the load test like a champ. Before they were mostly all cisco. I do have to say the port layouts on the Arista switches we were given were nice copper was all 2.5 or 5g with 4 25G and two 100G fiber options.

So I suspect someone at work runs dodgy software on their laptop which has spyware that keeps leaking the company email account details to spammers. I need to A) prove they are the leak, B) stop it. I have no control what dodgy software they run on their laptop but I can set up their laptop with additional email program/apps. I am looking for some software i can install on their laptop that will take over storing the email passwords and acts as an email relay. So their outlook/thunderbird will have email login/details to this app and this app will have the actual email account details. Basically exactly how antivirus scans mail by sitting in the middle of the process.
Can anyone think of something easy to setup that will do that. It needs to log all emails, so i can review if it's being used to send spam or not. The idea is that if they have spyware stealing or using the outlook/thundebird details it will sent through this system and i can catch it.

Isolate the device from the network and scan/wipe it. Monitor the email server's logins. Do not build a rube goldberg machine.

Oh and set up MFA and invalidate old sessions if you haven't already.

Monitoring outgoing emails from the server will help you more than assumptions anyways.

i have no control over their laptop, if i reinstall it for them they will simply put all their personally tools/apps back on it and whatever app is compromised will get back on there

Sounds like you need to escalate that to your superior, else it wasn't your problem anyways

i'm 95% sure its some obscure guitar effects tool of which they have many

this is a 2 person company, me and the other guy

There's no silver bullet here if they are reinfecting themselves. Fix the policy which permits it.

Or talk to him about it.

oh i have done, but that doesnt fix anything

In that case you have bigger problems than I can solve

Fix your company

i did just discover that out email host has some tools to record/log all emails. So i may be able to use this to prove if there is actually a problem or not

I'd definitely do that

We sometimes get emails that are clearly spam being returned to our address as if we sent them, but i have no idea if we actually did send them or if someone is just using our address as the 'from' address

It's possible, and there are solutions to reduce occurrences of that.

yeah, just trying to understand how this "box trapper" feature of our email host actually works

I tend to push people to M365/gsuite over generic cpanel hosts

You get better authentication options and control, audit logs

What's the best spyware scan and removal tool these days?

What email provider are you using? Also logging all outgoing emails should also tell you which client sent it

hostgator

Enforce company laptops, and isolate private laptops on a guest network, though that probably won’t solve the problem, just protect the rest of the network

it seems like that box trapper is only for incoming emails, so prob not of any use

Yeah, iirc that’s some cheap shared hosting provider. Would definitely recommend going with something like M365 or Google Workspace

No clue what that is

Is that some cPanel feature?

yeah, how do you authorize a domain swap like that, never done it before

You update your DNS to whatever your mail provider tells you

Also with a decently configured mail setup, mostly any mail server will reject incoming emails that are spoofed (sent on behalf of an email the SMTP server wasn’t authorised to send for)

If you can access SMTP logs for your current mail provider, that might help you know

so...when you're paying HostGator for both email addresses and to host your domain do you transfer both of those things to google workspace?

You can have them handle your domain for you but it's optional.

Hey there, has anyone ever tried this chinese intel based dual nic on linux server? Well specifically ubuntu 22.04

No but if the chip's legit it should work like any other as long as the support components aren't faulty

dam thats pricey for a chinese card

Are you on Windows XP or is it a Windows 10/11 skin UI or an Ubuntu skin UI?

Linux mint cinnamon with xp theme 😂😂

Yeah I found another one NIC with dual ports that cost roughly 20+bucks

Oh yea thats more like it for 149 you can get some dual port 2.5g nics that are name brand sometimes

I was planning to, but that would need me to get a 2.5gb switch. And I mostly connect to my router via wifi

That is neat lol

To make it more "xp like", I actually have set the startup sound with xp original sound lol

The same goes to shutdown sound 😂😂😂

Nice lmao

I have most certainly not seen that...
That said, when I was a student at the Technion the dorms I was in predated internet. So I had my own ADSL service for my room.

I don't think that's a real good practice? Even if the uni is going to improve connectivity, I think just by installing a few APs is already decent enough.

Assuming everyone is going to connect to the network via wifi

Just a potential solution, just by subnetting the network into smaller groups might be a better choice

Vlan is kinda confusing sometimes lol

At least from my past experience in doing Cisco packet tracer 😂

there's a dedicated AP in every suite

but yeah no router

goes to a switch

from there idk, don't work on network side of things

Could be a L3 switch

https://tenor.com/view/husky-derp-sneeze-wheeze-funny-gif-12677759

how are vlans confusing O.o

Just sometimes

it seems like layer 3(subnetting) would be more difficult to actually control than vlan's tbh

not that vlans are a substitute for subnets

people often get the 2 mixed up

although they often go hand in hand

Depending on the situation, don't get me wrong. Vlan is much simpler compared to subnet when the scale is small.

thats fair, at the office we make full use of both, but its definitely one of those things where neither is exactly a replacement for the other.

I dont know the environment and all that, but generally i would create a subnet for a different building then a vlan for each floor

then have ACL's and rules for the vlans

mainly so i can "at a glance" know exactly where an issue is occurring or originating

i'm sorry, i'm confused; how would you create a vlan without a subnet?

