#networking

But not so common

Try and ping your default gateway, that will at least limit your trouble shooting to your pc or your equipment between you and your home router.

Yeah I had to do "systemctl restart NetworkManager" in the terminal

Is a router the best choice for a WireGuard server?

Also can anyone recommend a good firewall? Also do I need one?

It's no better or worse than other options IMO. Just a choice. Could easily do a WG server on a random device (like a raspberry pi). I do mine directly on my router though.

You can do OPNSense on pretty much any x86_64 device. I've repurposed an old enterprise thin client PC to act as my router.

fortigate 90G

7121F more like it 😛

Hope this counts as "networking" with a cheeky meshtastic device recently acquired, it works like a charm! Made a ping from some dude in a plane lol

LoRa's neat

He said good and not excelent

I'd turn my nose up at it with a 99% discount
I mean 300+gbps of inspected traffic is insane but still

Plus licenses

Maybe it's an Australia thing

Even most ISPs here aren't paying for enough bandwidth in one place to warrant such a thing

Indeed

I think my water-based mobile NOC is a more compelling spend

They’ll be fine

Keep in mind the web UI won’t work anymore

So you’ll have to be comfortable using the CLI

I’m pretty sure the web UI used Java applets

If you don’t want the management features you’ll be fine

Yes, but no browsers have had Java applet support for like 7 years

They may have gotten updated then, but I was working with a procurve 2610 a couple weeks back from a similar era that wanted Java support

btw firewalls arent only used at the edge, you also use them for controlling zone traffic

Can someone help me find a network switch, needs atleast 20 ports

what is your budget, do you need poe? do you want higher than gigabit uplinks?

What's poe?, and My buget is like 100$

1 gigabit is fine, we only got cat5E cables anyways

What's a good size house these days, lol

No, dont have a server rack

Can I still use the ports for normal ethernet at 1gb?

With POe?

How much more expensive are poe switches

Yeah

It'd pay for a bit over twice my house

Who needs house when you have firewall 😄

Me

Live in the box it came in, some sturdy cardboard there

It'd better be sturdy

I can't imagine having your most-of-a-million dollar firewall get smashed up in shipping

Cheap house!

even better if it comes on a pallet in a crate

yesterday in one of my 200f clusters one fortigate was down for some reason
i got onsite tech to unplug it and replug it and it came back up
no logs anywhere on why it went down

just bunch of HA logs that it lost communication

crashes with no logs are the worst

solar flare be like

thats why everything except access layer is in HA

oh definitely, it just is annoying when something crashes and you can't even get support on the phone to figure out why since there aren't logs or anything

also you would guess that it would display a big ass warning "hey one of your HA clusters has lost a member"
but nooo just a tiny red arrow and nothing on a dashboard

yah, well of course, don't want to alarm anyone 😛

aw yep
find a waldo moment

so speedy

Sure is!

Can you recommend one?

Yeah

Can I get 1 with and 1 without?

So I can see the price difference

Thats a huge difference

I'll stick with non poe in thag case

https://www.senetic.de/product/R8R50A?configurator=enable
Poe is possible on that budget but it will have to be used, example : WS-C2960X-24PS-L on ebay

yo i’m lookin to set up sum diy home security with a local nas storage. would prefer to talk to someone with actual experience in this area

ping me pls

Hey, what's an ideal setup for an older condo unit?

Currently using the modem/router Rogers provides with gigabit ignite (XB7), can't change settings, channels, etc. Looking to go bridged mode. WiFi speeds are okay but gaming is super unreliable. (I know wired is best but I'd really like to exhaust some wireless options. Running a cable is out of the question...)

Thanks friends!

If you have coax in your walls you could use MoCa

or powerline but it mega sucks compared to moca

even tho "running a cable is out of the question" a stealth run could probably be done

the PC is in a separate room from where the coax lines are so the cable run would be shorter but still not ideal

so i could use some switch suggestions. my old router died and the spectrum one is trash so it's time for upgrades which i've needed for a bit. so far i have an m720q + x520-da2 + 1Gbase-t transceiver to serve as the opnsense router (still debating on hw or vm), and a tp-link eap225 ap. would prefer at least 1 sfp(+) port. i'm not worried about poe at the moment and would prefer something equal to or quieter than my eaton 5p ups' and NO licensing/subscription bs.

Calling licensing bullshit is a stretch lmao, but I understand if you don’t want it

You also provided very few requirements

well i have 3x intel x520's so the more sfp+ ports the more of my network i can run at 10g speeds. its for my home so requirements arent that extreme. i would prefer rackmount just for organizing purposes

Licensing is bullshit when you're paying inflated prices for the hardware

My hardware shouldn't stop working because I've stopped paying money

what is the best ethernet cable for maximoum speeds i currently have an cat 5E cable

CAT 6, but it also depends on your networking needs and primarily distance.

your 5e is likely more than enough at home unless you're getting into multigig.

ok thanks

no worries

here's a chart for reference.

thanks this chart is actually really usefull

No problem

This chart is wrong, cat6a can do 10g at 100m

ah yea nice catch, 500mhz probably wasnt factored.

Guys, for WiFi sages here, a quick question

How much range would an m.2 WiFi card have if you don't attach the antennas?

Would it be okay if you plan to use the wifi/bluetooth for Earbuds only i.e you'll be right next to the case without any obstruction apart from the case glass?

if you want new switch then
https://mikrotik.com/product/CSS326-24G-2SplusRM
or
https://mikrotik.com/product/CRS326-24G-2SplusRM

you can get internal antennas if you dont want stuff sticking out but running one without anttenas will get you no range at all

How much is no range at all

Because I'm about a meter or so away from the case already

The Motherboard has sockets at the back I/O for antennas but running them requires the dismantling of the entire case, which I do not want to do

no range at all = wireless module will probably shut down to protect itself

...why would it shut down to protect itself

if you want only bluetooth just get one of those small usb dongles from tplink

Yeah I suppose more convenient

I basically need something like this:

Except; the module I want to buy does not come with the antennas, or the wires

What is the name of the screw-in connectors that the antennas use?

ipex on the module, sma on the big side

So the IPEX goes to m.2 module and the SMA is the big screw in one

i know that Cisco c9130AXI-E will not even boot without antennas

Hmm

sometimes it is rp-sma, at the end it doesn't matter and just get matching cable and antena

I think I'll just get a wifi-bluetooth combined USB module

I don't want to bother taking off the GPU, motherboard, cpu cooler just to install and screw some 2 wires

i have used UB500 before, it is deacent

F*ck you Asrock for skimping out on $8 worth of hardware

They couldn't have included it could they? Sigh

Cheapos.

Sorry for vent.

they have variant with and variant without it

I doubt it

Just put one of these fellas inside your case

Not found on their website

thats what i suggested...

Nah man I'll just get an USB dongle

Thank you for the information though

I'm quite fluent in hardware, however, I have not once meddled with ngff wifi cards

next gen

This is the rig

I am not going in there undoing stuff 1 by 1 just to install 2 skimpy ass wires

when you have to diagnose it

What is the most recent protocols nowadays

if connectors are at the back and not just holes wires are already there

Just holes

ah

Fairly certain I need to take off the I/O assembly to run the wires and screw connectors

Including 20 cent connectors too expensive

Asrock ™

Anyhow, plan m.2 wifi is a no go

USB it is. Wifi 6 & Bluetooth 5.3 is the recent ones I suppose?

wireless 802.11be (wifi 7)
fiber 800GBASE-DR8-2 802.3df-2024

Hm, not sure if I need whatever advantage wifi 7 offers

Honestly I just need the bluetooth for my IEMs

then just get that tplink UB500

Checking

5.0 is a bit outdated no?

