#networking

it took me like 6 years to fix ssl just not working now its giving this error. i have tried remaking the cert

Where did you get the certificate?

Your computer does not trust the authority that issued it. You didn't generate your own certificate, did you?

because ubnt doesnt make data center grade stuff

and wont for a while

Why no Tenda or Cudy >:(

They don't really make any "High Speed Data Center switches"

They have 48 port 25GbE switch, they call it a leaf switch
They CLEARLY make DC stuff /s
😛

get a certificate from letsencrypt or use cloudflare zero trust's tunnels - they're free

ok ok

for me to get static IP i need to be in Enterpise plan

Click certificate details and see if it is even using the correct cert

it is using the right certificate so i’m confused 😂

it has 100G on it. Whats the problem?

currently?
lack of features

and a managment port lmao

When is a switch whose job is only to move frames graduated to a data center switch? Why can't ubnt make a cut through switch with some 100g uplinks and call it a day?

@clear igloo ?

shrug because RGB?

How did they rgb fiber/sfps anyway?

it is graduated when it is proven reliable and has a proper support structure in place

Yeahh…I would not trust unifi for anything critical

I don’t even trust them in my home

Though I did make a Ubiquitree

I don't really get this as a reference platform https://www.tomshardware.com/networking/open-source-openwrt-one-router-released-at-usd89-hacker-friendly-device-sports-two-ethernet-ports-three-usb-ports-with-dual-band-wi-fi-6

Got my fiber installed yesterday, good guy, like 1000 feet of line and put it basically like I was hoping. He made it sound more delicate than I imagined. I was thinking it'd be like dealing with optical audio lines.

anything is brickable.

Like it's utterly unbalanced
1GB RAM
2*1.3ghz A55
1*2.5GbE, 1*1GbE
Wifi 6 3-chain

128MB flash, 1 m.2 2240

the 2.5GbE is good with the wifi 6

Hardware stability is irrelevant, I don't think 2.5gbe is achievable on a CPU that slow, then exactly one 2.5gbe interface so it's really just for the WiFi anyways

Gross

It's also 3-chain WiFi 6 so it's not going to surpass gigabit by much anyways

Would you guys go used on an AP device? I've got a POE connector but can't find an AP alone to save some money.

I'd rather 4x gigabit and a faster CPU tbh

I personally dont go used on anything, including cars

but thats a personal choice xD

Must be nice to have money to burn

just be a network eng

https://tenor.com/view/business-this-is-business-dollar-dollar-bills-money-gif-17723452229741746710

Look tbh usually not, I can often find good stuff cheap if I'm willing to accept certain tradeoffs

But if I got a fantastic deal on it like the dude here recently who got newish Cisco 4x4 WiFi 5 APs with decent firmware for $25/pop... maybe I would

What'd be best budget device on an AP I can put on the ceiling, already got a hole in my ceiling with my old AP that I can't secure anymore (says it locked but it's just open). 1 gig up and down anyways so probably no reason to bother with this old AP anymore anyways.

@pseudo blade move to america, probably a major city and you can roll in it. Hard to find neteng who are above NOC level

I've considered it more than once

ive heard AUS/UK salaries are tough

I'm doing pretty alright for Australia right now and work remotely for a US tech company
Certainly not US tech money but my cost of living is pretty good right this second and my pay is decent enough

we dont train new eng's here. we give those jobs to india and then wonder why its so hard to hire a senior

lol

...Without addressing anything in particular, let's see what happens with the industry in the next 6 months to a year

Perhaps I will re-evaluate then

Trust me I know, I see the same shit here and on top of that we have brain drain

It's especially funny when they pay bottom dollar even for india because getting the regional price difference alone isn't enough, has to be dirt cheap

Then of course their cheap "talent" leaves after a few months for something better

"talent" is right!