Vlans can share the same subnet, they just cant communicate with each other might be fine

VLANs cannot share the same or overlapping subnet that exist on another VLAN. Multiple subnets can existing within a VLAN but that is it.

For example you can make the default vlan not have any access to anything and basically just have it drop traffic

The reply vanished, this was a response to

As far as I understand that's not quite true, you can for example have a setup where multiple vlans point to the same numerical IP range.
This would require you to have a router or level 3 switch to perform the coordination, and you wouldn't be able to communicate with layer 2 traffic, however I dont see why you couldn't do that?
If I'm wrong please correct me!

You could say have 2 different DHCP ranges depending on vlan, say 0-99 reserved for DHCP for your aps and printers using vlan 99 and then 100-254 on vlan 100
Both able to communicate via IP, but not via Macs
And both would be /24 for the same subnet
And DHCP requests would be able to be sent to different DHCP servers nearly inherently

You cannot have more than one L3 interfaces on a single device all falling within the same subnet because that would break the fundamentals of routing.

First, if you do not get an error, is most vendors will choose one and only one of the L3 interface of the shared subnet as the active with the remainders being down.

Second is if it were possible, routing would be broken. You cannot route properly if the next-hop exist in multiple connected next-hops. How would it determine which of the interfaces to forward the traffic to?

Because multiple subnets/overlapping subnets cannot exist on the same device, routing-instances/VRF/VRF-lite was created for that reason in addition to VPN use cases.

As far as I understand, vlans are purely a l2 concept with no involvement in the l3 world?

You can think of an l2 vlan like a physically separate switch
And there is nothing to stop you from having 2 entirely separate switches on l2 that are only connected via a router on l3 but having the same IP address range

Yes, VLANs are a L2 concept. But L3 still relies on L2 for forwarding within a bridge-domain (VLAN).

Taking VLANs out of the conversation, you cannot have multiple L3 interfaces with the same subnets/overlapping subnets. So you're at a road block before getting into associating L3 interfaces with VLANs.

That's the exception outside of the conversation. I am talking about a single device, not multiple.

Run the wiring in the layer 0 domain

It's awful practice to have a wire running out of a switch into another port of that switch, but untag the vlan onto that cable, then run it into your layer 3 interface?

I think the problem is that there's no clear goal in mind here and this is just theory
There's a ton of bad practice you can do in theory to make things do dumb stuff...

That's the redneck method of VLAN normalization and yes, it can be done that way. But there are more sophisticated ways of doing it now such as P-VLANs, QinQ or Junos' support with VLAN manipulation

Am I doing something wrong, getting a score of C on a bufferbloat test following Traffic Shaping guide for OPNsense. Connection is around 60/30. https://docs.ibracorp.io/opnsense/ quantum set to 180 for that 60, everything else followed as the guide says.

I can't see why overlapping subnets will be a problem. Wouldn't it just work as more specific?

Routing uses more specific or longest match. When it comes to directly connected, that concept no longer applies

Your FIB will contain a more specific entry for the more specific subnet, routing or not.

Not exactly. Most specific it a routing concept. It cannot populate the adj. table with a host route if you have two interfaces with the same/overlapping subnets.

Like I said, if you NOS allows the configuration, it's going to go through a selection process where one interface is selected per subnet with the remainder being inactive. Regardless of longest match

does tiktok access my home wifi network?

It can yeah

im trying to figure out what drives i should use in a ubiquiti UNVR-PRO

i was looking at seagate fire cuda 8tb drives but i wouldnt mind some help

Seagate recommends their SkyHawk drives for that use case and at the 8TB mark they're about the same price. I haven't seen any independent confirmations that there's any difference other than the colour of the label but if you're buying drives anyways why not buy what they recommend?

-They're actually cheaper than the Firecuda ones from stores here in Australia by looks

thank you very much @pseudo blade ill check those out

My ISP uses ACS/CWMP without HTTPS 🤦‍♂️

They left it open to the internet from day 1

Entered incorrect NTP server details so time was always Jan 1, 1970 and it was impossible to make sense of the sequence of logs from the router

At first I thought they reboot on their own because of CGNAT and to manage internal clients on their own...

Then I got a static IP for my separate home server network... 2 connections to the same place but good for server work. They still didn't change this.

Now I notice my server go out once every few days between a certain time range. Made no sense why this was happening. Obviously any reports did nothing because people at customer care don't understand this and don't forward it to people who've set these things up...

One day it restarted in front of my eyes while I was running something important over putty - connection closed ofcourse

Finally checking logs myself, I entered correct NTP details and found out random IPs from all over the world keep trying stuff over ACS and suddenly it says some RPC resource is required while session is in use, reboots on it's own

So I blocked ACS/CWMP protocol completely. Now there's been no such restarts

This is one of the largest ISPs in my country... How can people be so clueless and incompetent, I'll never know. Also, no idea how much damage could be done / be ongoing over this setup since all these years

ACS/CWMP/TR-069 still to this day is not always supported with HTTPS on many devices. If a proper management network is configured, it's not the end of the world but if most certainly should not be reachable via the internet and use some basic auth methods. Most CPE/ONTs by default will only listen on mgmt interfaces.

What exactly was rebooting, the router or your server?