802.3dj is in the works too

Is that okay for sound stuff?

yea but still in development

yes, i have used it before

Bluetooth 5.0 is the mainstream

Earlier I've had issues with multi-channel audio when gaming (Game, Discord, Chrome)

fair, yah, probably next year or so

Pretty sure that was a 5.0 device with 5.3 compatible earbuds

Although fs.com has a 1.6t DAC already out, lol

Is there not an upgrade to 5.2 or 5.3 over this?

are switches or nics also avalibile?

Not that I know of

In other news - are there any softphones for android and iOS that don't suck? (And aren't 3cx)
Every single one I've tried seems to either have a UI looking straight out of 2010, or it just doesn't work.

in few years we will upgrade the core, maybe it will be avalibile then

oh yah, with how fast everything is moving due to AI Hype then I definitely think 1.6 or even 3.2 will be out in a few years time

yea but i definitly dont need it
even 100g that i have rn is overkill

Already have 100G SFP-DD out on the market

So ugh one last question

I shouldn't run into any issues if I get a 5.0 module instead of 5.3 right?

Because UB500 is more readily available from TP-Link whereas 5.3 ones are offered by off-brands such as Ugreen

bluetooth is backwards compatabile

That wasn't exactly my concern, but

Odd, UB500 shows as BT 5.3 in other regions but 5.0 in my region

Old stock dump

Are those 10g switches?

1g only

I was confused with fiber optic thing

Those are SFP ports, they're 1g only
SFP+ would be 10g but the switch doesn't have that

I bough an Acer wave 7 in hope to get better network speed between floors, the two boxes are in direct line between the floors. The speeds are awful. It was a downgrade from my Google Nest. Can anybody recommend anything beside running cable?
I get around 300 down, my router get 500

If you want 10g you would need to pay 60-100$ more

If you have a decent nas it is useful

Even in enterprise i often uplink with just 1g as there is just no demand for more

And since you want redundancy i lacp 2 1g connections together

I def don't need 10g

I think 10G is the minimum I’d accept for an uplink at this point.

At $work, we have 1G access for 99% of endpoints, 10G/25G for the last 1%. 25G uplink to two switches, using LACP. Dual 40G/100G in LACP to the core. 40G is being phased out for 100G.

My IP phones need 10G I swear!

yea for lots of office/admin people
makes no sense for industrial aplications

Whats the difference betweeen a managed and unmanaged switch?

https://youfailedyourselfatgoogling.com.au

But you’re talking about uplinks, supporting 24-48 1Gbps ports.

is a managed switch really needed for a tipical home network because I'm not expecting to get ddosed or anything

You’d know if you needed one 🙂

even more
there was one stack with 8 24 port switches in it that i recently upgraded uplinks on
previously it was a single 1g uplink
now it is dual 10g
i have no idea why it wasnt upgraded before i came

Yeah, but this is my point

For minimum 24 1Gbps ports, I’d want at least 10Gbps uplink

For the love of god, just don’t daisy chain hubs.

he should make a ring from unmanaged switches

router>switch>router>switch ETC till I hit the 2nd floor

I walked into an end-user area reporting weird network issues last week. They had hundreds of netgear switches connected to our access switches.

Another admin had disabled NAC on all of the ports.

Nah but I'm only getting 1 switch

i have heard stories about simmilar thing on one of our locations way back
bunch of unmanaged switches, daily issues with various industrial programs, plcs etc
after we pushed them to switch to cisco all of the issues went away

Many of the unmanaged switches connected to each other. When I asked about it, they told me “years ago IT just handed us a bunch of these and it seemed to work”

key word "seemed"

Oh, it “works”.

Every minute or so everything blocks traffic for spanning tree, but it “works”.

They won’t let me fix it either because “somebody from IT tried to replace it with a fancy $10,000 switch but it didn’t work when we connected new equipment”

And of course none of their equipment has a certificate or has its MAC in the NAC.

what kind of hellhole is that

I’d rather not say, and you’d rather not know.

understandable

Doesn’t matter anyway. They’re moving to a new building in a few months to a year, and the new room will be done right from the beginning.

i love when they buy timelapse camera that costs 3k but doesent even support 5ghz wifi so i refuse to connect it

as all ap-s have 2.4 turned off

We don’t have wifi on any of my networks, security concerns.

we have 3
corporate (certificate auth)
iot (password+mac address whitelist)
and guest with everything isolated

My home network is a bit like that though. Both my girlfriend and I like some things on older consoles, so I have a 2nd SSID for legacy equipment.

2.4GHz, disable some newer roaming features

It’s on a VLAN by itself, because the consoles just need to connect to each other 🙂

As in no wifi at all, or just isolated?

i belive 2.4g is turned off bc if you connect antenna via dart and with 4 connectors on top of ap you can only use 5ghz on c9130axe

but i dont really deal with wireless as that is what my colleague deals with

None at all. We have a few links where wifi is used, but with IKEv2 tunnels wherever wifi is used.

And those are point to point.

What kind of environment is this?

It’s a corporate environment that’s theoretically supposed to be secure.

do you even IPS?

Yes.

And no wifi devices at all?

No mobile phones, no laptops?

Any devices with wireless capabilities must have the wifi removed where possible, or at least disabled.

is this a bank?

No, banks aren’t that secure.

Bank branches don't care that much lmao

If a bank gets breached like that, they’ll just blame the vendors.

even bank hq dont care that much

So no laptops or mobile phones?

Mobile phones can be brought into the building, but must be stored in designated areas.

bro works in 9th layer of hell

#networking message
Military or something?

Something like that.

I like not having my phone on me.

I carry three phones half the time lmao

I still carry a pager.

calm

When paged, I can walk to the closest phone to see what’s up. (Assuming it’s not an automated message from my monitoring scripts)

There’s a phone every 50ft or so in the hallways.

What deskphones do you use?

Cisco 8841s

Modified to use fiber optic in some cases

Yes we have done that a couple times

meanwhile we removed most of them...

Send them my way.

DECT too insecure for you guys :p

We never had DECT, but we definitely wouldn’t use it.

I have tried to talk security into allowing wifi so long as it isn’t accessible outside the building and Cisco wifi phones though. They said no.

I wanted to have wifi for my laptop, make it easier when going around and consoling into things. No.

We can’t even run an IPSec tunnel on the same hardware as the wifi connections, they wanted it on a separate device.

Sounds like classified facility

8841s are nice phones.

What did you replace them with?

You'd scoff at our chinese phones with cameras on them lmao

webex (teams soon)

I’m pretty sure 8841s are made in China.

There’s a balance between convenience and security. Wifi is a convenience.

We use a mixture of Yealink and Grandstream 🙂

I’ve worked with those before. Not where I work now, but as an independent contractor.

meanwhile here wifi is a critical service that must run 247365

Fantastic things, other than the Grandstream ATAs, they seem to disconnect from our ACS often and not respond to provisioning requests

That’s true many places, but wifi is still a convenience.

In most cases, it could still be wired.

would love to see these wired

I have seen things like that wired

if they are on a rail then they can be
these are laser guided vehicles and are compleatly unthethered

Neat. Yeah, the ones I’ve seen were on a rail.

Speedy

I get the feeling I’ll end up supporting wifi at work in ~20 years.

Full Duplex!

I’ve actually seen network products advertised at twice their rated bandwidth because they’re full duplex.