The smart ones don't work for 3 packing peanuts an hour

my job has a policy to not hire anyone for eng under senior level (in their career).

but at the same time, there are potential financial consequences for accidents that cause outages, so theres that

Cool, so you can compete for that narrowing pool of greybeards and whatever trickle of talent that pulls itself up by its bootstraps

I get why juniors aren't ideal for all work but that's why you hire people who are willing to accept that they've got stuff to learn, and perhaps ask before fucking up prod
If you're feeling exceptionally fancy make your systems require approvals from another engineer for stuff that actually matters

Here in Aus they don't actually pay more for that rarer talent then act gobsmacked when nobody worth talking to applies

Hello guys, is there any recommend software for hosting iscsi netboot server? I'm planing to provisioning the servers by ubuntu MaaS, pass the iscsi disk using Truenas Scale, is this an useable setup guys? If no then what is the "proper" way to do this?

We're (USA) starting to be forced to pay more because network eng is little by little starting to become a programming job

However you cant just slap a programmer in and call it good unless you also hire a neteng to help the programmer. So people with hybrid skills are needed

Yeah that's fun to ask of the seniors because most don't care to learn it

They dont. I try to advocate python/etc to coworkers and while theres interest, they never do it

and TBH its hard for a neteng to pick up with no prior programming experience

My ex-sysadmin and MSP coworkers are mystified about containers still

I used to mess with code when I was a kid so all I had to do was take those concepts and apply them to python and with a little uphill battle its working

Competent legacy sysadmins, but absolutely lost on containers and the like, may as well be magic

Same with Python or even Powershell sometimes

Python is going to cause other crisis within neteng world though

We had a guy build all this python while the other automation team members were doing ansible crap, then he quit

Uh oh.

Was it at least good Python with docs?

yeah but the automation team isnt doing python so you cant just start supporting it easily.

But I see this same scenario playing out at most companies.

A lot of very large companies simply do not automate anything

Outsource to reduce human cost, that is all

Thousands or tens of thousands of VMs of shit

Personally I still lean toward buying tools that are fully supported by another company. I prefer to make tools for myself that we dont depend on to run the place. Stuff like information collectors, config migrations for new hardware, etc

This has gotten very close to my actual job

So I'll leave that with agreement

when company spends over a year talking down to vendor that their internal automation is better and after a year they can't even deploy VRFs per switch pair

This customer is ansible and python, lol
They've got a good 10 people on automation full time

YIKES

Hey that can be good

we only have 3 full time and I am not happy with their system either lol

But it often isn't

Yah, we need to support 100 VRFs because they can only deploy fabric wide even though per pod of switches only 5 will be in use at a given time 🤣

They actually get annoyed that I go off using python for my tooling and skip ansible 😄

I have Python-based network automation tools for my now mostly defunct side business (targeting RouterOS sorry not sorry)

resume builder is resume builder
experience is experience 😄

I used it for automated provisioning and config+firmware management and enforcement

Last major script I made was like 1500 lines or something and I migrated 127 switches to a new platform. Made something like 18000 API calls with it. Saved at minimum 8 months of manual labor

Did they give you a pizza party at least? 😛

They do still owe me steak but I did make a significant amount of money in other ways.

Nice

I used 500 lines to update firmware, generate and push customised config based on deployment type and hardware type, tie it to a customer record

Printed labels for them too actually, that sucked to implement on Windows

Could plug 46 devices into a PoE switch and configure them like or in complementary configs

I uh... had to spit out up to 8 CSV files per switch pair migration, including device backups, script logs, etc

because @clear igloo 's platform is the worst

🤣

😛

8 CSVs per switch, yay

with ACI you have to send things to the API in a particular order

API all the things!

That sounds like it wants sqlite or something badly

for example, I cant just push all 8 files. I have to push one and wait for the new switches to become active, or it will reject the rest

if I did not have python, someone would have had to wrote those same 8 files by hand

each line in the CSV is one or more API calls. we did 18000

Neat

If you dont know, theres a tool called Postman that you can build API calls in and put variables in them. You can open a CSV with it and loop through it to send calls.

Yeah I've used postman

I tend to just write my own clients though

It's a shame they made it cloud. I cant use the new versions anymore because of it

wtf, cloud only? that's dumb

https://www.postman.com/pricing/

Make sense now?

Yeah and they force you to store the info in collections into the cloud

I cant do that. It's secret data

No thanks

Yup, I'll find something else, lol

Seriously just writing your own isn't that hard if you're using Python anyways

I spoke with someone very important in the cisco automation team and even they had no solution to this postman thing. There are tools like it, but theres nothing like postmans features.