Random router reboots. I've even done whois lookups to IPs sending requests and they're from random countries, from digitalocean/vultr/etc... Definitely not my ISP

and ofcourse I won't let anything reboot my linux server... I already have strict iptables rules and keep logs of everything, even have my own autoblocker script that will perma block any ip that sends a malformed request.

I've done some good steps to prevent any problems, like I changed SSH port to something else other than 22 so these hoards of bots can't even attempt guessing logins/passwords, and disabled password based SSH login completely for all users, only allowing access to things over certain fixed p2p vpn protocol addresses instead of opening them up to the internet, etc

is there any way for me to force my pc to connect to a specific node in a tp-link deco x20 mesh network?

my landlord had the genius idea to not have individual networks for every tenant so eight units share one network, but the three story building is like 10x20 meters give or take and has at least two or more nodes within a few meters of eachother.

i suspect that my computers/devices are frequently jumping between the two or three nodes (between the one on my floor and the one above/below) and it causes my ping in games like WoW to spike from 20-60 to the thousands!

anyone have suggestions i can give my landlord to fixing this issue?

the node is sadly in the hallway so i cannot just run a cable to it.

@slender thorn this was my college situation. Absolute misery those cheapskates are. If there’s a coax plug nearby the node you can run moca

That’s your best bet really

landlord said i could just bring it into my appartment, so i may see if i can try that or something.

the nuclear option is just getting a line for myself, but i can't really afford 50-70+ bucks a month even though i'd get rock solid 150/150...

(i deleted the first message cause i forgot to hit reply)

You can connect to a specific BSSID - each node will have its own. There is apparently software that will let you connect to a specific one but no native option for Windows.

However that architecture is rubbish and I wouldn't expect reliability from it - it's just the cheapest and shittiest way to offer basic connectivity.

They could have at least picked one with a dedicated backhaul radio but I guess that wouldn't be in the spirit of chucking the cheapest possible thing in.

I wouldn't connect directly to that and would be using my own router for sure.

wait 200-300 dollars is cheap for mesh networks?

for anything descent

most APs are around 100

I'm trying to find a decent closed 12u server rack. Any recommendations

Hi, is there anything I need to do in VMware vspehere in order to get one of my vms a static ip or is it just to set it in the operating system? I’m running esxi 6.7

I assume if it's properly setup you would do so in vsphere

Okay, do you know how? Do I create a dedicated vNic for it to pass in. All I can find online is how to get the host on a static ip, but can’t find anything about a vm

You set static IP inside the VM OS

Errr I got an issue with setting a router as a switch I changed my default ip on the second router and disabled dhcp because isn't that done offf the main router and I have no Internet

I do have 3 routers in my network

It is when that's 2-3 nodes

@peak cloak @meager ginkgo I might be redoing our work network lol.

Right now its a messs

what does that even means? My brain can not unpack this one

Hi! So I'm having issues with youtube right now.

Youtube doesn't load on ONE specific computer which is connected VIA ethernet to a wifi extender that is then hooked up to my main wifi. Youtube loads for other devices hooked up to main wifi AND wifi extender VIA wifi. The PC is the only one connected VIA ethernet to the wifi extender. It does work when I use a VPN or use a wifi dongle to connect to the main router (wifi extender using wifi adapter doesn't work??). But using wifi and VPN is both slow and unideal.

I have tried using a DNS server on my PC like 1.1.1.1, but that hasn't solved anything. Updates also did nothing. Other websites work fine.
I do receive messages back when I ping youtube on console and I've flushed out the DNS as well.

@pale ridge pmd

I've just done a fresh install of Windows 10 and I can't connect to my network as there are no network adapters listed

install drivers

I’m planning on getting a WiFi card for an older desktop that has PCIe 2.0 on it. I see PCIe 2.0 is 500 MB/s per lane, so 4000 Mbits/s.
Would this cause any issues for modern wifi cards (such as something with an an AX210?
Anybody have any specific recommendations of one of those cards?

Just throw it all one vlan and use 10.0.0.0/8. Im sure it'll be fine.
||/s||

😾

@waxen scroll @rocky badge I just got done with a site survey for a college in which they are looking at overhauling their network (We'll provide managed services and the circuits). All Unifi, around 600-700 APs, 100 or so switches and what appears to be a mostly flat network.....

In one of their racks there is a Unifi 48 port where all but 5 interfaces have a cloud key attached....A single Unifi switch with 43 cloud keys.... Is there any logical reasoning or endpoint limit on the keys or is that just the most asinine way to manage their devices?

👀 wtf
at that point why not get a udm pro se or whatever?

using RFC 1918? That's for chumps. Just pick an IP range that looks pretty or is easier for the "CTO" to type, like 1.0.0.0/8. Collisions? Good luck everyone else!