Marketing people will do anything.

i have seen a unmanaged 8 port switch advertised as 16gbps

Haha

dlink loves duplex speeds

https://www.navytimes.com/news/your-navy/2024/09/03/how-navy-chiefs-conspired-to-get-themselves-illegal-warship-wi-fi/
This is what happens when you don't give the people wifi

aw yep

rules for thee but not for me

lol what a poor solution

no qr password sharing?

Very poor AAA solution

The philippino mafia strikes again

does this work with a pcie 4.0 x16 slot with 4x bandwith? https://www.amazon.com/Ethernet-Broadcom-BCM57810S-Controller-Interface/dp/B06X9T683K/

Does it work? Idk it's some generic card from Amazon and anything's possible, I guarantee nothing.

Per part No. and spec sheet? Very likely, but it won't be able to saturate both 10 gigabit interfaces simultanously due to running at PCIe 2.0 x4 in that configuration.

I just googled it and it said it can help detect attacks or sum shit

No not at the level you're thinking

They can be configured to block access to unknown local devices by MAC, or ports with unapproved switches connected to them. It's possible to go further with network access control like dot1x but that requires much more than the switch.

No.

Protecting yourself from a DDoS requires much more planning and would typically require you to use a provider like CloudFlare to sit between you and incoming requests so it can take the DDoS traffic for you. Otherwise the weakness is just your internet speed vs. Theirs.

It's also useless if someone knows your IP and can saturate your connection.

There are other types of Denial of Service which cleverly break applications using design flaws rather than sheer bandwidth, but for that issue you want a firewall with IPS capabilities (there are other techniques too), which is not something switches can/should generally do.

You know those fancy Cisco switches with Xeons in them could definitely run an IDS but that's not in your price point and is also a very "hammer in screws" approach

If you want to host things publicly, it is recommended to use a hosting provider that always offers protection or higher capacities. Furthermore, you can always configure pfsense with wireguard (in cases of self hosting)

anyone in here have experience with xfinity port forwarding just randomly closing the port?. i deleted and re added the port aswell and its still closed rebooted twice no dice

can anyone identify that LAN port and how fast it is? it's from an optiplex 3010 i have running as a NAS but for whatever reason it's only giving me sub-100mbps speeds, and it's not anything else, all the cables and connectors and stuff are rated for 1gbps+

If it helps, i have a CAT5e cable running from it into a TP-LINK 8-port 1gbps managed switch, and my pc has a cat6a cable connected to a TP-link 10gbps network card

What speed is it negotiating at?

may be a dumb question but I have little knowledge on home networking. If I run an Ethernet in the attic to a bedroom with wall plate, can I plug a switch into that for multiple Ethernet outlets in that bedroom?

I accidentally got so many network devices

Now bridge them all together…

Yes

Can someone explain to an idiot. Was having issues with the the Ethernet only supplying 100 or less, but pulling the cable from the modem and resetting the switch resolves the issue and starts supplying up to 1000 again. What causes or rather what is the issue/s for devices not being supplied the maximum bandwidth?

can someone also help this idiot with xfinitys stupid portforwarding lol

When you connect a device, both devices will negotiate a speed. If the devices start seeing errors because of a bad quality / damaged cable, they may drop the speed down from 1000M to 100M to give a steadier connection.

What if the device has maintained a higher connection for months on end? I get between 400-500 at peak times consistently. It's just recently. Though recently both my brother and I got a "Ethernet doesn't have a valid IP configuration" but I managed to fix both.

Gigabit ethernet can negotiate to 10, 100, or 1000 mbps. The cable could have been damaged or got loose after a while

If it's a copper clad aluminum (CCA) cable, which are annoyingly common on places like Amazon, the wires are pretty brittle and cause issues after a while especially if it sees movement

Hadn't thought about that. That would probably explain why it coincided with the modem being moved. I had to do a lot of maintaince on an aquarium and moved it out the way to avoid water damage. I did also happen to as mentioned remove the cable and reconnect, that might've just fixed it on its own.

As for the quality of the cabling, I actually don't know on that front. I had someone wire it up for me because I couldn't be fucked to deal with all the hassle. As far as I'm aware he bought a spool of it from a trader locally.

I did have to strip on of the cables to attach another connector because I snapped the prong on one of the cables and I do think from memory that it was copper underneath the sheething. What cabling is better?

Probably won't respond for a bit, I've got to pop out. I do appreciate you answering my questions though.

It's hard to tell visually if you're not looking for it. Copper clad aluminum will still be copper on the outside, but with an aluminum core. Also, less than perfect RJ45 terminations can also cause issues if you have things untwisted too far, or not quite crimped down all the way, wrong pinout, ect

I've been having a weird issue on my home net. The VPN I use has stopped working on my home net specifically. At my school it works perfectly fine and I can't understand why it does this. Can someone help me with the issue

Also to add when I connect my mac to the VPN at school and come back home it works fine too so I don't know what could be causing my home network to not work with the VPN

i tried to send over like 300-ish files from it to an hdd on my pc(tried it with an nvme too, its not on my pc's side), and max i got like 80mbps

(thats what windows file transfer says)

It's official, wifi is faster than ethernet for devices that are limited to GBE

Bell Gigahub on Wifi 6

nice

https://blog.purestorage.com/purely-educational/understanding-digital-sizes-megabits-vs-megabytes-mbps-vs-mbps/

yeah i figured it out, lol thx
turns out i'm a bit silly in the head and forgot the metric was in megabytes, not megabits

turns out it's fine lol

It’s confusing don’t worry :)

thx

(wonder why they use two separate standards)

Network speeds have been measured in bits per second for a very long time

The 56k in 56k modem represents the max speed of 56 kilobits per second

nice, never knew

i'm stupid in networking. im pinging from my device (network-1) 192.168.1.35 to 192.168.50.252 (network-2). didnt work even tho i've tunneled it and pinging to 192.168.50.1 is possible

any idea how to connect to it?

but pinging from 192.168.50.252 to 192.168.1.1 doesnt work

Guys I have a question, even though it’s pretty simple and should just be a Google search.

So I have a orbi RBR50 with 2 satellites. I just set up a nas and I want to set a DNS manually. With ATAT you can’t do that, but the option is grayed out on Orbi because im running in AP mode.

Anyway I can still have connectivity with being able to set a manual dns?

You have to run with atat gateway or you won’t get connection. And if I manual set DNS on specific device I lose connection

you would have to set dns on dhcp server which runs on a router

Right but in this specific case I don’t think it’s going to work

Okay, i will try here. Can anyone suggest me a way to get around the fact i dont have my own public static ip address? im trying to host a minecraft server (its running on my ubuntu desktop) - locally it works perfectly but i cannot port forward because i dont have a public ip (isp uses cgnat because of limited ip addresses, i have to pay extra on my internet bill to get one) - so im trying to find a way to still host my minecraft server externally without paying for a vpn or buying a virtual server... and ddns doesnt work with cgnat. i am so stuck

Since you won't buy a solution your only option left is a free virtual WAN app which people on the other end would have to use.

I see

So just trying to get a public static ip through my isp is probably the best option then

Not even hosting through ipv6 address is feasable?

Funnily ipv6 statics are plentiful only v4 is the issue. Some ISPs charge different prices for them.