Even on top of something basic like requests

Usually it's just "get a bearer token using creds > use token" especially if postman worked for it

The only exception is the garbage custom nonsense I saw on Technicolor consumer routers where they do dumb time-specific mutations on it for every request
Spent several hours on that, got close but eventually decided I'd honestly rather do without or buy a better router than deal with it for a single minute longer

Arista propoganda

Not really, it's pulled from Gartner iirc

talking about routers in development, for some reason i keep watching videos of this guy 😄 https://www.youtube.com/watch?v=06qrssJ2RQs

its a little sus that they put "non blade switch" in there

DC uses a lot of blades

I know we're moving to fixed due to too many issues on cisco blades, but I feel like most people arent?

We're gonna do a 4 spine model and just replace entire switches the second they have a problem

@clear igloo tired of the business going "wait a minute, if you take one down for maintenance its not redundant anymore. What if..."

Cloud providers do small scale pods where 64 port switches are the spines

the second they get scared over one down, it can mean hours of BS tacked onto the window with a lot more approvals and traffic flips

yah, 4x spines is usually what I see

NGL I have done spines while telling the business no impact lolol

👀

lol, nice

Swaps and even hardware model upgrades

5G mmWave is amazing

Smooth maintenance modes are why I do like ACI. All I do is click a button

yah, hitless or super small blips are great

am emilly

Mfw mine is 200 mbps slower :(

But again it's wireless so eh

Eh?

#FibreIsFaster and all but that’s still really fucking cool for somewhere in the sticks

only thing is...
mmwave isnt deployed in the sticks

This is mmWave in the sticks

https://ui.com/us/en/wifi/enterprise Ubiquiti announced their Enterprise WiFi 7 lineup.

$500 for e7 damn

Hey, with fiber if my download is testing at over 1Gig, and supposed to be the same upload, there's no reason the upload would be different from like a damaged cable, right? It's the same cable as I understand it?

Hello,
my friend told me that HexOS "launched" and it's on a deal.

I want to migrate from Synology to a DIY NAS/server.

Is it true that HexOS is basically only a skin and you can access TrueNAS settings?

Apparently docker isn't supported yet and while searching I found TrueNAS doesn't support docker also?

They use TrueNAS Scale under the hood, so it supports docker just fine. HexOS only allows curated apps on their page, so you'll have to go through the truenas webui to add your own containers

I am a tinkerer. I like to mess with my hardware and the software it runs... So HexOS is probably not for me?

The reason I want to migrate from Syno is that their approach is very Apple-like.
You will be a good little boy, take this shitty "update" and like it

They are removing or worsening features. The most egregious that broke the camel's back for me was removal of SMART data from GUI. You will have "Good"/"Bad" and be happy about it.

I just saw that rackmounted models from some new update are unable to format their storage pools as EXT4. I use BTRFS, but what the actual fck, Syno?
If they do this, oh god what will come next

But is it true that Docker is not supported on TrueNAS?

No

That's the first thing I answered

Oh, lmao I read it then forgot. Sorry, rough day.

Then idk why people on Reddit kept saying it

It's cause TrueNAS that's based on FreeBSD doesn't support it. What HexOS uses is TrueNAS SCALE

Which does support docker

I believe docker support is still in beta

Here is one of the examples:

Oooh, is Scale free?

I basically rely on Docker support and didn't even think that TrueNAS or other options would have issues with it.

Yes it is

TrueNAS even has an option in the dashboard to migrate to scale iirc

But you'll lose your jails and freebsd-specific stuff

So is Scale like Windows XP Service Pack in a sense?

No, it's like upgrading to windows 7

No idea what that is

Best of luck o7, deploy and see what goes wrong 😂

Oh god xd maybe I AM the target group for HexOS

Nah, 100€ seems steep for something I can't really see what it is and didn't even have the chance to play with TrueNAS

Hopefully I won't regret it like the rest lifetime licenses that I bailed on

HexOS would probably be under the GPL

To answer that random person

I mean, I know my way around TrueNAS for the most part, but I still would prefer if HexOS achieves their goal

eeeey, TopLime...didnt we talk about AIO like one or two days back?