Cloud keys which gen

Old gen was SHIT and cannot handle many devices

It’s a memory limit as the more devices a controller manages the more memory it consumes

Nah, Unifi needs to be ripped out. I know Unifi is not all to blame but their network is near unusable.

https://ui.com/consoles/resource-calculator

Just at quick glance it looked like the original gen if I remember. Going to get details in a later call where I can review their current network

700 APs at a single site is “no UniFi” territory imo

Silver or white

White

So gen 1

2GB of RAM 32 bit cannot handle many unified devices

And each cloud key/controller cannot talk to each other

If they wanted to update something canpus wide it had to happen to every “site”/controller

Yep and if we win the RFP, it's going to be all ripped out and Juniper/Mist taking it's place

im getting a demo from extreme's cloud stuff soon
we cant go unifi because we need cloud and unifi's cloud doesnt meet our insurance's reqs

Niceee

Also it was in the same rack that was composed entirely of their server infra (along with two additional racks). Can't the cloud key be ran in a VM/docker now?

Yeah

Throw it onto a beefier server/VM and it might handle all

I say might because I’ve never seen or heard of a controller doing upwards of 1k devices lol

juniper wont work for us unfortunately, their cloud stuff doesnt have the right certs 😦

same for aruba

https://help.ui.com/hc/en-us/articles/115005159588-UniFi-Tuning-the-Network-Application-for-a-High-Number-of-UniFi-Devices

What certs or requirements?

we need their actual deployment to have soc2 class 2

just being hosted in a datacenter with soc2 class 2 isnt enough

Well after the survey, it's clear that Unifi cannot handle it at that scale. We'll see based on my next call what their network looks like and what's actually cause it to crap out near constantly

Yeah

Ubiquiti knows it too lol

wont let me drag the slider higher than 75 aps lol

I know only the basics with some compliances, but not familiar at all with SOC2. Looks like Mist supports it but now sure what's required within your DC for it to meet it.

yea it would require us to go out and get soc2 certification on our side

but the problem is we dont provide updates for the aps themselves, and the cert requires that every found security concern be patched within a specific time frame over the course of the certification process
class 1 cert is just is everything up to date and patched when certified, no long term commitment

How many vendors does this limit you to? The big players tend to at least have security updates each month, but I'd be curious what the timeframes are. Sounds like a stability nightmare though as your network would essentially be required to be running the latest releases.

is there any way for me to make it so my computer doesnt constantly hop nodes in a mesh network?

42.0.69.0/24

Depends on the severity of the problem, and the requirement is limited to the systems storing data and all of the systems that have access to it
But so far only extreme and meraki seem to fit the bill

Nice

question, why does google.com/@bing.com go to bing.com and not a file called "@bing.com" inside google.com?

What?

from the wan show, putting an @ in a url basically makes the last bit after the @ where you go instead of the whole thing

Oh, idk anything about a wan show or what that is talking about

If you remove the forward slash, it just looks like an http auth string

the internet is blowing up about google's new ".zip" domain. the problem is, putting an "@" symbol in a URL , most browsers ignore everything before the @, so "google.com/@42.zip" will not send you to a google.com address, probably do a 404, but go to 42.zip instead

but my question, why the hell is this a default behaviour

Is what i get

oh thats cool, looks like...your browser fixed it?

I don’t know

oh hey, it usd to do that last week, interesting

But again, if i had to guess, it’s just being interpreted as an http auth string

ooh yea that makes sense

Usually something like username:password@example.com

So it might assume everything before the @ is a username and password, realize their is no auth, and then discard it it

Interesting, discord strips the auth string

http://user:pass@example.com/

ooh yea i see, that makes sense

Try that in your browser, you’ll just go to example.com as if you never added the username and password part of the URL

looks like google fixed chrome that if you put a / between pass and @ it'll not go to example.com

is cisco 876 worth anything today?
i got it for free just to mess around with it

Anyone know a good modem router combo that works with multiple ISPs with 10/100/1000 lan and 2 2.5gb lan/wan ports?

Pretty useless - Left support a decade ago, unless you have Advanced IP services it only allows one VLAN (else 4) on it's Fast Ethernet switch.

So unless you have Advanced IP services and/or IDSL you can't even segment your network properly between WAN and LAN

Add to that the abysmal routing performance and - yeah...

yea before i got it it was doing vpn tunneling and was replaced by mikrotik hAP ac²
speeds went from 1mbps to 20mbps

Take the hint and buy a hAP ac^2 of your own :P

i wasnt planing to use that cisco 876 as my router anyway, ill just mess around with it

tip: Don't get a modem router combo lol

Hi is it possible to route all dns request through pi hole if i set the dns as to the pi hole server in my router settings
I dont want to change the dns of each and every device individually

kinda? yes. I assume the router setting is the DHCP server setting which is basically telling clients, "use this dns server"

but that ofc can be changed by the client, so it won't force people to use that dns server if you want to block sites for example

I hope so I have to reset the router since I forgot the password

It doesn't change usually right as long as they are connected to the router

DNS over HTTPS clients will just ignore DHCP-set DNS but at this time it'll get most traffic.

I see

At home, I run ISC dhcpd, bind9 DNS, and "stubby" DNS over TCP server, which Bind uses as a forwarder, so all DNS traffic from home, except devices that ignore the DHCP assigned DNS, are protected from the ISP.

I've learned most of the IoT devices (Honeywell thermostat, Blink cameras, Echo speakers) have hardcoded DNS settings, and ignore DHCP's DNS server.

that can be forced too

unless they encrypt it

oh, sure, but I'm less concerned about private info, personal habits, browsing preferences.

