#networking

Yah, 7 should hopefully do away with that but you never know these days

just bump the damned number. You afraid of scaring people off by selling wifi 25 routers supporting wifi 5 clients?

haha, exactly

and maybe cool the pace somewhat. Nobody will want to upgrade to a new wifi 6e router, if you go around telling people wifi 7 is just around the corner. I mean, What if they just wait?!?

We need 30Gbps over wifi man!!

Looking at the roadmap though it seems after 7 drops it will cool down and 8 isn't slated for ratification until 2028 or later

I have 1gbps but wanting to upgrade to 2gbps

Currently have an orbi rbr50 with two satellites

NETGEAR Nighthawk Tri-Band WiFi 7 Router (RS700S) - BE19000 Wireless Speed (Up to 19Gbps) - Coverage up to 3,500 sq. ft., 200 Devices - 10 Gig Internet Port – 1-Year Armor Subscription Included https://a.co/d/9gMRtIk

19 Gbps peak throughput on all frequencies (not per client) but still it may keep up with a 2 Gbps uplink

But at $700 it ought to provide back rubs too - sheesh

I need mesh for coverage

WiFi 7 range is actually far greater than, so read up, maybe you don’t

Could do a proper prosumer network setup for that much with almost certainly better coverage. Though not Wifi 7

https://www.eero.com/?gclid= erro does mesh WiFi 7

DuckDuckGo FTW

https://www.target.com/p/x9-performance-rgb-backlit-mechanical-usb-keyboard-for-pc/-/A-86102033#lnk=sametab wtf were they thinking with the media keys

the media keys would make the space bar hard to use

oops wrong chat

If I have a firepower/sf, i should place them behind asr/isr to mitigate arp poisoning is, what I understand?

I'm debating on getting a Gaming router for a lower latency in game such as valorant
The use of it would mostly be Ethernet , and not wifi, i dont use wifi on my deskstop ,only for mobile at the moment , and i would like to know if they make such a big difference over the regular ips router on ethernet speeds and latency
Im looking at MSI Radix axe6600(350$) and ax6600 (160$) , and also the Asus rog GT ax6000(230$) and the AXpro11000(410$) , i saw they have gaming features to reduce latency , but im not so sure how they works if they are paid features or included , if its worth spending that much if it doesnt have that much impact for my use

I mainly stream and play competitively ranked and esport , mostly valorant for now , i mostly have 2 devices connected to my internet , my pc and phone , i also have a TV modem im not really using at the moment

Gaming router is waste of money

a cheap 60 dollar router such as a mtik and ethernet will get you basically everything

Fair enough, why would you argue for that reason?

I see, that's fair enough

gaming is just marketing and there's nothing really that special about them

do you have a recommendation for a router?
just need one for ethernet tbh

at home I use an ER605

fair, what about the low ping/latency provided, that's the only thing I kept about it, cus I don't really care if it's a gaming router and rgb, just the low latency and faster connection to game servers

what's wrong with current router?

thank you

low latency and faster connection to game servers
a router contributes next to nothing latency wise

and routing is out of your control, that's on the ISPs end

I think I have a little issue with ethernet and the latency with the servers 🤔

oh, fair, thank you 🤔

if current router with ethernet has issues I doubt a new router will help

I get it now, thank you for sharing your knowledge

I mean, it's not that big of an issue, I'm at like 90-95% of the rated speed by ethernet

it would just be a latency more about

but as you said it's on the ips end

which is understandable

if you really want to check you can plug into modem directly

bypass router and see what happens

🤔

well I'm plugged by ethernet, direction to my internet provider modem, I just feel like the in game ping could be lower

but you made your point which is arguably right, so I understand why now

it's probobly an all-in-one router/modem combo

thank you for your help, helps a lot

think so, yeah

yeah adding another router would create more issues if anything

unless the ISP eqipment is really bad

understandable and logic

it's decent, tbh it works correctly and is fine on its own

my older one, from my previous isp provider was worst, but this one is decent

then maybe putting it into bypass mode and adding another would maybe help, but most of the time it will just be a waste of money

so I'mma stick to it, and see how it goes on the long term

yeah there is no need to change anything

thx

want to give you a big hug

I'm getting a tik

Tiny 'Tik or Big 'Tik?

@peak cloak @hollow marlin Preparing stuff for new apartment network

Too lazy to do VLANs for it

why put it behind instead of in front of the WAN?

Others said it'll go through a vrrp (due to LB/VIP) and most ISPs don't honor ARP requests of that sort

Needs DMZ

I'm too lazy

idc either way xd

nothing is exposed to the web

So I set up a wireguard tunnel between opnsense and my phone, along with a mullvad tunnel on opnsense, with the intent on accessing homelab when away from home and also using said mullvad tunnel for general internet traffic. I did up the rules to allow my phone to access my server in my dmz vlan. However, and this is the part that confuses me, when I create a rule on the phone wg interface and set the destination to my dmz vlan, traffic gets routed out my mullvad tunnel and doesn't go directly to dmz. If I set the destination to any it routes how I want it to internally.

Any ideas as to why setting allow dest to dmz would make it go out mullvad?

Time to play around with instant on!

Where I can enable ipv6 in my router or how to add ipv6 wan ?

ISP needs to support it

as well as router

And is in my abilities to check it ? When I go to any web it uses IPv6 from now on and i didn’t enable anything

if you are using v6, then it supports it

Why it doesn’t have any wan connection though

wdym

IPv6 wan and LAN is empty

just to confirm when you do something like ping 2001:4860:4860::8888 it works?

Do I need to use it on computer ? Currently on phone… any online way ?

no, unless you're on android you can use termux

if you're on phone you could be getting v6 through celluar provider

This is some online ping test

I have cellular disabled

yeah no that doesn't help

that uses their servers to ping

I thought so, I noticed on some pages with ip it started showing me some IPv6 addresses and from then on i noticed I have IPv6 access

I tested on some IPv6 test page

could be some weird router GUI bug with how it handles PPPoE

I noticed I have exactly same ipv4 and IPv6 no matter if I have only cellular or only Wi-Fi which look glitchy

So it might have the IPv6 connection just it doesn’t show any ?

yes

Firmware update might be a possible solution if there is one

I tried rebooting which didn’t help so I will try look for the firmware

Nah not even a firmware upgrade

Nvm might be some glitch tho IPv6 has all ports and etc. open right ?

if i want to learn how to build and run a home 2 gig in basement rack. 3 story house. what course should i learn and what gear should i get 5k budget Christmas's gift

hi there i a ma having this problem just a few second ago where the etherenet/lan just randomly not working i've tried replugging and unplugging it and ir still doesn't work it was fine working for a week now and it just gone i used diagnostic its not plugged in properly or might be broken and i already tried multiple different cables and still no fix

#1027757333117415424

Ok

What course? I'd say it depends on what you'd like to do later. Everyone seems to want to hire Cisco certified though.
Gear... I'd say on that budget you'd be spending a chunk on getting proper wiring done for roof-mounted APs and ethernet ports and then put WiFi 6e in everywhere. Expecting a homelab in that budget or just a nice router, APs and fast internet everywhere?

Fast, Internet everywhere currently running axe1000 +ap

I would say remotely control, all my computers block off websites for the teen. Admin work to make sure I know how to troubleshoot stability.