We talked about something

Not an AIO but definitely something

Syno left bad taste in my mouth as I bought it for the same reason... it will be simplified, but you can always tinker with it if you so desire. Nope.

Database for household and/or collectibles.

Ah yes

is the first one accusing truenas of copying docker support from hexos and the second one says truenas devs arent aware of hexos or what am i reading there?

🤨

well there is one more option, but it is beta and who knows if it will stay free https://www.youtube.com/watch?v=SO6_auomzZg

i mean their docker support looks pretty nice

(but some people in comments claim updates delete their stuff, so 🤷‍♂️ )

I was joking. I think I'd be more comfortable in an unforgiving pile of settings then restricted "nice* ones

personally i use OpenMediaVault, cause in the end, it is just Debian with extra GUI. And Docker in it is just Docker 😄

but if Zima will get their system good enough, i can imagine myself putting ZimaOS on some stuff (for family members) instead of OMV

I have OMV, too on my other NAS. However I hate it, but I think that's because of the hardware more than software.

For example restart doesn't boot the NAS back up. I have to unplug and replug PSU

yeah, that sounds HW or Linux compatibility. I mean i remember how power down on some Intel NUCs consistently ended in reboot for example

Fuck ZimaOS

The developers of this (IceWhale) are a massive bunch of assholes

their little SBCs they made, they have issues and if you try to talk about it, you get banned on the discord

they wont honor warranties

and people havent gotten their products in some cases

it is quite easy to use, just go on store and click install
what it is lacking is nas features like zfs/raid but that can be solved with this https://www.youtube.com/watch?v=UWlrodHF1EE

I have finally delved into the ubiquiti lifestyle

Lmao

Say they launched it on Kickstarter and it's the perfect cocktail of sh*t

they did

and it is.

lmao, c-c-comboo

Ok so this piece of shit right here

That pcie slot has major issues with stability and power.

Ooooh, I saw that somewhere I swear.

Yes you prob have

its x86

its also "Open Source"

At least it's a good looking paperweight if anything

Yeah no it aint, the firmware is not. In fact its using a stolen copy of AMi.

Or it was

lastly the fucking RAM

that shit will die on you out of nowhere

it flexes so badly under the heat

issues.... after issues...

these are all different people btw

oh yeah and it has eMMC onboard

so uh

good luck with that lol

if you have a swap file on that emmc its dead in days

https://github.com/IceWhaleTech/CasaOS/issues/1924 Oh yeah and this

eMMC can have wear levelling and be reliable, it's just that it happens to cost money to make it so

I have been hitting a wall with accessing my NAS, mostly plex, through external network, due to the fact that my ISP doesn't give out public IPs, and even if I ask for a public IP, it'll take tedious application process and wait a month or two, AND it'll not be a static IP, I'm wondering if there's a way to do it without a public IP

I've tried tailscale, but it's soooo slow since it has to go through the relay servers

Pay for a real world routable IPv4 address

Or use IPv6

as in a public IP? I would more than happy to do that, but my ISP doesn't do that. You can apply, but like I said it'll take a lotta paperwork and about 2 months, but I'm moving soon and the IP you get would change all the time

Change ISP

Or use IPv6

I'm trying to get IPv6 from them, so let's see how that goes

I doubt it would change all the time

It should actually be faster than that.

They'd give you a sticky IP

Way faster. I doubt they sit on that. In fact it should be a package

something you pay for

it's what I was told by their tech person

$5-10/month

I'm in China lol

DDNS solves your IP changing problem anyway

heh oof

ya, IP changing is not a huge issue tbh

Most likely they are just covering their ass for if your IP changes in a couple months

it's the application, also I'm moving next year, so it just doesn't seem worth it to go through that 2 month process lol

Fill out paperwork, wait

EZPZ

my theory is that there just isn't enough public IPs

well, I can't bring this line with me, so this is gonna be a waste

Well duh

But that's not the reason why your IP would change

but i was told it could change every single day

Ah

DDNS

ya, DDNS would solve this issue

I'm waiting for IPv6 to be enabled on my line

Stop complaining and take action :p

and see if that would change anything

You've spent more of your life contemplating than it would take to just do the darn application :p

lolllll. I'm just trying to see if there are other options haha

I think most people do the same thing lol

I certainly do

hahahaha, I'm not here for therapy!!!

but you are right

I'll see if IPv6 does the trick, if not, I'm just gonna go through the process after I move

I'll be fine without that for a few more months

if I could bring the line with me, then i'll just do it now, but landlord provided the line so I can't move with it

anyway

thank you for the help!