I mean, less concerned about that info leaking from iot devices

I block outbound WAN for port 53 from everything except my recursive dns servers

And for IoT I block encrypted dns, and common dns providers entirely

I rewrote 8.8.8.8 to point to the local resolver to deal with a few noncompliant devices.

I just don't let my IOT vlan access the internet at all, except whitelisted destinations.

that's nice. I used to be more paranoid, but over the years, have come to understand that you'll never stop the smart hackers, and the stupid ones are often defeated by setting up a long wifi passphrase and using anti-virus software.

It's the guys who can hack your phone with zero clicks that you need to be scared of. And honestly, what can you do about it?

Not use your phone?

Well that's the zerodays

Stuff like wpa2 being crackable is known

Sure, but WHY would anyone target me, unless they were spearfishing

they wouldn't

they'll move next door, where the password is "password123"

Well with IoT stuff it's more that they often have crappy insecure cloud services which can push new firmware to them or generally be useful to malicious actors.

Yeah. That's why I put my iot stuff on a seperate wifi network, and firewall it off, so they cannot access any of our other systems

My firewall has seperate interfaces for inet, lan/home wifi, iot wifi, and lab systems. None of my lab or iot systems can reach lan, but the lan can reach everything.

oh wow i didn't even think of that, that makes sense. how hard was it to get that list of sites?

ijust rerouted all dns port traffic, would that be good enough?

lol. I just reviewed the dns query log, filtered by source

if they aren't querying your DNS server, what log are you looking at?

If they are, and you forward to dns-over-tcp or dns-over-http, you're golden

Like @nimble sable , I redirect udp53 to my local

ah, okay. they are hitting your server then. cool

are y'all using doh or similar for upstream?

they you are rewriting ALL dns (udp/tcp port 53) traffic to your own server?

cuz roots can't do any of that right?

I use "stubby" for DOT

roots? Do you mean DNS root servers? No, DNS is fundimentally insecure. Open protocol. DoH or DoT provide some security, but only up to the DoH/DoT server you query.

where does the stubby go?

I use it to stop AT&T from gathering info on me and selling it for profit

I just do ad blocking, with a little bit of geo bypassing added in for fun

My firewall runs Bind DNS which forwards to 127.0.0.1:54 (stubby), and you configure that to hit the DoT server of your choice. I use cloudflare, but have used others too form time to time

ad simljole has changed my life lol, can't do without it now

ad blocking via DNS isn't very effective, I've found. I prefer the EFF's Privacy Badger browser plugin for blocking most ads.

mmhmm. It gets used in conjunction with browser plugins

and dns-based geo bypassing is still one of the lowest effort methods, so

Ad blocking via DNS tends to be overarching, and piss off the non-techie users in the household. That's my experience. If it works for you, great.

unless y you have proxy with complex blocking setup?

Works fine for myself, my wife, and my kids /shrug

Privacy Badger blocks all tracking cookies, no blacklists required, it just works.

ads tend to require them

yea, oddly my parents didn't even notice it, which is Actually a bit concerning

Yup, and that doesn't help with things that can't run browser plugins. Hence my use of both.

wait, and it's NOT called "cookie monster"? missed opportunity

the only other app I use that still shows ads is Youtube in a browser, and I use Youtube Enhancer plugin, which solves that issue.

and gives great controls I like

I may pay for Youtube ad-freee, eventually, since Youtube has purchase NFL rights, and isn't too much more expensive than our current Sling TV orange+blue subscription

Sling orange+blue costs like $60/month. Youtube TV is like $75 or 80, isn't it? I wonder if it'll go up again once they add the NFL shows

I pay for Youtube Premium Lite, and Sling blue

7 bucks and 40 bucks, respectively

Sling Blue has the best channels, but Orange has ESPN and NFL network, so the wife demands it.

I regret ever teaching her the NFL rules

nod. I live in Europe, so we don't care about ESPN or NFL. blue has premier league, for my youngest son.

That would be more effective - it's just that I knew those devices specifically used 8.8.8.8

Planning on build my own NAS, I need a good 550-650W psu

I have a synolgy Nas, the lowest tier one with two bays, what's the chances that I can get it to work as game storage for my Xbox one? 😅

Please tag upon reply

0%
for pc you could use iscsi to mount the network drive and it would act same as internal one

Playing with fiber optics, got gigabit link set up using media converters and a total of 600 feet of OS2, 100M of direct burial stuff.

What are the cheapest options available for media converters that support 10GbaseLR and 10GbaseT ?

Yes that is a T-mobile/Nokia 5G trashcan

did you terminate that direct burrial fiber yourself or did it come pre terminated?

and where can i buy some

hey i want to make all requests on my vps through my ipv6 address and dont want to share ipv4 i have a /48 block how do i implement this?

example:

vps - ipv4 -> youtube.com (my current issue)
and i want to implement
vps - ipv6 -> youtube.com (as to not get ratelimit)

um, maybe only configure an IPv6 address on it? Turn off IPv4 in the network manager, or via manual IP config.

remove the IPv4 default route?