That's a few different domains. sysadmin + net admin mostly

all my computers block off websites for the teen
like filtering? that basically impossible unless you are able to control every computer itself

Mostly dependent on said teen's drive to find work-arounds. The main thing that'd be hard to deal with is DoH. Can block lookups to the most popular ones.

But a VPN makes all that moot

I am able to dominate whatever happens on the computer and the teen is not computer literate.

You sound like an excellent parent. I'd suggest diverting that time to the kid and actually teaching them to be literate.

I’m not a parent it’s for my home systems and my 11-year-old brother. Protection against malware and other sites. I could never get them to read he’s kind of a person that shuts down. When I was in school, I had an entire class that taught me computer stuff but they don’t have that for his generation.

@clear igloo I wonder if I can trust my dad to swap out optics

Ummmm, that's a tough question, lol

He installed the APC network card

Well then that might not be bad

and he can follow instructions

that's key, haha
10g optics or 1g?

Provided he can get the lever release it shouldn't be an issue

10g

https://www.fs.com/products/11555.html
https://www.fs.com/products/40192.html?attribute=713&id=1787039

oh fs optics, those are simple to fiddle with 😄

Yeah

and its not gonna be like Jake & Linus cringing at the LC coupler

first party cisco 10g are a pita sometimes as the release lever can get stuck, I usually have a second 10g optic I use to pop the lever open if that makes snese

oh yeah I have those

I wish I ran SMF to my room instead of MMF

but its not hard to pull more

lol, only 400g limit 😦

What if I just pull MPO

go single mode if you do MPO like a madman

Honestly most SM optics are LC

https://www.fs.com/products/107945.html?attribute=6161&id=109592

I would only do MPO if you go multimode, single mode is LC for the most part

https://www.fs.com/products/57037.html

or do that, lol

https://www.neutrik.com/en/product/opticalcon-mtp

We are probably doing this for work

Video?

Mainly IP

but I wanna carry 2x IP connections and then we can have whatever else

@clear igloo Geez

why are sfp-10g-lr modules on ebay more expensive than buying new from fs

because, logic and not everyone knows fs maybe?

or if they are cheap they come from China

@clear igloo AWS will charge for all ipv4

rip

I mean it makes sense but still that's going to be rough

adguard home has a parental blocking thing and malware blocking built-in. Would have to force all dns in the network to use it, which needs a non-basic router OS like pfsense or opnsense

It can also enforce safe search in these search engines

duplex yes, simplex ones are often sc

https://www.newegg.com/wavlink-531mx3-802-11ax-ac-n-a/p/0E6-009X-00041

Is there anything obviously wrong with this?

SM BiDi that use SC are aging out. Most are LC nowadays

Recommendations for the best external WOL platform? I have one of the simple tools for the internal network at home but I need something I can use remote

What you need is a local server, can be as simple as another computer or pi on your local network connected to the Internet to send the magic packet

This looks interesting: https://mikrotik.com/product/crs310_8g_2s_in

2.5 gigabit, SFP+, USB, L3 offload, enough CPU for gigabit NAT...

I think the price is a tad high for just using it as a switch but I can see some cool ways you could use it in niche scenarios

hooray! 10gig

ikr?!

lol, i did support chat with linksys to find a copy of a router firmware because it wasn't on the site and the guy said "it's not on the site". Oh, thanks

STH didn't like that https://www.servethehome.com/mikrotik-crs310-8g-2s-in-review-8-port-2-5gbe-and-2-port-10gbe-switch/2/

I have a question regarding running an ethernet cable between adjacent rooms. It is possible for me to get a short CAT 6 ethernet cable, cut off the male ends, shorten the cable and connect it between two RJ 45 keystones so that I can run it through a wall rather than fishing it behind the wall? I have no need for hundreds of feet of cable

You may be surprised to learn a number of off-the-shelf ethernet wall plates use rj45 connections on the back, for the cable coming from the wall.

Im assuming you mean something like this?

So I would essentially need a coupler? @thick minnow

or just punch two holes in the wall and throw the cable through

Eh I know I could do that but I like to keep everything looking tidy

That doesn't strike me as negative at all. It's not a router and has very specific limitations.

I guess the last page does suggest they should switch to more price-competitive parts for what it offers as a switch but that's not contrary to what I said

The deal is that you're buying this (but it's 2 CPU cores)

There are MUCH cheaper gigabit ARM routers.

There are cheaper 2.5 gig switches

I don't know of much with L3 offload, gigabit routing with USB, 2.5gbe switching in that form factor as one unit.

I think the big killer is this though

No NAT offload is a huge bummer because that means the 1.3gbps link to the CPU must handle it all

Oh I just noticed it's actually in the matrix already and looking at it by switch chip was unnecessary lol

Yeah, if you ONLY use it as a switch or as a media converter, it's fine

the outlet IS a coupler. So you plug a cable into the back, and mount it. The user plugs their computer into the front.

If that 6 means WiFi 6, then my phone is using WiFi 5, does it mean my phone doesn't support WiFi 6?

or you could just look up the specs of your phone

yes, it's Wi-Fi 5 Max 400Mb/s

however on local network file moving it barely goes over 200Mb/s next to the router

That's about right for WiFi 5

Your phone likely has a 1x1 antenna so that makes sense it's only reporting a max of 433Mbps

Or your router only supports 1x1 but if it supports WiFi 6 then that's less likely

How bad is using port forwarding for wol

just curious if anyone has ever been able to make Wireless Wake On Lan work?

Nope, it's useless unless you are the OEM like apple

And that isn't "WOL"

It seems like the home grade routers are mostly trash. Like missing basic functions.

Flash openwrt on it and get those basic features back and then some more

I think that’s a little above my mom’s ability to use.

Security or actually getting it to work:
For security... How bad is anyone knowing your MAC and IP being able to turn your computer on? It's precisely that bad or not bad.
As far as getting it to actually work: Go have a look at the Wikipedia page for Wake-on-LAN and you'll see a nice list of pitfalls and how to deal with several of them.

It's usually just less annoying to have an always-on host on the network to handle it for you.

Thoughts on this?
5G Indoor CPE ZLT X28

I would be using 4G

"5G"

i would rather have one of these
https://mikrotik.com/product/hap_ax3
https://mikrotik.com/product/l009uigs_2haxd_in
https://mikrotik.com/product/hap_ax2

Be wary on the L009 if integrated high-performance WiFi is an expectation, it has 2.4ghz only, though WiFi 6.