No worries

I used Wireguard with NAT on an AWS Lightsail instance to expose stuff for a while. Cost me US$3.50 a month for 500GB of bandwidth though now they charge $5 for it with IPv4

1TB in the US but I'm in Australia so less value for money

Because Telstra says fuck you*

Yes

The thing about the ISPs in China is that not only is it not public IP, they also block the common ports...

Oh you're in China?

yup lol

I have tried wireguard and nada, maybe I did something wrong, I'm not super knowledged in this

That's not insurmountable but you'd need to use Alibaba cloud or something so you don't accidentally bypass the GFW

Wouldn't want that now

hahahaha

I have my vpn on all the time

I think they may have already accidentally done that

Whoops!

the GFW isn't really a concern

Nah they're just typing on a computer in another country with very long arms

but even just for speed and pings I would use alibaba anyway, otherwise there's no point, unless other providers have nodes in China

good one hahahahaaaaaa

AWS and Azure have regions in China

so I guess I don't necessarily need a public IP as long as I can get wireguard working?

If they fingerprint and block wireguard by fingerprint to in-region VPSes (idk why they'd do that) your options include SSTP or OpenVPN, probably the former

Tragically in TCP mode

would this all happen on the router or the NAS？

this is the part where I get very confused

Probably that'd need a Pi/similar or containers if you went that route

Unless you have an unusually snazzy router or NAS

My NAS is unraid

I have an asus router that I flashed a moded rom to install plugins

I guess the NAS counts, Merlin (I presume) maybe but idk

neato

It's basically Merlin but not really Merlin

someone's got a ubiquiti!

Why are you double NATed

im currently using my old router as my parents dont wanna bring down the network rn

Lol

so im just testing rn

Image compression on the preview's done wonders on that
Syslem uplime

i gotta say, i love the ui and setup process

yucky

Yucky UBNT

:p

Mine's an even uglier double NAT

i just gotta get an AP

My Mikrotik doesn't have WiFi so I have my network passing from a Smart Modem Gen 2 with DHCP off to a Mikrotik, then back on a different subnet on the same L2 to use it as an AP

was thinking the u6 lite

as i doubt ill ever need wifi 7

and its dead cheap atm

actually, would tailscale + a server as relay be easier?

Depends on if the relay servers are blocked by the GFW

let's say it's alibaba

would I still need NAT？

No Tailscale uses their own cloudy relays

Which I don't think exist in China

you can setup your own as well

I guess

But at that point use Wireguard

haha ok

But yeah probably the piece you missed was enabling routing on your kernel

Or incorrect subnetting

I actually do not remember how I set it up, I was literally following a tutorial

I am incredibly confused by all this tbh

especially after doing research for a while

my brain is melting

Yeah it's weird until you get your head around it

Then it's easy

mostly I‘m not sure If I set it up on the NAS, do I need to do anything on my router

if I don't, how does that even make sense

(in my brain anyway)

You don't actually, as long as it can send data to your VPS, traffic can come back for a while

Interesting

this is more helpful explanation than all the videos I watched/forums I read

Wireguard is connectionless so it won't be forever and you should use keepalives every minute or so, but otherwise traffic can pass bidirectionally once it reaches out

omg, one more thing

what's keepalives?

"This feature may be specified by adding the PersistentKeepalive = field to a peer in the configuration file"
https://www.wireguard.com/quickstart/#:~:text=This feature may be specified by adding the PersistentKeepalive %3D field to a peer in the configuration file

Sends a little "hello" packet occasionally

DERP, are they trolling with this name? lol

thank you!