Depends, if your VPS addressing is IPv4 only then NAT46

https://superuser.com/questions/1067995/can-we-use-ipv6-addresses-only

that guy uses NAT64/DNS64, but like Lurick says, if your VPS doesn't have IPv6 already, it wouldn't work

just to check this wont cause some fucky issues:

i use airlink to stream games to my quest 2. this requires a 5GHZ connection to a router connected to the PC.
At my house i have a router far away from where i will play.
What i have done is ran a ethernet cable from the downstairs router to the WAN port on the router where i will play.

My desired outcome here is to be able to connect my Quest to the close router without harming the wireless connection of other devices connected to the downstairs router.

i have already done thus and it does appear to be working but im just concerned something will screw up down the line

You can do that safely. If both wifi routers have the same SSID, the clients will always pick the stronger signal. If you choose a different SSID, you'll have to connect to one or the other.

yeah this is what i tried originally but i was having some issues with it. ive also heard that airlink does not play nicely with multiple APs so i thought this method would work

The 5 GHz band has many, many channels, and the routers will avoid ones in use by other nearby routers

Oh, airlink, that's the Verizon hotspot, isn't it?

that's not just a wifi router. That's a standalone device.

uses Verizon as the ISP. I don't see how you can use an ethernet cable to extend it to another rooom

think we are talking different kind of airlink.
Metas airlink is for the quest 2. it lets you play PC VR games wirelessly to your headset without a cable

If you had a wired ISP with a wifi AP/router on one side of the house, you could plug a cable into it, and into another WiFi AP on the other side of the house, and both would be offering access to the same LAN. If you have two routers, each using their own ISP, you would want to use two different SSIDs, otherwise your IP would keep changing to the other's LAN

That device, I'm sorry, I'm not familar with.

The first thing I read, though, says it only works on the 5 GHz band (802.11ac or 802.11ax) which means you have to have a WiFi AP that supports one of those standards (WiFi 5 or WiFi 6 should do)

If you run a wired connection from the working side to the other side, can you plug a PC into it, and get on the LAN? Does that cable work?

If so, you should be able to configure a WiFi6 router, use a unique SSID, so no one else will compete for WiFi bandwidth, and configure the Airlink to use that SSID.

You can use a small 4/5 port gig hub on the far end, plug your PC, game console, and WiFi router into it, all will get access to the same wire speed (to the actual ISP router, that is).

yeah like i said ive got it all working im just not sure if i will have issues down the line

Shouldn't

Normal stuff

ive used airlink multiple times its great, but that was at my university house and the main router waas just in my room already so never had to come up with this solution

5 GHz signals don't travel as far, or through walls, quite as well as 2.4 GHz. It makes sense you might not reach the signal if you have a big house, or lots of walls between the two ends. All you did was extend the LAN/Wifi signal to the other end. That's how every business works, with APs plugged into the same LAN, all offering the same SSID.

the only thing i could think i would have problems with is competing signals casuing inteference but speed test isnt showing decreased latency or bandwidtrh

When you open the list of SSIDs your device can hear, you'll see all the nearby neighbors. If it's shorter than a list of 20 or 30 SSIDs, you won't have too much interference, most likely. Inside giant apartment buildings, the story might be different.

2.4 GHz only really had 3 effectively useful channels, 1, 6, and 11. There are more channels, but they all overlap, and interfere with other nearby ones. It got ugly after a short while, because of that. 5 GHz has tons more channels

I got this, offer accepted for $135 https://www.ebay.com/itm/112543069228

FS.com has probably better quality stuff that is ACTUALLY qualified for direct burial. The seller did recommend this product for direct burial application when I asked if another one of their listings was direct burial rated.

I also have the stuff I need to make fiber terminations myself. I got the LC UPC connectors, a little puck, extreamly fine grit sanding paper, cleaver, etc.

but this cable was pre-terminated and message the seller to have it terminated however you like.

I always get my cables from monoprice

Monoprice doesn't (seem) to have direct burial fiber rated 100 meters

Yeah, I'll bet not too many businesses, other than last mile telcos and cable companies bury single runs of fiber. All the fiber I've run, was inside a interior cable run meant for network cables.

best laying method is microducts and then fiber just gets blown in

i need help

i was play roblox and it was really laggy and it send this

You're looking for #1027757333117415424

How much do motherboard antennas actually help?

Compared to having no antenna on the wifi card?

They're the difference between connecting to a router and not in 99% of cases unless it's like 2 feet from your PC

Lol it’s across the house downstairs

I just remembered I never put them on

So I shall

I mean you might get signal at distance but I would say you're talking about 2.4GHz and super crap reliability at best if you're lucky enough to get signal

I've seen it happen it's not pleasant and the biggest issue isn't signal getting to your device (weak as it may be) but sending data back is basically not going to happen 😛

I’m trying to play an online game, so I’ll see if my Wi-Fi is just cutting out completely, or I don’t have a signal currently