But yeah consumer-grade routers: can't go back to them

And the L009's pretty cool as something with SFP, gigabit ethernet, decent routing and WiFi for cheap

RB4011 needs a worthy SFP+WiFi successor

Is sfp generally just kinda plug and play like ethernet or is there a lot of nuance to it

its slightly more annoying since theres often vendor locks, but as long as you avoid the brands that do vendor locking you should be good

So like vendor locking to what extent/end?

cisco switches will only accept cisco sfp modules

but mikrotik devices will accept whatever

for example

So if I just get like any old generic sfp device they should accept any other sfp transceiver

generic 🤨
but yes

Well I just meant like any other sfp card/switch but looking on Amazon there appears to be a market of like generic brand 2.5/10gb switches

yea those are unlikely to lock stuff
there are special sfp modules, and an sfp+ module has a good chance of not working in a sfp device

but a 1 gig module in a 1 gig port should be fine

and a 1 gig module in a 10 gig port too

Do direct attach cables have any limits either?

same story as above, but generic switches shouldnt be vendor locked

Thank you for the help 🙏

they will work but they are fussy abt it

# no errdisable detect cause gbic-invalid```

idk if that command is avalibile on every ios device

Can't be taking Cisco's tasty, tasty markup without at least a bit of a fight

It's not that bad

Once you buy enough Cisco, it gets cheaper than generic sometimes, we get 66.7% off and Cisco DAC cables are cheaper than generic.. also, Cisco FC optics actually work in netapp/qlogic too so give them some credit

yea
i belive we pay around 1/3 of msrp

hey guys! I found a router that is compatible with Alexa and Google!

@clear igloo

get that latency lower!

This room only for discussing network hardware?

Right then.

Suggestions on who to talk to or where I could go to get help on making this all work together? Modem -> Switch -> Router / Server / Server

I am stuck on IP addresses and subnetting.

I know that there are default subnet addresses and classless subnet addresses.

Can I set one set of devices on IP 10.1.1.25 with the subnet 255.224.0.0 and the same IP with 10.1.1.25 on subnet 255.255.255.0 on a different device?

How do I set it up so that all of one type of device, say security camera's, are on one network but can't see each other or other users?

I am so lost 😦

Start at the bottom. Why do modem -> switch and not modem -> router?

My house is odd atm. I have ISP Modem -> router -> extender -> Switch and from the switch, Router 2, Server, Server & RaspberryPi.

The goal is to statically assign an IP address to each and every physical device in my home, including all mobile devices.

That requires more specialized hardware that can do client isolation

Why, static IPs are pain

To learn. I want to get into IT from my current position.

The Switch is a Lenovo CEO128TB Layer-3 Managed Switch.

Well that won't really help, no one would assign IPs all statically in industry

To client devices

But learning how to do it will help.

So preventing intra-VLAN communication can be done at your router, but it's dependent on what router OS you're using.

and I like the control.

Well intersubnet can be done at router level

Not within L2 domain

I appreciate ya'lls input. Thank you. I have spent the last 2ish weeks learning about CIDR and reading RFC documents but am still overwhelmed.

You want all devices on the L2 domain to have the same subnet mask

and watching youtube videos and they tell you how to do some of the things but not how to do the practical things.

Yeah that comes with experimenting, I learnt everything myself

Awesome! That's what I'm trying to do 😉

I would look into vlans and seperate subnets if you want control

Would not advise doing all statics

Aren't static IPs attached directly to a device MAC address the most secure inside a private network?

What you can do are static DHCP lease, so a devices has the same ip

Wdym?

To prevent hackers, snoopers etc.

No, statically assigning won't do anything to stop a MITM

that's done at higher levels with encryption

Hackers & snoopers have to get on your network in the first place. That's most likely gonna be via a sketchy download.

Gotta think realistically about your threat model. People aren't gonna get in your network from the internet at large just because they feel like it.

I do plan on running a game server or 2.

and a Jellyfin & Music server as well.

Can create a dedicated vlan just for said server and set up rules to prevent someone from getting anywhere else.

We also host lots of people sometimes so I need to be able to have 2 different guest networks.

Why 2? I get having a separate guest one

Guest Friends & Family (elevated), Guests Randoms (dumb)

We host various gaming tournaments and have 20+ people here sometimes.

D&D, Magic the Gathering, Warhammer, etc...

Makes more sense, but that is only worthwhile if you have different firewall rules for each subnet

Oh! Plan on incorporating a firewall.

at some point, I think?

Well basically every router has firewall functions and that would make sense

That's what I did,

I have everything mapped out in a spread sheet, I have all the ports and devices labeled.

Because you need filter where it routes between vlans

I need to now figure out how to give everything an IP address and then how to make it so some can see into some but not others, still yet be able to force some traffic through a VPN or the Pi-Hole but make both optional on some devices.

Could also just get a firewall device as those are basically routers with good filtering controls

Yes, so I would just do DHCP and vlans

Networks: Management, Pi-Hole, VPN, Security Cameras, Home Users, Work, TVs, Guest Net1, Guest Net2, Media Server, Game Servers, Steam Backup, Files Backup and a General Files Storage server.

Also keep in mind that all this can be a pita sometimes, which is why I keep my network simple

And do network experimenting separate

Ha! This is the separate network.

I have 2 ISPs right now.

This one is specifically to learn on and how to build and set all this up.

Trying to give static leases for everything will just cause headaches, especially for guests. Android & iOS do MAC randomization, I think windows does it by default now too?

Nvm, looks like one has to enable it for windows

Still, mac randomization makes things more difficult for static huh.

It can be disabled, but that's a device by device thing

I do need some devices to be static, such as the media and games servers.

I am absolutely grateful for ya'lls in put. Thank you. 😉

I have everything mapped out in a spread sheet and ready to go, things just need actual addresses heh

That's where static DHCP leases come in

Yea, I do static leases for my personal stuff, but don't expect to be able to do it for visitors

Yeah I only do static leases for stuff like printers and server

For instance, is it possible to put say the VPN on its own IP address but make it so that the Acquisitions and Media server always have to use the VPN but home users don't?

Everything else including personal is dynamic DHCP

Yes, put in separate server vlan/subnet

In router setup the VPN

What router OS are you using?

Set gateway next hop to VPN interface

That's the gist, actual implementation varies

My original question, can I put VPN on 10.1.1.25 255.224.0.0 and the cameras on IP with 10.1.1.25 on subnet 255.255.255.0?

I forget subneting specifics but I think you are going too deep. What you want are seperate L2 domains

So 2 seperate vlans, and just do a /24

Ah see, that's the thing, I don't just want it to work, i want to know the how and why of it.

Actually rereading the question, yeah no

You can't have 2 devices with same IP

What happens when two departments merge or 2 companies? and they have the same ip addressing scheme? can they just change up the subnets?

Company A has 10.1.1.25 255.224.0.0 and COmpany B has 10.1.1.25 255.255.255.0

Company C buys them. What do?

Has to be deconflicted

Each company has 1000s of devices on thos IP ranges.

The separate subnets should be 2 different networks yeah? think, street level and basement level?

Same place, different height?

Also fyi if you something like 10.1.1.25 255.255.255.0 like you said before it's actually 10.1.1.X meaning x can be anything

Which is why I like CIDR notation more

Really depends if they're sharing a router or not. If they are, then pretty sure the network guys are gonna be mighty busy

Busy how?

Well not anything but first bit 0 is network address, and last which would be 255 is broadcast address. Everything else is free game.

😉

Essentially, I could put each network on it's own class A and be done with it yeah? Network 1 = 10.1.1.0, Network 2, 11.1.1.0, Network 3, 12.1.1.0, etc..

I mean like gone into before, 1 IP = 1 MAC address. So if there's some shared IP space then it has to be figured out

Aye, I'm just trying to figure out how this all works out when 2 pieces of hardware have the same IP address but are on completely different subnets.