So the networking equipment in between remembers you're there and want responses

ok, ya that makes sense

I'd say that's a given lol

"you still there?" "yes, yes, please keep on the line thank you"

Yep

love it hahahh

Glad I could help

Thank you so much

and time to fuck around and find out again

That's how you learn

absolutely

The wireguard guide I linked is pretty good at explaining wireguard

I'm literally just 30% better than a complete newbie, if that

But wg-quick is a bit neater and handles ip config for you

The guide also mentions and links to the wq-quick reference

I‘m basically trying to find a solution that's not gonna make me bang my head to the wall, again...

I will definitely go through the guide and figure our what's what

But the wg doc itself isn't bad if you can put up with setting up the IP config yourself as it guides you to

so basically set up wg in NAS, enable NAT in router?

and have wg talk to a cloud server

and my UDM pro max is fully deployed

using my old router as a AP until i buy a unifi one

i am double NATed just by connecting to my ISP LOL (because IPv6 DS-Lite is one NAT, and ISP router is another NAT. Technically i am tripple NATed, cause i have my own router behind the ISP router to provide services for my network

ew

NAT for days!

if i bond two half duplex links together
will it be near-full duplex?

my homelab is a laptop that doesn't have an ether port, so i got a usb-ethernet adapter, turns out it's half duplex
wondering if i get another half duplex usb-ethernet and combine it in a bond interface, it would perform near-duplex

And your switch supports LACP?

https://tenor.com/view/doubt-press-x-la-noire-meme-x-button-gif-19259237

Oh right

No

That said the literal first USB ethernet adapter I found on Amazon was full duplex https://amzn.asia/d/a7McD3Q