Yeah i mean isnt that the whole point of ipv6.. yet when im trying to host with one, it seems like there is no documentation to actually get people to connect to it

hi guys, im encountering many problems with my truenas scale server recently, ranging from many different aspects. things that used to work now completely dont. my current issue is im trying to setup a MineOS app to host a mc server (i tried the minecraft app, but also didnt work) i get this error Startup probe failed: dial tcp 172.16.0.22:30015: connect: connection refused
with the minecraft app, it had problems with fetching the software, like bukkit, paper, purpur. so it seems this all has to do with network/internet.
accessing plex via internet also seems a bit bricked, while downloading torrents with qbittorent works fine
im really considering reinstalling truenas altogether, but this would be a serious job bcs there is lots of data and other stuff
also i cannot in any way access smb shares, even with everyone@ access, sometimes asks for some certificates, and asks 3 times to give credentials. any help would be very much appreciated!

What would you guys recommend as a home router from ubiquiti?

I would need it to have wifi if possible

My dad got the UniFi Express and hasn't had any issues with it. It has WiFi 6 built in, and then has your GbE WAN port, and the GbE LAN port

So you won't be getting 10gig or even 2.5gig on it, but if you're not as interested in that, then it's a solid little router

I have a switch and a AP from Ubiquiti so I just wanted to get all the gear

Otherwise, the Dream Router is also an option. Has 128gb SSD for NVR, has again only a gigabit WAN port, but it also comes with a 4 port switch and 2 PoE ports if that interests you, and it's only $50 more

Yeah so if you already have a switch and an AP and you need a router with built-in wifi, the Dream Router or the Express would work. The former would have a built-in switch for devices near itself or getting other lines run, the Express is great if all you need is the little box

I need to connect my smart heating and cameras

Otherwise, if you didn't absolutely need the WiFi, you could get something like the Dream Machine which is what I have. They're great, but they lack wifi, so you'd need to either just use the one you have, or get a second

but yeah the Express and the Dream Router are good options if you just need a simple AP, don't mind only having 1gig, and need WiFi on that box

both seem like really nice options

Yeah, like I said my dad likes his Express, but if you want a bit more flexibility out of it the Dream Router might be better, but it'll take up more space than the Express

ill look for a nice deal. Im fed up with this dam ISP router

What else can I use the storage for?

Not much I don't think. I have a drive in my dream machine and haven't found any use besides an NVR

which I'm not currently using anyway so it's just sitting there

Dam it the Dream Router isnt available

300GBP but MSRP is 159

Anyone know a good ethernet cable to get or should any from Amazon be fine?

I also dk what category I should get

Most are good it depends on the speeds you wanna run.

But CAT5E is most popular and common to use

I don’t need the fastest speeds but maybe something that is future proof if I end up getting a faster WiFi plan in the future

Does the brand matter?

nah not really

just dont get the cheapest one sometimes the outer plastic is very crappy

PoE has gone too far

There is just about 0 point buying Cat5e in 2024

There are PoE all the things

cheap

Not really

Oh dam CAT6 is cheap

plus these days Cat5e is more likely to be cheaper aluminum based garbage (CCA), if you run PoE over that you're in for a bad time 😄

copper clad aluminum should be illegal lol

cut your own

just buy a big ol spool of cat6, get a little cable cutting kit, and never buy cables again

Eh

It's barely any cheaper

not if you need a patch cable

where it's stranded instead of solid

solid mainly for in wall

oh yeah I buy patch cables

but I bought 1000ft of Cat5e a while back and the amount of money I've saved by not having to buy/ship/pickup ethernet cables has paid it off, and I think I still have 500ft left

Yea it is fine

Yeah barring the cloud stuff it's simply a question of: "do the devices have a risk of being compromised and causing harm" and that risk is equal to "Are there users/software on my home network who might hack my switch"

For most the answer is that isn't a real risk

The only other issue about the old stuff is that some of it's not very power efficient, actively cooled and therefore a bit noisy

Esp. If the fan bearings are dying from a decade of abuse

Fans can be replaced with much quieter ones

Just give them some compressed air, you never know what environment they ran in all these years

Yup

These switches were in idf for just 1 year

Is it that much cheaper though?

I guess it depends on where you buy cables from. In my mind, I'm thinking time cost as well. You could probably buy some online for about the same price, maybe marginally more expensive than cutting it yourself, but you have to wait for delivery. If you need a cable now, you can run to a store but they'll be way overpriced

I don’t really need it that fast and Amazon most come the next day

Yeah then in that case infinite cable or Amazon is fine. i just like cutting them myself for odd lengths

i have problem with my aps from ubiquiti, i got 700Mbps fiber connection, but my aps over wifi got max 150Mbps. i have uap lr

Does the brand matter?

And i should just get a cat6?

i got a datto poe switch that the company no longer cared about and that fucker had spiders in it

probably not? Like maybe don't buy the cheapest garbage possible but it's ultimately twisted pairs of copper so if it works it works

so something like this would work?

i kind of need a flat cable

it could be fake "copper" aka CCA

dont buy that ever

that cable?

i dont know, need to see description

but flat cables arent known for exceptional performance, especially sketchy when it has 4 diffrent categories in its name

what brands are known to be good

fs.com
monoprice
infinite cables
datwler

these in the uk?

how long do you need it?

like 30m i'd say or maybe even more

i might have to route it across my ceiling

if you are running them throught the walls it makes more sense to terminate it yourself as you need to drill much smaller hole

i wouldn't be drilling anything

i can get it through the gaps in the door

oh wait actually maybe it will be hard to do that

might have a problem 😭

what do i need to install in order to be able to put my router in the same room?

you can also run cables behind these

i think my best bet would be putting my router in my room

but it has fiber so idk how hard that would be

what are you trying to achieve?
better wifi?

more stable

it's already good but i just want it to be more stable

you can install a access point

are they expensive?

depends
ac is 35$ and up
ax is more

that's not too bad

but is it better than an ethernet?

nothing is better than hardwired ethernet (except fiber)

i have fiber but i use wifi on my pc

which is why i need ethernet for my pc to maximise speed and make it more stable

i dont know much about this stuff

I mean the best way to do this is to run it through the walls, but if that's not an option, you can get a super long cable, otherwise you can get something like a repeater or an access point that has a LAN port and you can get it from that

i'll probs end up going with the first option icl

the hard part about that is you have to open the walls

that said, if you happen to have an attic or a crawlspace, you can try running cables through that and drop it down, but if you have a fire break in your walls it can be annoying to punch through

tier list would be
wired>moca>powerline>wifi>wifi repeaters

so there's no way of putting my router in my room really

well you don't need one, but it would be hard

and then just hooking it up to a short ethernet

if your router is a modem combo, you'll need to get your internet drop to the new room which can be hard depending on your internet setup, and you might need to pay someone for it

if you have a separate modem/router like I do, you can do that, but then you still have to run a long cable from the modem to the router

so what you'd probably want is to get something like an access point that has a direct connection, then drop that to a switch that goes to your PC, that way you still have wired internet, but you also get better wifi

or you can ignore the access point and just go from the router to a switch via a really long cable, and then go from that to the PC

or, again, straight to the PC from the router with the long cable, I prefer putting a switch in for versatility

damn that's confusing

and sounds like a pain to do 😭

maybe in text format, but basically your internet goes:
ISP -> Modem -> Router -> Switch -> Whatever else

though you might have a router/modem combo, in which case you just merge those two

how can i know what type of setup i have?