I guess I would ask why you want 2 different devices to have the same IP

IP conflicts can easily happen on a network when 2 devices want to use the same one. Causes both to have traffic issues

Compan A has devices on network 10.1.1.0 /12 and Company B has devices on network 10.1.1.0 /18. Company C buys both Company A & Company B. Each Company has at least 3,258 devices assigned to an IP address. Do they need to change IP addressing schemes on one or both of the companies? Can a Switch or Router figure out the difference between the 2 networks based on the subnet?

Throw classes away, no one uses them anymore

And you need to use an IP range that is reserved for private use

Doesn't matter, still an IP conflict as long you can route between the 2 subnets

If you can't, ex 192.168.1.1 on one home router and also same on house next door, doesn't matter since you can not route between them

MAC addresses come into play after a certain level, and devices ask how to find another based on a response for an IP from the router, which they get a MAC in return. I'm not off am I @peak cloak?

Yeah it's at Layer 2

IPs are Layer 3

Right, so when 2 devices share an IP, other devices don't know where to actually send traffic

I don't remember how it works exactly but it's not from router

Devices themselves broadcast advertisements

Yea I'm not a network dude by profession

Yeah me neither

Me thrither?

lol

I just remember mostly along the lines of this when it comes to IPs

If you want to read more about how IP resolution works https://en.m.wikipedia.org/wiki/Address_Resolution_Protocol

Fun story, I passed the CCNA exams 10+ years ago. I forgot most of it 😦

This is only for L2, at L3 you would advertise subnets themselves between routers using bgp or similar protocols or set it statically with static routes

Yea very perishable skillset if one doesn't use it regularly

If you move to PVLANS, it COULD be done but EVERYONE would hate it......

I don't even know what that is heh

guess is private virtual lans.

Basically every device is on its own private vlan

That makes my inner child squee.

with delight.

Ah so what they do for Android v6 clients

I wish google weren't such fucks when it came to DHCPv6

So stupid how Android still doesn't support DHCPv6

I have not even started on IPV6 or DHCPv6. I'm stuck in v4 learning.

An issue got opened for this over a goddamned decade ago.

Still just sitting there

But more intense. Basically every packet has to go through the control plane regardless so subnets really don't matter

And people wonder why v6 is taking so long when vendors need to implement such backwards solutions to things that shouldn't be problems

That sounds slow and unproductive.

It's super secure though

You had me at secure.

I mean that's basically just like client isolation right?

Devices can't talk between each other without going to router/network device

Unless permitted to, correct

Behind my switch & router I can use whatever IP address I want for the most part though right? as long as its not 0.x.x.x, 127.x.x.x or 255.x.x.x?

One needs to balance security and their own time. How much time do you want to futz with things just for security? Don't get me wrong, security good, but it's on a scale like other things. Too much and a load of time is spent on just security

Do you want to use the Internet?

No

Some devices yes, some no.

Only IP addresses reserved for private use

I don't want my security system accessible to or from the internet.

or my steam backup server.

Then use firewall

WHich is a backup of the backups.

Plz don't use global IPs for internal use

A regular router with a firewall prevents this

You SHOULD only use the RFC 1918 ranges

No, how would it fail open?

Fail open?

I have that paper saved.

If you use 8.8.8.x, you will have a bad day

You're saying firewall is a backup

Fun story, had a client that used public IPs for their internal network. Got assigned the range forever ago and they just refused to let go of it.

How would the firewall fail to access the Internet

I mean that kinda normal

It's fine if the range is assigned to you

College uses global IPs for dorm Ethernet

For sanity's sake though, stay within in the pre-determined private IP ranges.

Oh fun

We had some people use ips in a /24 that we own in an internal network, that was a pain

Well, more a waste

Still firewalled to Internet, but I can rdp from anywhere on campus

If you can RDP from campus, it's on the internet

No ?

Rule #1, everything is accessible from the Internet if someone else can get to it

RDP?

Yes. Start simple. Then you can build on that

My notes.

I'm not worried, plus I had 2fa. Now I just got a better laptop and sold desktop so it's no longer an issue

Also by that logic, basically almost everything is public

:chad_yes:

But back to this @slate dust

Also the whole thing about .1 being gateway, etc. is not true in all cases

First bit is network address, last bit is broadcast

Just so happens in a /24, it's 0 and 255

And gateway can be whatever address

Just so happens it's common to have it at .1

Thank you! I was wondering about that, when say an IP address goes from 192.168.50.60 - 192.168.50.75, the next range would start .76 and be the same as the broadcast yeah?

Yes. From a IT SEC point of view.. that is true

None would start at 60

Company A has devices on IP range 10.1.1.0 to 10.1.1.100 on subnet 255.0.0.0 and Company B has devices on the same range but has the subnet 255.255.255.0 both have different subnets and Company C buys them and wants them all to talk to each other, does the separate subnets keep Ca and Cb from having to change their IP addressing schemes?

I think I have answered this question.

No, broadcast and network address are different. If broadcast is let's say at .16 then next network would be at .17
Not sure if those are real irl just a example

The best approach would be to keep the 2 separate

I didn't realize that was your own justification since you ended in a question lol

Ha.

Yeah makes sense, someone can run proxy, etc but it wouldn't be directly accessible with IP for example

There is no way to integrate them without re-IPing

Or keeping the networks separate

Thank you.

You can 100% keep them separated and talk via NAT

NAT?

Read an interesting post about bank acquisitions and how the systems stay separate for a long time and the intricacies of combining them

Network Attached Telementry?

Network address translation

I took a guess.

How your router translates your traffic to the outside world

And all sorts of custom integrations need to be made

Which soundrd really similar to the bandaid, NAT

DM me the title? I am interested.

Was on hacker news a while back, I'll see if I can find it

With my Layer 3 switch though, i can do so much more than give single addresses to single devices yeah? I can combine and separate at will with access control lists yeah?

and VLANs?

No, acls just are allow/deny

Oh, it's a managed Layer 3 switch.

What kind of switch?

So it has router capabilities built in, I think.

Lenovo CE0128TB

https://lenovopress.lenovo.com/lp1061.pdf

Software features Lenovo Campus Networking OS (Campus NOS):
Layer 2 switching, Layer 3 switching, virtual local area networks (VLANs), VLAN tagging,
spanning tree protocol (STP), link aggregation (trunk) groups (LAGs), link dependency, quality of
service (QoS), stacking, IPv4/IPv6 management, IPv4/IPv6 routing, IPv4/IPv6 virtual router
redundancy protocol (VRRP), IPv4/IPv6 policy-based routing (PBR), IPv4/IPv6 protocol
independent multicast (PIM).

https://www.bitsaboutmoney.com/archive/seeing-like-a-bank/

Thank you.

I have been doing customer service for the past 30+ years, I want to move out of having to regularly talk to people so I'm going with IT since I already kind of enjoy and get it.

It's a switch, don't expect more from that

I was expecting to be able to create static routes between devices on my network.

You won't need static routes

I don't need anything, I want to.

If every vlan is "made" at one router

Not with that switch most likely anyways

I thought Vlans were made on the Layer 3 switch.

No

I didn't know if you had gotten your hands on like a nexus 9k or something

I don't know what that is 😉

$$$

Oh, Ha, hi, I'm poor people.