Wait that's what i have

Supports Full and Half duplex operating modes;
Oh

sudo ethtool -s enp4s0f3u1c2 duplex full
netlink error: Operation not supported
``` do i need to turn of the link first or something?

nvm got it

i can't avoid the IPv6 DS-Lite CG-NAT or the ISP router NAT. And because ISP router has zero configuration options (literally just DHCP range, wifi network stuff, IPv4 reservation, IPv6 firewall stuff), for even as simple thing as using custom DHCP server or custom DNS i have to put my own router behind it

WiFi 8 is 802.11bn? I'm sure that will never confuse anyone at all...

Oh god

They did it

802.11b/g/n/ac/ax/be/bn is how you are supposed to label it

but yeah people are gonna see bn and think 802.11b/n

i look forward to people who actually have 802.11a/b compatible hardware still and will have bn compatible hardware 😄

does new HW even supports 802.11 a/b ?

@waxen scroll @clear igloo I love 2.4GHz

everything is setup

although the access point is on order

so i have to use my old router as an AP temporarily

GbE smart bulb :p

Can I disable NAT on a UDM?

What do you want to do

https://en.wikipedia.org/wiki/XY_problem

I want to have 20 odd routers on the same subnet/private IP all routing to a main router

Once again, XY problem

What are you trying to accomplish

I'm trying to send/recieve data all to one point without requiring a VPN basically. All the connections are seperate but tunneling in the same VRF

Still not really saying what problem you're trying to solve but oh well lol

There is no problem, I'm just wondering if UDM supports having No NAT, need a better router than a netcomm lol

I would assume no

fuck me. had a power outage today and now the login page won't open for the NAS...

I'm back in. I am blaming me toying around with tailscale lol

uh prob a stupid question
can you actually disable modem's NAT and set mode to bridge and assign the public iP directly to a device? (if you got static public ip)

i think you might need 2 ip's?

decided to just do try it

nope doesn't work

Anyone here familiar with AWS and can let me know if they see anything wrong with this architecture. Its for a school project with these requirements

Yeah, enterprise is moving back to on prem for non customer facing needs. This sounds like an in house need so you should ditch cloud for on prem to cost optimize

@rocky badge muh colo

I assume this is a response to me, not sure though, but if it is, this is for a project in school where I need to use AWS, if AWS wasn't a requirement I am quite confident I could use a raspberry PI and accomplish something very similar to what it wants me to do in a day

I'm planning on getting a 4g/5g backup connection because lately the office fiber connection disconnects from time to time when ppl are having a video conferance and such, for one would that even help - I mean if the switch over to 4g takes a while then the fiber might just as well reconnect in that time and then what would be the easiest way of doing that? Perhaps putting a raspberry pi running open wrt with a 4g modem set between the the fiber modem and the main switch?

Properly installed Fiber connections shouldn't drop during a mere video call. I would resolve that first.

what is a pppoe connection and how can i access my home newtork if i have a pppoe connection, all of the ports are blocked i cant do anything

we are on the edge of ww3 blowing up with many connections getting cut all the time by russians and now even chinese not to mention all the belorusian cyberattacks

from time to time there is some issue on the providers side so I could use a different provider over 4g, btw since the Ukrainian war has blown up these issues are pretty much normal everywhere in my area it's not the issue of my fiber connection, living next to a major NATO base might also be a factor in the sabotage lol

If the fibre only drops out for less than a couple seconds it may be worth looking into WAN smoothing

Not sure if there are any cheap-ish solutions out there though

https://datatracker.ietf.org/doc/html/rfc6330

idk where to put this problem / workaround but its about internet so i am js gonna do it here so bascily i live in dorms which have bad zone for wifi / ethernet and the dorms internet public use is 4-5x better if not more and there is problem with me using it i can use it get on games every time i do it just goes high ping is there way ti bypass or do somthing abt it and i tried vpn it js makse the internet worse as u would think

ping me im ready to hear any thoughts

My experience with Lambda+DynamoDB is that it can be used fairly cheaply or free for a student thingy but scaling is stupidly expensive.
Probably your ask would have done better in #development than here tbh but meh whatever
Recommendation for projects with real-world potential would be to put a layer between application logic and data access so that if you ever wanted to chuck away DynamoDB and S3 you can just add different storage backend options. For Agricultural IoT none of it's necessary and edge processing onsite is vastly more appealing. Lambda is super easy to rip out and replace with a boring old monolith or CGI-type handler even without foresight but proper planning makes it easier to work with the result.

If it has no real-world potential, just optimise for no cost+looking good for marks and don't generate a ton of data for the free tier DynamoDB allocation to need to operate over because it's very slow on 25 WCUs or whatever it is they give you free

if this was real world, id imagine something like a network connected multi sensor humidity, temperature, and soil content that spits data out to some digital signage or something, but honestly thats probably overkill and most farmers don't care and know just by looking at it

I watched a team of developers proudly roll out an architecture like yours for monitoring wireless routers at a company I worked for and the costings for per-minute polling worked out to $5/month of amazon fees per device

Just the scaling costs, not the fixed ones

yeah, unfortunatly i only picked this one as I am interested in weird IoT solutions

and I think thats gonna come back to haunt me soon

I've yet to see an actual use case for that pattern despite how much Amazon pushes it

It's just awful to work with when the costs show up

You'll see if you push it even a tiny bit :P

doesn't help that this assignment was assigned last week when we were all gone from school, and is due next week, my teacher is gone all week, and most of the lab tutors don't know what they are doing in AWS