(I have Ethernet hooked up, but that’s not working atm)

ah, yah, it won't hurt to try and see without them but I wouldn't expect much 🙂

lol who would have thought

it went from barely registering the wifi

to full bars

That's about right, haha

ty

hi @rocky badge

I went looking at brother printers just to see whats new

their new printers are still only shipping with N support

heh

my current brother only has G

@clear igloo we're gonna be screwed with IOT once 6ghz hits

6GHz too expensive!!!!!!!!1 😛

I wonder if they do this on purpose because the device CPU cant process data that fast

so its a hack to keep using cheap crap

yah, every penny counts for cheap stuff

yeah

mines from 2001 or something lol

I'd get a new one now if they didnt mess up the wireless

my scanner puts a line on all documents and I cant find the cause

Ethernet connectivity ftw

well about that

its also still 10/100 and vendors like cisco are abandoning that support on switches

zenwifi xt12 has been the best mesh router I’ve used

in an old house with walls that kill wifi, I can get 1.1gbps throughout to speedtest server using only wireless backhaul

so, funny thing, I had this happen when I built my new PC. Motherboard has built-in WiFi, but I didn't really care, since it's wired via 10GbE. But my WAP is sitting on the desk under it, so it seems that when I linked my new PC with my microsoft account, it automatically connected to the wifi network with the credentials from my laptop using the same account, even though I had no antenna, since the WAP was like, 2 feet away

It can work sometimes but I've been told that it risks damaging the RF components to not use an appropriate antenna for transmit.

well, again, I didn't do it on purpose. I've since disabled the wifi adapter since I don't use it :P

they say the the same thing about radios too - you shouldn't press the "transmit" button without an antenna connected

I'm sure you didn't, but feel obligated to state it considering the conversation above.

I've accidentally ran a 4G modem without one near a tower once and it did work for the few minutes until I noticed it wasn't connected on the testbench.

Okay I am not sure if this is the right channel. So, I upgraded to a 3gb fiber speed on my home. I want to utilize the speed of 3gb. I wonder if running a Cat7 and a 10gb network card is enough? I'm not even sure if the modem that bell sent have their ethernet port sending 3gb. Thanks everyone!

Well first you'd check on the modem and router or there's no point doing anything else.

Then you'd choose cabling and NICs based on the distance from that to your computer.

Well, @pseudo blade I only have basic networking. Apparently you need sft+??? I am currently running a 50ft Cat 6 cable from the modemn to a network switch(tp link) which is divided to 3(PC, AP, and Lights)

New Nvidia switch

10 gigabit is doable over that length of Cat6 installed properly. The switch will likely not do what you want unless it was a relatively pricy one/it has SFP+ for you to put a transceiver into. Sounds like a modem-router combo so again - you need to confirm it offers 10-gigabit or multi-gigabit interfaces or you're wasting your time.

Should I buy a switch for my deco x20 and my PC or is it ok to just plug deco x20 to my router via Ethernet and then plug my PC to the deco x20 via Ethernet

My deco x20 is in AP mode btw

Go look and see if the Deco x20 uses a switch chip on its ports. I'd give it 99% chance it does and if so there's no functional difference between those two options.

Anyone mind helping me setup my motherboard wifi? I can’t seem to get it to work even after installing the driver

Did you install the antennas on the back?

Yup

I have the Z790 pro rs WiFi if that were to help

What issue(s) do you see, no wifi networks showing up or error message on connect or something else?

No WiFi networks showing up

It says that “network cable unplugged” but shouldn’t this be wireless?

Sounds like the adapter isn't even being seen

network cable unplugged is the wired nic

What would I do then

Did you reboot after installing the drivers?

As in restart the computer?

yah, sounds like the driver didn't get installed properly or needs a reboot

I did restart it

Multiple times

Should I be connecting an Ethernet cable?

If you want to run an ethernet connection, otherwise no

What driver did you download and install on the computer for the wifi driver?

I downloaded the Realtek win10 auto installation proram

That's not a wifi driver....

Shouldn’t it be a WiFi driver…

https://download.asrock.com/Drivers/Intel/WLAN/Intel_WLAN(v22.180.0.4_2).zip

That's what you need to install for wifi to work

realtek is the audio driver for your board

Let me give it a try

What would I do after downloading the driver onto a stick?

Extract the zip file and then run the installer

Win 10 and 11 it should just be right click and extract all

So put it on my desktop?

yup

What do I do with the file on the desktop?

Right click on the zip file, extract to desktop, open the new folder, run the installer

I don’t see an option to run the installer

screenshot of the extracted folder?

what's inside the folder when you open it up?

This is what you should see

Could you send me a link to where you download the drive?

I did earlier

https://download.asrock.com/Drivers/Intel/WLAN/Intel_WLAN(v22.180.0.4_2).zip

I think I downloaded the wrong one

Let me try with the one you gave me

all good, let me know 🙂

Yup I got those files now

Sweet, should just need to run the exe file and you're good

How would I run the file?

Is there a specific button or something?

Double click it

Yup

Should run and install from there but if not let me know

I don’t think it’s running?

Hmmm, intel stuff is weird sometimes
Right click on WirelessSetup and then Run as Administrator and answer Yes to the popup (if there is one)

Should be it

I hope

Yah, if nothing shows up like an installer let me know

Reset the computer now?

I would check your network devices first, it should be there now

Yup

Awesome 🙂

It’s there

Holy moly, thank you so much!

Sorry you had to put up with my stupidity

No problem, glad to help

Nah, everyone starts from nothing, gotta learn 🙂

It’s been a good two years since I’ve done pc stuff, once again I appreciate the help greatly

No. that won't work. Verizon needs to control the box on both ends of the fiber

I have gig fiber from AT&T, and am forced to use their router, but I read how to put it in "transparent mode" which lets my firewall get the IPv4/IPv6 addresses directly, as if the router is just a "dumb modem".

so now MY firewall controls inbound/outbound rules, and I don't have to worry about them randomly upgrading software and wiping out my configs. Of course it also means I can't use the AT&T router's built-in wifi interfaces, but I don't care. I have a better WiFi AP anyway.