It was the cheapest layer 3 managed switch I could find new.

For learning.

Ok so basically vlans are basically little flags which tell network devices what "highway/line" it's one

Switches often are used to untag vlans for end devices

So pluging in a device on that port will make it on vlan 12 for example

Yeah!

On the switch you would have a trunk port with every vlan tagged which goes to router

https://www.cisco.com/c/en/us/products/collateral/switches/nexus-9000-series-switches/datasheet-c78-744052.html

That's a switch that that can act as a router

In router you would have virtual interfaces, (implementation specific) that would basically be the gateways for your devices

That Lenovo is more designed to handle losing a link

Also how devices would route between vlans, (through router)

Can also run services like dhcp

At my 9-5 we use 93180YC-FXs as routers all the time. Mostly for BGP ect

Static DHCP is a thing though?

Whereby "Devices in this category only get these IPs?"

A router with static route with have a long list of x.x.x.x/y via y.y.y.y

Dhcp reservations

Added to the notebook.

Basically, this MAC addresses gets this IP

https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-dhcpn/750cf60d-bcca-4e5c-8d79-3eaaa0276c6e

Usually just a button in router make device static

There's ALL sorts of stuff you can do

You can even give one IP, that is on a restricted network then after a health check, move it to the normal network

It's a can of worms

mmmm tasty wrigglys

WOuld it be possible to make it so that my main PC is able to access and see everyone and everything, but only certain devices would be able to see me?

Yes

Neat.

I don't want to do that, having 1 pc atttached to all the things sounds like a bad idea.

having the option to do so though, is cool.

100% chance you will break it

Everyone breaks dhcp

Ha.

At least in the vyatta based OS I used there's 4 traffic types: new, established, related, invalid

So you can drop new connections to PC subnet

But allow PC new to rest

Also found this image which can help understand vlans

VLAN per port, scrub

Weve got some ports with over a hundred..

We stopped counting at that point

Right now I have 14 different networks that I would like to set up. Management, Pi Hole, VPN, Security, Home Users, Work, TVs, Guest Net A, Guest Net B, Media Server, Game Servers, Steam Back up, Files Backup and other.

Don't VLAN off your DNS

DNS is UDP

I would like to make it so that some have to go through the VPN & Pi Hole, some don't, some can see each other, some can see each other and everyone else on that network, and some are isolated to only 1 or 2 users.

Do I separate them with IPs / Subnets + Vlans and ACLs?

@hollow marlin

My friend and I moved our VPN routing to BGP

Per device or per vlan?

Yes.

Per device would be a huge pita

Some per device, some per vlan.

For instance, the Steam Link is 1 device, I may add more things like it, but I only want it to be able to see the internet and allow only 1 device at a time to connect.

I would figure out device categories and do per vlan, then it's pretty simple

Are 10.10.1.3/4 HA nodes?

no

Why are you getting the same routes from both then?

They both can route to it

  1    <1 ms    <1 ms    <1 ms  router.apartment.ryois.net [10.110.0.1]
  2    41 ms    43 ms    41 ms  router.as64512.bgp.ryois.net [10.10.1.1]
  3    83 ms    84 ms    86 ms  10.10.1.4
  4    82 ms    83 ms    83 ms  unifi.redacted.com [10.13.20.20]

  1    <1 ms    <1 ms    <1 ms  router.apartment.ryois.net [10.110.0.1]
  2    44 ms    43 ms    43 ms  router.as64514.bgp.ryois.net [10.10.1.4]
  3    45 ms    43 ms    43 ms  unifi.redacted.com [10.13.20.20]

So just dual path?

Yes

Didn't know if you were ringing it

I saw as in there and once you start dealing with that sort of thing, you start dealing with architectures where it could get INTERESTING

I love how my friend just lets me have full remote access of his router 🤣

I don't even think my router can do BGP.

I think my switch can but not going there (3750x with IP Services license)

That's a CIsco switch yeah?

Yup

Neat!

My switch can but I don't wanna lol

C3850 with ip services

So many terms and acronyms to learn.

BGP is one of those voodoo things for me

Home network

That is pretty

Apartment is gonna be similar but a 24 port version of that switch instead of 48

Also, what am I looking at?

Cisco Catalyst 3850-48P
Fortinet FortiGate 40F

What is that 2nd one?

The Fortinet FortiGate 40F?

A router/ngfw

NGFW?

next gen firewall

My apologies, I am still learning.

Yeah, those were more expensive... I only paid like $175 and the network module can out of the scrap pile at work

NGFWs can do more just stateful firewalls

IP reputation, IPS/IDS, application control/DPI, email, etc.

Right now, I am aware of the word firewall, I know how it applies to vehicles and I've disabled and created rules inside of software firewalls, but still am not exactly what they are or how they operate.

I was originally planning on a ubiquity switch so I got too short of a wall rack aadly

That C3850 was like $115 and NM-2-10G was $110

Ha

the 40F was $485.61

Also, not necessarily looking for an explanation at this juncture, as I am sure in my CCNA studies, I'll learn.

the 40F at home was brand new bought from a vendor

Firewalls will do as much or as little as you ask them to

but the 40F I got for my apartment was used on ebay for $240

It all depends on your network architecture

I'm surprised they work used

I thought fortinet was all about the subscription

I am trying out Instant On AP at apartment

but home is just unifi APs bc I don't wanna spend more on wireless LMFAO

That Catalyst, is it a layer 3 managed switch?

Yeah some features aren't available 😦

Yea

Depends on the license

Whoa! Great price!

cisco uh

I paid $185 for the lenovo one I have.

doesn't really check

Mine came with ip services for some reason which was a suprise

"right to use"

https://www.router-switch.com/faq/ip-base-ip-service-ip-advanced-service-difference.html#:~:text=The IP base is for,(25)SEB and later.

Question: Purpose of a patch panel?

Make it clean

termination for drops

I have my switch going direcly to my other devices.

termintating long runs

Home runs suck

also punchdown > crimping

My drops at home don't actually terminate in that rack

For the looks then?

Also, POE rocks those PIs are all POE

No, for usability

I am confused.

Structure cable isn't designed to move like patch cables

the drops terminate in a smaller 4U rack that I don't care about lol

Patch cables are stranded copper

https://www.reddit.com/r/networking/comments/16m7i6q/whats_the_point_of_a_patch_panel/

Cable from a box are solid

Oh, I did that but in Excel.

@peak cloak I wish I did stuff differently when I was running cable in the house

When I run a new drop in my house, it goes to the patch panel. It doesn't HAVE to get patched in.

All the ports are labeled and clearly dictate which cable goes to which port on which device.

yeah but that's not the only reason

my stuff is not perfect either, have 2 sub-switches

1. I wish I pulled more CAT6 to my room I only did one because my tought was "I have fiber running to my room"
2. I wish I pulled SMF to my room instead of OM3 MMF

The aimesh node in my office gets patched to the main router in the living room which wouldn't have been possible if I had put plugs on them

You hate yourself?

I have also labeled the cables and noted which network each one belongs to.