A switch just allows you to take one input and spread it out among multiple outputs, so say you had a wifi access point, your computer, a printer, and an Xbox, you could hook all of them up to a switch that then takes one line back to the router

oh i get it

You don't really need to worry if you have a router/modem combo unless you plan on moving the router, which I don't really recommend for now

the big thing you need to do is get an extra long ethernet cable, and if you can run it through the walls/attic/crawlspace, do that, otherwise you can staple it to the ceiling or on the floor, it's up to you

might be able to do the floor

then hook that up to your PC. Adding a switch in front of the PC becomes super easy after that but if you only care about the PC, then just do that

floor works, but make sure you either tuck it away or hide it, because if you pinch it, trip on it, or a cat eats it, you'll lose your internet line to your computer

yeah it's only for my pc

my dog chewed through mine before I moved my setup to a different room and didn't need the cable on the floor

i don't have a pet atm lol so i don't need to worry about that yet

Yeah then in that case make sure you don't trip on it. If you do it bad enough, you could bust your ethernet port on one or both ends of devices. Just gotta make sure it's "safe", however you want to do that

put it under a carpet maybe

is it fine if it gets stepped on?

I mean I wouldn't stomp on it with heels but if it's under the carpet then that should be okay, as long as it's not sitting on a carpet tack

alright

thanks

and if you have the option to punch it through a wall, it's not too hard to add an RJ45 keystone panel into a wall, you just have to know where a stud is and make sure you clean it up

but that's more advanced

yeah i would probably break something

or collapse my wall

I doubt you'd collapse it, but if running it on the floor/under the carpet/similar, then I'd just do that

it's easy to install, easy to uninstall

yeah lol i was only jk but it could definitely go wrong

Delete if not allowed. I'm looking to setup my home lab. The issue I have is I can't interupt my family network So I am trying to setup a Opnsense firewall behind my main family router. I want to have to internet facing services such as game servers. I am just running into an issue on the be way to do this. Any ideas on how to properly do this?

there's two options, one of them is more elegant, but requires static route support

1. Double-Nat, so just generic router behind router. If you want anything open to internet you will need to port forward on both routers

2. You setup the opnsense router, but without NAT. Then setup a static route in your family router that tells it where the subnet behind opnsense is (the opnsense router IP). Then you only need to portforward once, on the main router

Is there an easier way of doing this all that you would possibly recommend?

both are pretty easy imo

words may seems complicated, but it's basic networking

I'm talking if I should even bother with the Opnsense router behind the Main Router.

depends what you want to experiment with

more on the networking side, then yes

more server stuff it may not be needed, but it allows for some isolation of the servers with firewall rules from the home network

either way it's good to know

Is the default gateway the same as public IP???

no, it rarely ever is

I can't actually think of a home network scenario where it would be

@peak cloak Thanks for the assistance, That helped me get my rules figured out

Hey guys I recently picked up a AX58U to replace my ISP provider router and I have one problem that really bugs me for what ever reason when I try using the cable that came with the router as the WAN cable the router always reports the network cable as unplugged however all other cables work and then to throw me off again that same cable works completely fine as a LAN cable but whenever I try using it in the WAN port it refuses to connect

Does anyone have any idea

"My arm hurts when I touch it"
Don't touch it then

It's likely a bad cable and you're just having unusual luck with it

I’m serious though every time I try it on WAN it fails but works perfectly fine on LAN

Ok, sure

This does not impact my response.

I guess

It’s just one of those things that bother me like how does this even work

Just because you're observing something in a comparative situation does not mean that it's happening due to the observed difference between the two. Could be that half twist you put in it, or the other device doesn't put up with the same BS on the CPE side

Either way, probably don't use unreliable cables

The cable that doesn’t work in WAN is the one that came with the new router

so use one that does work

is the Asus 4G-AC86U a good modem?

for 4g?

Yes

If you're not buying new kit or improving the physical conditions you're probably not going to get speed improvements.

What is the modem's model?
How are you connecting to the modem?

But yeah I'm not going to be able to say "Yeah here's your awesome 2x speed code", the best you can do is deal with physical factors if WiFi or 4G is involved.

You'd have to know somebody with a support contract willing to send you the file, or have faith in some random post online

Depends on your standards I guess, but it's definitely servicable for home use.

If it has a fan that might be annoying

Well in that case it'll do home stuff

For a homelab it's not going to teach you a lot you couldn't learn without it

It's seemingly a fairly basic managed switch, so you've got VLANs and some basic security features

If you want to learn those sure but you can do that in a virtual lab if that's all you wanted

Have fun

Recently moved and my office will not be able to have ethernet in it because it is an old house. That being said, the WIFI is pretty stong. I have a few smaller computers that do not have WIFI built in, is it possible to plug those into a router if I make it into and access point, wire those PCs in via ethernet, but connect via the router to the network over WIFI?

Some routers and ap's include option called client mode so you can connect endpoints to it or via switch

is it marketed as client mode if I were to try and look for one online? its basically a "reverse access point"

Most of the time it isnt marketed

But you can always use openwrt https://openwrt.org/docs/guide-user/network/openwrt_as_clientdevice

does openwrt work in place of firmware on a router or in addition to?

Fully open source replacement

I currently have a verizon router, is that an issue?

As a primary or one that you want to use for this?

primary. this wifi access point thing would be a router i buy

It shouldn't be an issue

If you want to buy a router preflashed with openwrt you can buy one of the gl.inet devices

I know mikrotik APs can do this

routerOS is kinda a mess tho

nah, router OS is as good as it can be

Anyone experienced with XDP eBPF?

powerful but an ugly mess

I prefer something like vyos

dont use winbox if you dont like it. I use ssh as well..

I don't mean the UI, the actual architecture

well, in price/performace mikrotik products are the best

like sometimes there's multiple ways to do one thing, or certain things are overly complicated

I haven't used it for a while now so I forget specifics

yeah

I got a CCR2004--.........XS

That's your opinion

Not everything needs to look like MacOS or a Linux terminal, I just need it to do what I want

THIS

Shit

Its 4:30 Am

Look what I said below, IDC what it visually looks like but the architecture is pretty crude and annoying to work with imo

So cisco is crude as well?

Cisco's is dreadful, and every vendor I've seen either rips that off or is home networking++

I like the vyatta style cli

Mikrotik rips it off. Right?

right?

Cisco/Bare Linux hybrid :P

I've certainly seen many worse

No

They do directory-style context sensitive

It's bloody annoying to script, I will say

That, i agree with

I find it really easy to setup what I want in vyos or edgeos, unlike routeros where I need to learn the details of the Linux stack and then there's like 3 different ways to do what I want

Copy run start is at least readable

Well, for firewalls, bsd with xdp/dpdk with a mellanox smartnic is good

NGL if I go > gigabit for home networking I've considered just going bare linux

But gn. My first class is fucking PE and its almost 5AM and Ill pass out in class

When I don't have to have VDSL anymore

FTTP for September 2025...

Counting the days

Ooooh - Running BGP?

No . I dont have an as

I had a networking exam on mikrotik in June

the only routers that my school has

i just bought 2 cisco AIR-CAP26021-E-K9 and i dont know how to config them. I go to the IP and nothing. Does it need a certian device ? like a special switch

You need a poe switch and a wireless controller or flash them to standalone

how do i flash them to stand alone?

i have a poe injector

Do they boot up?

they flash

There is a console port on the back

i have that plugged in

Do you get any logs?

how to i acsess them

Connect to that com port with putty

how do i know when its on

its just solid green now.

I've got an odd issue, my PC is locking up around the time of going to sleep while hooked up over wired LAN. My WiFi USB adapter was disconnecting me a lot so I hooked up a router setup as a repeater to get internet wirelessly off of that. How do I go about figuring this out?