The ONT is the modem (basically) the cat6 coming from ONT is/should be just an ethernet connection to their POS AIO router - which you should be able to remove and use your opnsense router/firewall.

no, it's PON plus probably some of their own protocols on top

fios is fine though as all you need to use is their ONT, none of that all in one stuff

just connect ONT ethernet to own router, it will get IP via DHCP

anyone here can help me with fedora server and nginx?

im running two virtual machine and one of them is a fedora server with nginx, the other one is a kali machine. theyre both on the NAT setting on virtualbox

how do i access the nginx webpage from the kali machine and how do i setup the nginx web from fedora server?

To access just enter it's ip, assuming it's on the same virtual network

both of the machine has the same ip

i dont know where i messed up but i know i did somewhere

i just downloaded nginx on the fedora server and hasnt set anything up, but there should be a basic webserver atleast right?

nvm i got it, switched to bridged adapter network

No they shouldn't

On the vm itself check the IP

Oh god

Spaghetti

not going to lie, ive seen worse >.<

Me too

But a shielded cable directly terminated to a wall thingy is bad too

yeah thats true. I mean ive done thigns like that before simply because i had a ton if it around....but at least my job was clean >.>

Mine is temporary because I can’t find any rj45 connectors

i always keep an extra box of those pull through connectors

Did i miss something when i was learning networking?

This was tryhackme and they gave me that address so i submitted a bug report

I'm not sure what your concern is or what you think is a bug?

That seems fine to me

That's an RFC1918 (internal) IP

You shouldn't have 255 in any of the octets right? Thats used for broadcasting

No, that's not how that works

You can't use the highest IP in your subnet because it'll be the broadcast.

So in 10.10.0.0/16 (65534 addresses), your broadcast IP will be 10.10.255.255

Ohhh. I didnt know that

I thought it was just 255 in general it didnt change

No, it's whatever the highest possible address is in your specified subnet

in 10.0.0.0/30 the broadcast address is 10.0.0.3

Is there any way I can open up a Windows Server to the public network so I can have a free cloud identity Active Directory server?

Uhh, you shouldn't be opening up AD publicly

Azure AD is free fyi

For basic features

Is there a safe way, or no?
I just kinda wanna play around
This is NOT going in a production env by any means

Wdym by play around

see what I can do, what I can mess up, those things

Do that within your own network?

That'd be too easy

How does Azure AD do it safely?
I wanna experiment and learn how security rules and stuff work
lemme cook

I sound really stupid, I'm sure

If you are getting into learning security, opening up a vector to what is essentially a honeypot is just asking for bad news. I suggest getting a strong grasp in networking security and best practices first.

i mean technically its not, you can run a honeypot in a docker. pretty idiot proof.

Docker or not, if they manage to access that appliance and it has access to the rest of your network, you're compromised.

i mean....no? unless they have an escalation of privlegies 0day hanging around. also they are very likely running SElinux.

I am not recommending you throw that sort of thing in an enterprise production network

but for a home network... as long as you block access to lan in your firewall and only have WAN in and out to that docker network, youre pretty much golden.

Thats my entire point....

thats 1 rule. I said idiotproof lol

not IMPOSSIBLE TO HACK lol

i mean are there more layers of security and isolation you could add even to that

sure, but that goes against my idiotproof requirement

I was simply saying that before you start opening up anything to the internet, learn the basic networking security practices first.

Money.

They can pay people smarter than you to do it =p

you actually remind me a lot of one of the engineers i work with btw, I crack jokes to him about homelab stuff and hes like WE DONT DO THAT IN PRODUCTION, and im like, yep.

(not an insult, hes a really smart bloke, just every time i jump in we have the same sort of interaction as I do with him)

@peak cloak

Dorm network is finally complete

I have WiFi, wired, and S2S VPN for dorm

i uh

What’s grass

lol someone would get fired for this if it was in my office

It's certainly not professional but tbh if people get axed for shit like setting a dumb AD description on themselves it's probably a pretty shit place to work.

I mean yeah you might get a talking to and pointed at a policy and if you did it to someone else it'd be harrassment and would be a larger issue...

Mind you that's their homelab by looks

@hollow marlin is chick fil a has Mist APs and they look a lot like cisco lol

They look similar along with a similar, if not more, cost as well

vnopn K8-F12 good?

it's my own lab

well, i work federal and we have access to things and get audited by people who would possibly cancel contracts over something like that.

so yeah. fired.

cant fuck around at this level.

is it worth risking a multibillion dollar contract over tongue in cheek between admins?

hello!

is anyone here?

i just need a bit of hepl

help

https://dontasktoask.com/

😉

uh ok

im trying to run a MC server but im not allowed to bind to 25565 for some reason, do you know how i could fix this?

I'm assuming you can't bind to port 25565 on the server itself, not the router right?

yeah

i also have port forwarded it

What OS is the server running? Windows?

ya

imac running win