Yeah having documentation in the computer is nice but having stuff labeled on the patch panel is nice

Noone WANTs SMF

SMF is pretty standard lol

optics are cheap too

-SR/MMF is $20
-LR/SMF is $27

isn't single mode more popular now

the cabling is meh difference at this size

Single mode is FAR more fussy though and FS optics don't count

Not in the enterprise

So mostly for looks.

I don't need other optics

Appearance, visual perception of information.

Work I am pushing to go SMF when we replace optics/fiber

not really, if you you read through the reddit post comments there's a bunch of other reasons

get rid of MMF

It depends where it is too

And how many

Someone told my team that one of our new site was going to be all single mode everywhere, so I told them that we needed 384 of https://www.cdw.com/product/cisco-sfp-transceiver-module-fibre-channel/4913711?enkwrd=DS-SFP-FC32G-lw

Instead of these https://www.cdw.com/product/cisco-sfp-transceiver-module-32gb-fibre-channel-sw/4955145

They about-faced their no-mmf stance really quick

We never install MMF at clients because so much stuff doesn't work over MMF for us

If it is only a few going between like a dmarc and a closet, meh

BGP 💚

Plus SMF is just so much easier

But people blanket making statements about smf being better isn't always correct

I want to do OSPF from a SVI on the switch for networks for roommates at apartment

If someone wants to tell me that I HAVE to spend an extra $22,650 PER OPTIC because it's "better", we make them pay the Delta 🤓

We don't even get to the discounted prices because it end quickly

That'll work just fine. Also enable multipath if the latency is similar across both VPNs for the ECMP

How does that load balance? Round Robbin per conversation?

Generally I suggest not being ripped off

nah one way is way slower

It's like the small business server quotes asking for a thousand bucks for low-capacity 2.5" hard drives

Like no, buy an enterprise SSD from a reputable vendor for less money

I'd pay good money to have a a /30 or /29 from my ISP lol @hollow marlin

I could HA pair a 40F for prod home network and then have some rando router for the lab. BGP the lab & prod for access.

We are building a Datacenter and I have like 40 cabinets of servers going in and the GC tried to tell me the new standard for the enterprise is SMF. I told them that was cute.

Separate everything entirely

Beats having to rip up all your MMF later

They also said that someone had said 3.5kw/cab and I told them they were getting 10kw/cab so have fun

That's what I'm having to do rn at work

As said, if you're paying $22k for non-exotic optics you are being taken for a ride

It's within a Datacenter cabling, people shouldn't lump that with structured cabling

I'm not

It's far worse there

Cisco 100gb single mode optics list around 25k I think

idk much but seems pretty damn high compared to others which list around 1k?

you're never paying list!

if you buy cisco at list you're doing something horribly wrong lol

https://www.cdw.com/product/cisco-qsfp-transceiver-module-100-gigabit-ethernet/4953988

Huh. Port Based Authentication? What!?

And I'm sure they have a script to book a cruise every time someone buys one of those

Even at 60% off it's 10k

SFP-10G-LR lists for $4,882... we can get them for like $160 from our vendor 😏

I am so close to turning on my equipment and assigning IPs and creating some VMs

So yeah, mmf for the win

And we don't even buy much Cisco to start with...lol we don't deploy Cisco a whole lot

The 100g-LR is a CWDM which can introduce a ton of other challenges

I just like keeping Cisco to myself in our network 😄

We have to buy oem if we can

Sounds like a policy that works well for you if you're getting list prices

We get huge discounts 🤓

We sell netgear m4250 for most deployments we do. Only big ones I spec cat9k

but that's bc its AVoIP :P

A friend of mine's gotten big into AV recently for his business

I don't trust Aruba for AVoIP so that throws HPE out

I don't trust UniFi for AVoIP anything so that throws Ubiquiti out

Juniper is probably ok but never really tried it

Ah, so you use TP-link and Tenda :P

So that leaves netgear m4250/m4350 and Cisco

AVoIP?

AV over IP

oh nice, its a good space

Lots of money to be made

Av vendors LOVE those Netgears

Stadium+big event work

and then charge those yearly service contracts

Idk why

1. stupid easy to configure out of the box
2. the price is good
3. they have features people want

For us, dual power is a 100% must have so they sold us Netgears and put in ATSs that cost more than we could have gotten cat9300s for

Supposedly "designed for AV" or some rubbish

IP packets are IP packets

Yeah because they have all of the config out of the box

IGMP is configured correctly out of the box

Multicast traffic is a big part of AVoIP

They are until you need consistency for a key application

You need IGMP correctly configured to manage it esp across a bigger network where you need queriers and such

Could like a Cat9300 do that if they configured it right?

They also have AVB capability and PTP

The 24 port PoE+ with 4x SFP+ we typically deploy is ~$1400 for us

That's just a bit less than a C9300-24H-E would run us

And cats never ever die. Maybe Netgears have gotten better but I am still jaded from back in the day when they were hot garbage

with uplink module?

That's like 500

@hollow marlin I wanna get into more complex networking stuff at work 😄 right now the most "exciting" thing on our network is just VRRP routers lol

but this network is so interesting to design because I have to maintain independence if we have to split the racks but we also like it all being "one" network lol

The room has 2 8x11 walls the 2 5x8 walls and a couple smaller ones

VRRP is awesome to learn!

At uni we have an AV closet between 2 classrooms

2 rooms AVoIP stuff go into that

Then for some buildings all of them are connected to the main telecomm rooms which allow the entire building's AV to be networked

That's 8 screens by 11 screens. All are 55"

and since its just Crestron NVX or AMX NMX content can be routed between rooms

Same for audio since its just Dante

It's a bit silly huge

You work with VPC yet?

yes

As a server guy, it's my favorite thing

Death to VSS

Hello again.

Question:

Can I get a quick pros and cons of each design?

Does it matter?

Well right off the bat I can tell you that several of your defined ranges are impossible with your stated subnet masks.

The CIDRs are also wrong

I am using classless subnets for the IP ranges.

So is everyone I can name this century, but your subnet masks and CIDR ranges remain incorrect

So they won't work?

Correct

You look to be mixing up /12 and /20, using IP addresses outside the defined ranges, forgetting to specify the actual network address for your CIDR notation

Use normal subnets, some OSs don't like invalid subnets

Using "255" as a broadcast even when your network is smaller than one byte and starts at zero

It won't be your broadcast address, the address at the end of the network will be

Step 1) determine the maximum number of devices per subnet

/23s probably aren't needed

We can't even say that, we don't know anything about the requirements

A, 30, B, 1, C, 120, D, 64, E, 64, F, 128, G, 117, H 1030?, I, 128, J, 128, K, 4, L, 1, M, 1, N, 1

You need 1000 devices?

But I can say that your design is broken, and you need to figure out your actual requirements if you want us to say anything useful beyond "it won't work"

I'd like to have fun on that one.

That is my requirements.

Well I can assure you that your specified design is indeed "fun"

30 on A, 1 on B, 120 on C, 64 on D, 64 on E, 128 on F, 117 on G, 1000+ on H, 128 on I, 128 on J, 4 on K, 1 on each of L, M and N

M is setup for 511 devices

Ha.

Or, would it be fine to just put everything in the same subnet?

Your sheet is all wrong

In a /21

If it needs 1 device, use a /28

https://next.lightmesh.com/planner

Topic of firewalls, has anyone else noticed how awesome the new SRXs look?