Sometimes it's actually asleep and other times display is just off, power light isn't blinking like in sleep, but it just won't show anything on display so I force power off and turn it back on.

Without it wired to the router (the router setup as a repeater) it seems fine, even the WiFi adapter that keeps disconnecting intermittently, so it seems to just be a wired LAN issue.

i wouldn't even flash them to standalone tbh, the mobility express works well enough and is easy to use

well, i guess i need to check if 2602i's can run a mobility express firmware

i see they can only join ME controllers up to version 8.5

yeah they can't, so either you run them standalone (autonomous firmware image) or you connect them to an old controller

or you buy like an 1852i and setup mobility express (version 8.5 or lower) on it and connect them to that

Hmmm. I have a feeling that switch uses Java applets for the web UI. You’d be best to use the CLI for management

Ah

100 Mbit/s ethernet jacks on HDTVs should be a crime

it's cause it costs nothing

AT&T BGW620 Manual - https://manuals.plus/vantiva/bgw620-wi-fi-7-gateway-manual

has WiFi 7 and 2 10G ports

Eh, yes and no. Extremely few streaming services actually require more than 50mbps to function, so opting for a 10/100mbit port instead of a 10/100/1000mbit port can save the manufacturer let's say $5-$10 per TV. Multiply that by say 100,000 TVs sold, and they save $$$$$, allowing the TV itself to be cheaper for the consumer. To be clear, I also find it "annoying" but it does make sense from a manufacturing standpoint.

hey folks quick question does anyone have google fiber? I have a question about router settings

https://dontasktoask.com

yoooo ur so cool bro holy shit thats insane

having odd issues across all our wireless devices, random "Authentication failure" messages
in some cases it acts like the password's wrong, but we know it's right since the device had been connected only seconds ago
affected both a Technicolor CGM4331 and our TP-Link Archer AX3000

network is WPA3/WPA2

this has literally been driving me up a wall for months
doesn't matter if it's a fire tv, an iphone, a laptop, etc

there are no commonalities in wifi chip, hardware, or software between them, making me think it's a network issue

what's interesting is that when i made the network open, nothing could connect

all devices gave authentication failure messages

gigabit ports cost less than 5-10$, especially for manufacturers at scale.
Sure its cheaper. but the difference is much less.
And maybe im not streaming over the internet (even though the internet can saturate the port) but locally!

Have you tried doing wpa2 only?

yes, didn't fix it

To my understanding It's the other way around now and gigabit interfaces are actually more common and cheaper for new designs.

I understand it to be more a lack of desire to redesign the platforms around newer parts since that's been true. (Still saving money in the end I guess)

There is always crackheads selling modems/cpe that have no use after removal from original locations

not yet, only the tv controller chips new on the market after ~2020 have built in gigabit, and the older chips are still quite popular

Not just crackheads - mostly just normies who can't fucking read

i have been wondering for like 10 mins and google isnt any help. does it matter what orentation the wires are in a rj45 connector as long as there the same on each end ?

Yesn’t

Hey guys, I have a question about routing Ethernet. I'm planning on routing about 12-15 Cat 6a cables through my walls (concrete) which will all terminate in my room where they will connect to my network switch. I want to have them in conduit so that if in future I need to replace any of them I can pull a replacement through. But how would I do that though? What I'm most concerned with is the junction where all the cables will have to split off to go to their respective termination points, how do I make sure they don't get caught in a junction, as this junction will likely not be in an easy to reach area

Can you just bring the smurf tube into the back of the rack?

I'm sorry, I don't quite understand. What is a Smurf tube

Conduit

But flexible

And it looks like a smurf

It comes in all colours though

I see, but my issue isn't going to the switch. It's halfway between the switch and all the terminations where it branches apart. I don't really know how to explain

Do i get that from normal hardware stores? I can only find T splitters

They should have it.

If not a proper plumbing store will have them

I'll try that tomorrow then

thanks!

is there any cheap a'la-enterprise ethernet card worth of buying?

I need something that would restart immediately when restarted through control panel

so there won't be 10-second lag like with integrated realtek

Any ubiuiti pros out there? Looking to find a network switch that will access my router via wifi, thus connecting my non-wifi LAN only devices to the network

Just to be clear, you want a switch to be connected to a router via only wifi?

anything from the ui iw series

anyone know an easy way to find the main coax cable to use it to ethernet my house with bridges

wut
does not compute

🤣

im new to this stuff i may not be using the right terminology

@opal pagodamy house used to use coax cables for internet using ethernet bridges but now it has one cat 6 cable to get internet?

i want to reactivate the coax cables using this instead of wiring the whole house with cat6

isp probably installed a fiber modem (ont) on the exterior wall or in attic and ran wired ethernet to where you had router

the ting with those is that one pair is good but more you add the shittier it gets
it acts like a hub

yes they did its in my garage

ohhh ok

i wanted to use one to get my office upstairs wired

it sucks because it was working before until he cut something and installed the one cat 6 cable

installer might had removed some coupler in there

in the attic or something huh

do you know where all the coax lines go to?
like a communication panel?

might look something like this

no

its so bad at my house

i was going to buy something like this

tbh it might be easier, cheaper and more reliable in the future to just run a cat6 cable to your upstairs office

honestly yeah i was going this route or cat 6 one

cat 6 option was expensive only because of the 500ft wheel but way better

thanks for helping buddy!

you can buy it in smaller quantaties too
i know that stores here sell it by meter, 100m reel or 305m box

just dont get cables that are "CCA" which means copper clad aluminium
they are awfull as they easily break and arent technically in spec for any category cable

Hewo, Anyone able to recommend a good 10gig nic? As the asus one i have right now is only pulling in 3gig and i have gotten my isp to check my network and is 7gig up and 9gigs down

what router OS do y'all use?

Cisco iOS

so my router just went kaputs, any recomendations?

Hey any of y'all take the Comptia Net+? I scheduled my exam for the 2nd, any advice? I know its only somewhat relevant here sorry

Nothing special. Read the material, do practice tests, ideally try stuff in a lab or simulator.

If I have my Google TV connected via Ethernet, should I leave Wi-Fi enabled in case I need it for things that use wifi that aren't nececarilly the "internet connection"? Like i gues WiFi Direct if that's still a thing?

theres no need if your wifi and wired network are the same

I need some help im a avid gamer and wifi is everything i need good wifi isnt satellite (i live just barley outside the city) and cant find any wifi that works

internet service?

in the US: https://broadbandmap.fcc.gov/home

Im getting a "XHR Request time out" error in Luci openwrt
ive been trying to setup adgaurd home on my router and i need to put my adgaurdhome dns server into da router
but y am i getting da error??

?????

??

wtf

good looking switch for the price? looking for the 10 gig sfp+ primarily but the PoE is nice, saves me from getting another switch

honestly would like a 2.5 gig switch and use PoE+ injectors if needed because realistically the only thing i would power with PoE is an access point or 2

UniFi OS

Looks cheap, especially for PoE. As long as there's nothing wrong with them. the only annoyance might be noise (as I doubt it's fanless and the bearings would have a life of wear on them)

I have RouterOS, (involuntary) OpenWRT and an Ubuntu Linux VM doing routing in my house at the moment.

The day I can kill off the ISP router will be a happy one. 12-ish months to go.