Hi i have Zlt X21 CPE bought new. When first time i used it both 2.4ghz and 5ghz wifi popped up on my devices 2 mobiles 1 laptop. but now after restarting it don't show 5ghz wifi on any device. I tried changing channel bandwidth and all but can't see 5ghz wifi.

We got a new Pioner Xumo TV and it wont let me disable sale of ads, it just errors every time. I am trying to set up a DMZ rule and the only thing it makes vulnerable it that TV correct? which I am fine with, isolate it
I am still learning so sorry if this is a dumb question

Aparently my router only has DMZ host, I am not sure if that is cosndiered secure enough

I mentioned them when they were announced and they're my color. I actually just got a quote back and the SRX1600 starts at $10k

hey everyone! I've been here for a while, I mostly lurk but I'm having an issue I hope someone can help me with. I used to have Optimum's router and I knew it was junk as evidenced by me having to restart it almost every day. Finally three years ago I bought an R7000 (AC1900) router from ebay. It worked great and I didn't have to restart for about 2-1/2 yrs. I was finally out of restart hell! I had to restart it once or twice but no big deal. I know that can happen on occasion. Well fast forward until the past 2-4 months and I'm back to having to restart the router every 1-2 days. I did some research and I read it can overheat so I put a mini fan next to it using the usb port for power. It was good for maybe a week or two. Then it just went right back to where I was w/ Optimum's crappy router so much so that I eventually added an outlet switch so I don't have to actually unplug it because I'm having to restart it so damn much. I know routers can get overloaded. I stream tv with firesticks, my son is a gamer. We have phones, a tablet, I have ring cameras, I have a google mini w/ 6 smart bulbs. Between the two of us we are online about 12 hrs-16 hours/day. (24 hours if you count phones because I use a white noise video to sleep. Do I have to buy a $49,000 router? HOW do I stop this? I'm at my witts end. I want to be able to wake up and look at the internet without having to get up to restart the router almost every day. HELP!!!

Well I guess my first answer is that these questions should go in #1027757333117415424 as it sounds like a lot of troubleshooting may be involved.

It could be a software issue rather than thermal, which might explain your lack of success with your fans.Perhaps you should check if your issues started at the time of a software update or if an upgrade is available.

I hate how awful consumer-grade routers tend to be on the software side and tend to use enterprise-grade equipment instead - Love my Mikrotik stuff, highly reliable and consistent once configured - though they are idiosyncratic and tend to scare novices due to having a lot of options in a lot of places. They also tend to be a bit late to the party on new technologies.
Some people here really like Unifi gear for their ease of use and polished interface though my experiences with their WiFi APs working with phones and Microsoft Surfaces have been... inconsistent.

^ I've had no issues with tp-link's omada hardware

I have both thier router and AP and both have been 24/7 with no issues

not as advanced, but pretty easy to configrure

oooh sorry!! I saw tech support and thought it could go here.. I will keep that in mind for next time. 🙂 Makes sense that it should be in tech support.
Now that you mention it, it should have an update.. let me check that first. I never did update it since I got it....
Thanks for the info everyone.

on one side i like the prices of these chinese 2.5Gbe switches with 1-2 10Gbe SFP+ ports. On other side the only computer in my home with support for more than 1Gbe is... the 2018 Mac Mini with 10Gbe 😄. I guess i will skip 2.5Gbe switches

I'm in no rush, my work lab's all one hypervisor serving itself and internet speeds out here don't exceed 100mbps

muh ubiquiti

my internet is only 500mbps as well, i would love faster NAS speeds for random copying, but can't be bothered to pay hundreds of euros for 10gbe switches

can i get an open nat type without accessing my router settings? like is there a recommended vpn?

https://media.discordapp.net/attachments/539659550589190164/1178801761285320704/image.png

I probably paid too much. it's only dual band and it's not 6e

I'm literally holding a 5 year old router that is designated "MR9000"...these names are confusing

I recommend going by the specs rather than the model number

it'd be kinda hard to make routers by the specs without having really complex model numbers

Uh no, I mean that you have to do research rather than looking for the bigger number.

of course. I was just saying the naming is weird

I have an e(a) 6900, 7500, 8350 and those make sense in their featureset mostly

Hello everyone..
We are willing to provide a wifi network for 45 devices in a Classroom...
Shall i choose a 3 pack mesh router (closely placed) or 3 separate router to manage the 45 devices simultaneously?

are you asking if you should use a mesh solution, or just manually assign devices?

if you're willing to overlap 2.4ghz, I'd use 5 routers. how many high freq 5.0 channels are available in your area?

then again, if all the APs have line of sight, you can rely on 5.0

do they make dual 5ghz APs with no 2.4?

how many total devices? how many at the same time?

how many different rooms?

If they're closely placed you're not going to get a benefit from a mesh system, mesh systems shine for coverage extension, not capacity extension (if anything they just waste spectrum you could be using for more capacity).
If it's a nice open room a ceiling-mounted AP will most likely do a great job.

All will be in LOS
1 room, 45 different device

Shall I use mesh router in AP mode then?

LOS? 45 people all using devices at once?

you should only have 1 router, which will be behind modem

you can do in AP mode, but at that point might as well just buy a good AP

unless you buy your equipment at Goodwill

Actually someone bought a 3 piece mesh set already...
So I'm thinking to turn the other two as ap

Big classroom...
They'll all use at once in class break

is this part of a school?

there should be existing infastructure no?

They provided LAN connection only

And may pay for our router

just buy a bunch of random routers from goodwill and plug every one into the wired lan and see what happens

well, i wanted to test the cheapo 10Gbe NIC in my desktop... but X540 has no WIndows 11 drivers anymore 😄 . Will have to put it into one of my servers later, can't be bothered to test it today

(well, tested it in a Windows 10 desktop after all, vs a Mac mini with 10Gbe, did work)

how many gigabits are in a "GBe"?

sorry

what are you sorry for?

at least you didnt say "10Go"

silly other languages...

There is only few of them tho

Oh, I thought each student got one

hi.
out of curiosity, is this channel for actual network networking, or social /professional connections networking?

"For all your networking equipment needs".
Phrasing!

What is the easiest way to make a game think I'm in Paris and connect to those servers?

Currently, I share a VPN from PC to console so that happens

I want to not use VPN, still make the game think I'm in Paris

Specifically for Consoles BTW

Hi! I would like to build my own pfSense/opnSense router. I have been looking for some fairly cheap 2 port 1gb NIC for that and I would like to hear some recommendations for that. My budget for that would be ~50€ (can be cheaper if there are options). Also, if you can suggest some shops (European ones) where I could get NICs quite cheaply, used or new. Thanks in advance, I'm quite new to this stuff and I'm now building my first router. 😄

Look for Intel 82576 chip based NICs. You can definitely find dual ports for around 30 to 40 on Amazon but depends on country too I guess. If there are local shops definitely search around but try to stick to Intel stuff for best compatibility with pfsense in my experience

Intel I350-T2 or I350-T4 would be good

Alright, thank you! I will start looking for those 👍

either vpn or proxy
dont know of any other methods ||except from moving to that location ||

Haha, Proxy doesn't work, I'd like to have main connection so ping is lower

So i got the nothing phone 2 the kb/s drops all the way to 30 and goes back up to 120 kb/s
or sometims drops down as far as 0.70kb/s
the signal strength says it's excellent and it's full

So maybe someone knows a bit more about this?

K so I have a 50GB ZIP file in iCloud which is in the process of being downloaded to my phone, I want to extract it onto my NAS (OMV on a pi)

What would be the best way to do it? Extract the file locally and upload the folder, or move the zip to the server and extract it there?

I’m gonna leave it going overnight so time isn’t really an issue, but what’s generally the best way to do that?

Move then extract on the server via a command to the server

I did think about that, idk how to tho

SSH

unzip

No I know, I meant the command to extract

OMV's debian, use unzip

Thanks! 😅

Syntax I’m guessing is just
unzip <zip file> <output path>

unzip <file> -d <destination if not same>

Cheers!

What does the -d flag do out of interest

Destination, optional

Ah ok, tyy

No problem, you can consult the man page if you need more answers

Hey in where I leave there a ISP offering 10gbe fiber TV for 99€ /month. What do you think, because it is xgxpon I can't connect it directly to my network gear so it needs to go through the isps all in one ont router that thankfully had bridge mode.

Is it whort it?

Do you need 10 gig? Most don't, I don't even have 1 gig

Depends what you think is worth the cost

Ya that's true but I only consired it because all other offers aren't symmetrical current I have 500dw/100up

And I am a computer science student, so

The real question is, can a unifi udm pro handle 10gig, from what I can see not very well.

Anything else that you can recommend. Maybe custom built opsense??

It prob can, just not with IDS/IPS

@clear igloo @waxen scroll @rocky badge
Optical transport cross connects - 18 simple steps

18 simple steps
network engineers HATE him!!

you messed up one of those arrows

That was provided by the vendor

port 2 is messed up

you need an attenuator on there

Are you referring to this port? I believe there is an inline attenuator is goes through

lmao

I'm trolling you to keep looking at the thing until your eyes pop

there is also this (not sure if it is from extras or in standard packages)

then you can enable it and open ui, and you get a command line via web browser

most things can't handle 10Gbe, but you don't have to. If the slower alternatives aren't cheaper enough and you still get higher speeds, then why not. I mean if the 500/100 is 50 euros, but your hardware is capable of using 3000/3000 (for example), then the 10gbe symetrical is still worth it

Line rate it can

No IPS/IDS

but I've seen people put 9.5Gbps through it NAT

meanwhile i am here looking at my 500/30 cable internet and wondering if i should go with 1000/500 with static IPv4 for 41 euros monthly (without static IPv4 it is 33 euros) - it would save me a 6 euro VPS tho

sounds like a pretty good deal to me. just recently switched from cable to fiber. its night/day difference. Comcast to ATT fiber in the US

someones trying to get me to run
netsh wlan show interfaces | find “BSSID”.

does that reveal any personal/dangerous info

run it first then see what it gives, then give him the info if it doesnt look personal

it shows you the mac address of your wifi

can someone do something bad to you with your mac address

https://zuli.io/how-to-find-the-bssid-of-a-wireless-network

ssid is the textual name of the wifi network, bssid is the technical address the network

it is visible via scan of wifi networks anyway

it will simply tell the other person if you are connected to a wifi, and if you are, then to what wifi. but unless he knows the BSSID of your local wifi networks, doubt it will tell him much

Nothing much, who's asking

Can tell what type of device it is

BSIID is the id of the base station

Basically the mac address of Access point I believe

how does ip bans work on dynamic ips

For me it's 70€ for 500/100 fiber, TV and 3 sim cards

I think the prices are pretty good.

It's a ipv4 static by default, we can enable for free ipv6

technically this is for 1000/300, then 1000/500 + IPv4 + static IPv4. The upgrade from 100/300 to 1000/500 might not worth the 10 euros tho, in that case it would be 30.03 euros for 1000/300 with static IPv4.

On one side having a static IPv4 would mean i could drop my 6 euro VPS and use my hardware at home for web server etc - a spare Ivy Bridge or X99 system will handily beat the poor 1 core, 1GB RAM, 25GB storage VPS i have. On other side i would have to really read the fineprint on IPS rules, if they even allow it for home connections.

In your case it still comes down to deciding if you can actually use that bandwidth for something, and if you can live with that fee.

they dont

but also truly dynamic IP is a rarity these days. most customers are behind a CGNAT on IPv4 and have semi-fixed IPv6 (if they got IPv6)

For now I m sticking with my current plan and maybe they will offer free upgrade to 1000/500

And when I have time I will write a small guide with all the configuration needed to use personal gear with meo and have tv and the landline(voip) work with MEO Portugal.

my janky USB NIC on my "router" is finally getting replaced by still janky solution, but which is a "real" network card at least (the case i have used doesn't have a PCIe slot opening, so i had to use mPCIe it had and there is a hole to pass through those two cables (the hole was originally intended for USB cables... it's complicate). can't wait for the delivery on monday 😛

is that a wifi connector to a ethernet adapter? 😁

no, it is an mPCIe ethernet adapter

but yes, mPCIe and M.2 key A/E is mostly used for WiFi

but not exclusively

ofc not exclusively buit that is what imgetting at

you can get ethernet cards, SATA controllers for those slots

that is where i know that connector from

to be precise - this is the system it goes into. the wifi card is removed, it goes there. the usb cables which go out of the case are now connected via adapter to the internal USB3 header, and that is the holw ehre i will pull the cables throug, so the ethernet port side will be outside. Not ideal, but better than an USB NIC 😄

reusing very old HW for a router, why not. Kinda OP router, but oh well 😄

(i5-3470, Z77 ITX mobo, 16GB RAM, 250GB+250GB+1050GB storage, running OpenWRT and docker on it)

I assume the red piece is an M.2 slot adapter?

yes, but there is no opening at back of the case

also the case is very low (low profile devices wouldn't fit). internally looks like this

i just put it in there cause i don't really have use for that slot (would have to solve a riser somehow to make it usable otherwise), and the storage drive is even more useless 😄

cause that is XP941 250GB, which is a PCIe AHCI drive. Not NVMe, nor SATA, so can't put it in any USB boxes. Also pre-Z97 boards can't boot from it either

it runs OpenWRT, plus few docker containers (HA, Guacamole, NGINX Proxy Manager, Mosquitto, Heimdall, few downloaders, portainer, ntfy), still got way too much RAM unused (13.4GB), CPU barely does anything (<5-10% at peak) and storage is more than enough

just that NIC is the last piece of puzzle which is missing, and then i can call it done. Sure, it uses around 29-30W at idle from the wall, but on other side it is overkill enough to host enough of 24/7 software and be a router at same time

what cpu are you using?

as i said above, i5-3470. pictures and specs few posts above 🙂

im blind

what is avalibile height of the case? probally not enough to fit half height pcie card

i mean, is it ideal choice ? no. But at same time, the board is a part i had since 2011 or 2012, CPU was a cheap part i bought some years ago (the board was with 3570K, but that is too OP for this use case), SSDs were from various previous builds between 2014 and 2017, case was from a build i did for mom around 2011. only RAM is relatively new, from Ali 😄