I’m pretty sure it’s MSRP ~$300, but it’s old enough where it’s cheap as used enterprise gear

Yeah the fans are probably loud but they’re replaceable so I can change them to noctua ones

Sounds fine to me then

I'm seeing them retail for ~$2k

Oh I just realised the 10 gigabit ports need licenses to activate

That's bullshit actually

Yeah do keep in mind the 10 gigabit ports need extra licensing

I don't think this is $300 switch behavior

The cheaper ones tend to just give you what you paid for https://mikrotik.com/product/crs328_24p_4s_rm

And even they aren't $300 with PoE

Oh this is new

It's still not a home router UI but I'm sure it'll quell some of the whining about it looking like Windows 95

Noob Mode

Oh what the hell

Yep..they do..and it's hilarious.

The ports wouldn't even let me set different 1 gig speeds without licensing

It's like it locks you out of the speed command entirely

I had to find a 1gig speed that would link up on the switch on the other end instead.

so i just got new wifi but it cant reach to my room. im thinking about either getting a long ethernet cable or just get a wifi mesh system. i just want your opinions on what i should do

Mesh works well but remember if you want speed. Mesh back haul basically halves bandwidth for clients

You won't get gigabit with mesh with anything less than wifi 7 ap's

yea i know thats why i wanted to get ethernet and i also have 2 gigabit internet

You pay for 2gb and how much are you getting?

i wonder if this would work https://forums.servethehome.com/index.php?threads/brocade-icx-series-cheap-powerful-10gbe-40gbe-switching.21107/page-143#post-248899
cc @tribal sequoia

seems like its for the FCX series but there may be something that can make it work like that command

oh this can be used on the one i sent above

(from https://forums.servethehome.com/index.php?threads/brocade-icx-series-cheap-powerful-10gbe-40gbe-switching.21107/page-47#post-208624)

and apparently one of the fans is sufficient to cool it if you're not using much PoE, but i would likely swap with some noctuas

Hi, so my college dorm has its own authentication for the network (Secure W2) which only works for mainstream OSs, which means FireOS, SteamOS, even Android on Google pixels arent able to connect to the network.
I had an idea what if I created a WiFi hotspot with a Raspberry Pi, which would connect using wifi and then other deviced could connect to its hotspot using basic WPA2 credentials.

Now I have two questions:

• Which model of the RP would suffice
• If I were to run PiHole could that be done on the same RP and how would it work, would it be its own DNS?

I can go try to run it.

Don't forget to update past the stupid dual-mode firmware too

Can't stand the dual-mode functionality. It's silly to function like that.

what is dual mode?

You either set them where they're are access or trunk

Or "dual mode"

Which literally just means it now supports tagged and untagged VLANs lol

Access and trunk simply being either all VLANs on port are tagged

Or you set one VLAN to untagged.

ah ok

Yeah. It's like ok cool..but it's tedious for no reason in the CLI lol

You gotta enable dual mode set the dual mode native lan. But first remove it from any untagged vlan membership if it had one then add your tagged memberships

Later firmware you just don't have to run dual mode command. It doesn't exist. just the untagged vlan membership and you can tag to your hearts content

Why are you still using a supplied router?

yo, can anyone help me
my pcs wifi was fine but then it went from this to this

i would use ethernet but im in the basement, for now i want solution from inside the pc not add ons like another router

also my pc randomly disconnects from the wifi and to reconnect i have to click “get help” and from there click restart router, only way the internet works again

does anyone know a solution

if you have a circuit that runs upstairs at well you could try power line

can you elaborate

also another thing abt my situation, my ping goes from 8 to 130 to 20 to as seen here a wopping 1200

and my routers thingy is 1gb, although the router itself is bad i dont think thats whats causing these enormous spikes, maybe it is tho idk

bro wtf its back to 3 ping 256 download

how does it go from 1200 ping 0.3 download 0 upload to 3 ping 256 download 303 upload

Don't want to spend for anything better than the Smart Modem Gen 2 honestly

When I get FTTP I'll ditch it

Ah

They're quite good actually

I hope you're not on Telstra though...

Telstra just charges an ungodly non return fee for them

I have two of them and they have a habit of bootlooping if they lose power. They're mostly OK if left powered

Oh no not with Telstra

Good if you're on an unreliable connection

I prefer them to any cheap VDSL modem

I keep forgetting about FTTN, in that case they'd be one of the best you can get

what will happen if ISP only provide ipv6 and you connect your router with ipv4 connection support only. I have a prepaid router which uses sim to provide internet and it seems it only provide ipv6 address since if i directly connect on it via Ethernet Port and disable IPV6 it lose the internet connection .

I've never heard of an ISP offering only IPv6 and would put forward that it's likely a misconfiguration of some kind.

There are ways to make it work using translation gateways and the like but as an end user you'd be wanting to contact your ISP and ask for assistance

The real question is why do you want an IPv4 address

The ISP should be running NAT64/DNS64 meaning you'd be able to access IPv4 only services anyway

But yes just bother your ISP

honestly ive faced a similar issue with a client where he had a router that did dsl and had a lte backup but as long as that was enabled he couldnt acces ipv6

but isps are weird

You want an IPv4 address of some description for compatibility, but the ISP should be doing NAT and NAT64 anyways

Otherwise some stuff doesn't work properly

yea whats isps do and what they should do thats 2 worlds

I find most of them like to retain customers

my isp for example likes to f arround with peerings and other stuff so our ethernet is really weird and slow since the last few months as they are currently building out fiber here and also stopped peering with someone and idk its a 💩 storm rgnw

trying to put a router on the prepaid internet . It is not permanent since i would get a fibr line soon but just weird that for some reason my tplink router do not produce internet . Welp for now it works i just turn on IPTV/VLAN to internet for both port and put IPV6 setting to pass through . I think that solves the problem and router giving my pc an ipv6 address which idk why i have internet if i enable it lmao.

Thus it has something to do eith NAT? I have a setting that says what NAT to choose , a cone and the other one . I choose the cone since it is the recommended one

So if you don't get your own public IPv4 address the ISP should be giving you a "private" IPv4 address, the carrier does NAT from their pool of public IPs. As said... you'll want to ask them about why you're not getting an IPv4 address and how to fix that

I ❤️ CGNAT - For both on and off label uses

This. They should be doing NAT 6 to 4. And in like basically all cases they usually are

I'm sure there are some public NAT64 services out there

https://nat64.net/

Well there ya go

They had a big outage recently from a hurricane and I noticed one wireless ISP was handing out cgnat addresses instead of ipv6 on their 5g modems heh

For now everything works . Other than the signal and internet speed lmao . But yea

or probly not ipv6 /ipv4 related and might be DNS thing. after changing dns provider here . IPV4 now provides internet . Probly it is really dns problem lmao

is any body else also really struggeling with the vpn config for both OpenVPN and Wireguard in opnsense?

Which guide are you following ?

And are you trying to do standard “clients connect to my OPNsense to get access to my LAN” or something different /specialized ?

ive watched a few yt videos now and also looked at the opnsense Documentations and im just doing a basic vpn setup where you got one server and then just clients that are desktops

no site2site or other speicalties

hey someone here with some truenas scale knowledge?

or networking in general

No. We all know nothing about networking or TrueNAS Scale.

...Just ask your question. Either someone knows the answer or they don't.

Also this is kinda sad

wut the hell
1x1 enjoyer

this link really needs to be put in chanel description
https://dontasktoask.com/

It's not even big enough of an area to warrant not using the standard antennas, it's stupid

i would bet that better range would be achieved by using standard antenas that are angled properly

Maybe 25 meter radius tops

less than standard range haha

Didn't pay for the extra three antenna license 😛

I have problems with smb share on scale, and i have tried everything i can think of and what i could find on the internet. this issue begun many months ago and i cant figure it out. SMB shares are discoverable and seem to work except for auth. it asks for username and password then it accepts it but continous to ask a auth but now filled in with a microsoft account this happens 3 - 4 times, sometimes it also asks a certificate in between, and then is just says no connection possible
acl are set on both filesystem and share, now even with everyone access on both
and still it doesnt want to work
please someone help me bcs i need access to those files, and I already asked in here and other servers but no one wants to help me, im getting a bit desperate atm

now i have created new user with its home dir inside the shared dir and the auth worked flawwlessly but there are no files in there except some hidden files, so i think its the home dir of that new test user

sounds like windows issue (automatically using ms account for auth)
try looking for "sign in as other user" option

or check this

ive tried that many times, both

have you tried connecting with 2nd pc

i also cant connect using ios or mac

yes also windows with different ms acc

i think im prolly deleting that user and group and making a new one, but for now ill access it via the test user

the test user sadly didnt resolve the ios connection

tbh could be ios issue,
i cant access samba share (casa os) from ios but i can use web interface to access all my files so i didnt bother investigating it further

i used to be able to access it fine with ios

nvm now ios also works with the test user

so ill guess il go with that atm

What specific issue are you running into? Setting up the server ? A client? Connecting to Wg? Reaching LAN devices once on the VPN?

the issue is connecting to the server as im getting multiple errors depending on what i change in a attempt at debugging

What client OS/software and what error ?

client os is windows and the errors im seeing are the following taken from the opnsense log)

2024-09-29T16:00:40    Error    openvpn_server1     tls-crypt unwrap error: packet too short

2024-09-29T15:58:01    Warning    openvpn_client2     NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
2024-09-29T15:58:01    Warning    openvpn_client2     WARNING: No server certificate verification method has been enabled.  See http://openvpn.net/howto.html#mitm for more info.
2024-09-29T15:58:00    Notice    openvpn_client2     Restart pause, 1 second(s)
2024-09-29T15:58:00    Notice    openvpn_client2     SIGUSR1[soft,tls-error] received, process restarting
2024-09-29T15:58:00    Error    openvpn_client2     TLS Error: TLS handshake failed
2024-09-29T15:58:00    Error    openvpn_client2     TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity)
2024-09-29T15:57:48    Notice    openvpn_server1     MANAGEMENT: Client disconnected
2024-09-29T15:57:48    Notice    openvpn_server1     MANAGEMENT: CMD 'quit'
2024-09-29T15:57:48    Notice    openvpn_server1     MANAGEMENT: CMD 'status 2'
2024-09-29T15:57:47    Notice    openvpn_server1     MANAGEMENT: Client connected from /var/etc/openvpn/instance-48055be0-5e43-4c5b-8906-ba24416d829a.sock```

The “packet too short” message and TLS handshake failure make me think you didn’t give the client the --tls-crypt key-file parameter

tbh i just used the client exporter from opnsense i dont really know that much about opnvpn and when wanting to use the full archive so ssl cert with opnvpn config it would throw the following error when trying to import the config: static_key_parse_error

fuck ISP ONTs

https://www.fs.com/de-en/products/141199.html

the only question i have is: can XGS-PON (10Gbps) transceivers work with GPON (1Gbps) too?

I'm thinking no

oh they're different wavelengths

why are PON transceivers so expensive

they're pretty complicated on the inside compared to a regular SFP. They're sharing the segment of fiber with other devices, have to untag/tag VLANs, ect

can't you delegate that to the host

On the ISP side, we don't want to expose more of the network than the customer needs access to, so the CPE has to be able to do all that.

i mean yes but the transceiver is at my house, it's trivial. it's like client side form validation for websites

or like hiding stuff as html comments, like you're still sending it to me, i can see it if i go look

I'm not sure of all the fancy protocol behind the scenes stuff, but the provisioning is still done on the ISP side, so even if you clone your ONT, the OLT side will still only send the traffic that it's authorized to receive

well yeah, as expected, but then why make the transceiver do L2&L3 stuff when it could just be a MAC

It allows for more flexibility, so that I can untag a VLAN towards your router, so your router doesn't need to be vlan aware. Or split out one VLAN for internet, another for phone, IPTV, ect. ONTs can typically do this at wirespeed and meet pretty intensive RFC2544 testing

on the GPON networks I manage, I pushed for a pretty dumb L2/bridge only CPE so we can provide the same routers that we do for fixed wireless/cable/DSL. No performance difference compared to the normal SFP modules. It's pretty gross when fiber ISPs will just not give a working bridge mode option

^^ that is exactly why the managed xgspon transceivers with a little arm soc in them exist lol

delete your modem and use whatever firewall you want with it

aren't PONs supposed to be cheaper in general? where is the cost saving? on the PON switch?

the infrastructure

honestly I have gpon service and the ONT isn't a big deal, it's just a dumb box and gives me an ethernet output that goes to my router

no way its the dog of wisdom

@waxen scroll @peak cloak I changed up apartment network big time lol

Cisco Nexus N9K is the actual router now, Fortigate is just doing WAN Firewall and NAT duties

Wtf that's not going to be quiet

it is surprisingly quiet

the supermicro superserver 2u is louder than it

Wtf how

N9k is literally loudest thing in our dc, doesn't help that there are 2 of them

well i dont want 10GBase-T, it's power hungry and expensive

Not at that scale lol

a 10GBase-T SFP adapter is like €60

at that point i'm skipping the ONT

You can't just skip the ONT

i can

And how do you plan on doing that

1. get an ONU
2. call my ISP
3. profit

I have a feeling you're going to get stuck on steps two and three

here its required by law that ISPs allow you to ditch their box

Sounds like a shitty law

??? why

its great

"their box" is incredibly vague

it was a lawsuit between an org and an ISP, on having a custom DSL modem router when the ISP didn't want them to, they won and now all ISPs are required by law to help you set up your own thing. the judgement carried over to fiber too. the judgement said that literally as soon as the wire/fiber enters your house you should be allowed to use your own (compatible) gear

and the ISP is mandated to give you the "configuration options" to make it work

Ew

i don't see what's so bad about that

It just sounds like an absolute nightmare

i don't necessarily disagree

Their box as in router or just ONT?

It may just not be possible

both

like currently if you want (i know because i've seen it done), you can just get your own router with PON input and just use the ISP's box as a frisbee if you so wish

PON isn't a standard, every system is different

Unlike dociss

idk then, but i have seen it done

What I've seen done is getting an SFP module from ISP

that is also a thing yes

Still technically a box that's the ISPs/ISP required

Just in a much smaller form factor

yeah technically

I’m looking at you, Ubiquiti

Literally, it even runs Linux

You'd be very unlikely to get support from any ISP to have such a setup for a residential connection

The supermicro is louder

Getting 10G cards for the servers

For a full 10G network

All I need now is 10G private transit between home and apartment 😂

Run some guerrilla dark fibre

That’s like a 150mi fiber lol

Maybe not then

Rn it’s an IPsec on the fortigate site so site over gigabit WAN

Yeah, very rare

hi good sir . Running pihole in docker and trying to make it work with TL-WR820N but i cant for some reason ,. already added the dns on DHCP server .

figured . i just selected to only accept request from local or 1 hop away lmao . Also if i nslookup was able to see that i use my server IP where pihole is running .

very nice, soon you will need a CRAH

is this a legit lsi card?

what throws me off is fastpcb logo

be surprised if you get anywhere near 1g on a 40F, i guess without any inspection at all

Yeah I don’t do any of that