If the task is to use AWS, use EC2

sqlite(or postgres if you're feeling fancy) and a monolith

https://docs.aws.amazon.com/iot/latest/developerguide/creating-a-virtual-thing.html yeah, I found this which allows me to use EC2 to simulate a IoT device for IoT core

No I mean run your application on ec2

Device simulation can be done on whatever really
Write a silly little client and run it on the same box if you want

thered be nothing stopping me then from just running it all in lambda, using some form of rng to send out notifications every minute or something then either lol

I guess generating random events in requests is an alright use for Lambda, at least it wouldn't cost much at scale=1 and a moderate frequency

it'd generally cost nothing

I just can't ask clarifying questions because my teacher hasn't responded to me because they are gone for the week yet, and it does specify core resources in the assignment

My advice is: Do what you have to do. Do not do what you don't have to do

Find that out as fast as possible

In the interim no matter what tech you're using some of the planning will suit any case so do that

yup, I understand how I should do it given what what it wants me to do, just that what it wants me to do is really dumb

@waxen scroll @clear igloo

never change lol

how bad would it be to daisy chain one unmanaged network switch to another?

@copper ginkgo it's not a problem at all. I believe there are some caveats but for the most part that shouldn't be an issue at all.

alright—i've got this problem where we're upgrading to fibre, meaning the modem will likely no longer be in my bedroom and i'll need a single MoCA adapter to cover 4 devices in my bedroom and 5 devices in the next room over

As long as you're getting a decent enough connection through the MoCA, there shouldn't be an issue.

can the other ports on the fibre terminal be used by other devices, or does everything need to go to the modem?

wdym

show a picture

hasn't been installed yet but i've been looking at my new ISP's documentation

can those DATA/LAN ports be used by, say, my NAS? the stock modem only comes with one 2.5G port

No, everything must go through your home router

thought so

Those extra ports are for more services, and there is an ATA built into the ONT for phone services

...actually looking at the images it might have more than one

yeah everything to router

i was looking at the model they had on display in-store but looking online i see a different rear I/O

your router is the "start" of you network that you control

that looks like an actual router

looks like one of those combo units with ONT and router combines

it is

the only name i can find it under is the "arcadyan telus wi-fi hub"

nice of it to have a MoCA jack tho since we already use that in the house

this one might just have all 2.5G ports idk

i guess i'll have to ask the technician on installation day

I love me the Nokia ones

when you buy the Alcatel branded stuff from china, it comes without english 😦

i'm hoping we get a nokia one

whos your ISP

switching from shaw to telus

sorry about the late reply lol

Did they offer 10G in your area

Or only 1G

previously telus only offered 150M symmetrical; they did a fibre installation on our street earlier this year and now the highest they offer is 3G symmetrical with FTTH

shaw currently offers up to 2G asymmetrical with FTTN

they're the only two ISPs in the neighbourhood

shaw previously had the obvious advantage but telus completely flipped that once they did the fibre installation

Well really they’re both Nokia ones 😉

So I'm in China, the ISPs here have been using modem and router 2in1 machines for years now since fiber became a thing, the extra ports are basically like the ports on a normal router. Ours also have wifi built in as well.

so most people just use that for everything

but if you want to tinker around, it's probably better to get a dedicated router to plug into it and run everything off of the router, especially if you heavily rely on wifi cause the wifi on these devices are not great (as far as the ones here in China go)

Not the case for @copper ginkgo though

Those combo ONT routers are neat. We use TP-Link ones for MDUs and they work great

The images he sent looked like the combo ones tho.

They aren't

Only this one is

The Nokia and ALE units aren't

No, those ports are used for seperate services

Alcatel has LAN 1-4, so I thought it is

Or sometimes not at all

oh interesting

Sometimes they are also used for multicast pay TV

I mean, some of ours are also for TV too, but those ports are separate

and wouldn't be labelled LAN

I highly doubt they're labelled LAN in real life

it's so interesting to see the differences haha

hmmmm

These are similar Nokia/ALE ONTs that have been slightly modified

Much older model though

oh interesting!

I mean, I opted for the modem to be bridge and use PPPoE on my router

I have more control that's all. cause the system is pretty much fully locked on the fiber ONTs here

Hello optical NTD

RIP UNI-V

Yeah that's an old school one

'Twas a shit ATA anyway

Everyone did voip on the gateway instead

As they should have

It is VoIP

They just did it on the router

oh hello VoIP

Yes yes clarified

Telstra used it for USO/USG I'm pretty sure because it was cheaper than a 12/1 AVC

networking is so interesting yet I wanna bang my head in when I'm trying to do something with it

Why pay NBN co for the service when running your own isn't hard or expensive at ISP scale

you in aus?

Yes

ah nice.

Telstra uses whatever they call their 4G version of NGWL for USO/USG services now

I'm so lost now

(Universal Service Obligation)

thank you, even tho I still don't know what it actually means lol

Telstra is obligated to ensure all Australians can access telephony services

btw, do your ISPs block ports 80 and 443?

Telstra is obligated to provide every premises in Australia with access to a basic phone service if requested

now that's uncanny

Yes by default

oh interesting

I mean, they do it here too

And they also use Starlink to deliver that service in some areas

ah, hence reverse proxy exists

Which had a very rocky start and just wasn't working for most customers

I set 80 and 443 to unblocked on my Aussie Broadband service but it doesn't actually unblock them

It's very annoying

till this day, I still haven't figured out how to get around that

You would just have to call them

I know

maybe I'm just not cut out for networking stuff like that. cause even tho I can understand some of it, most of it I'm just following tutorials...

Nobody gets good at this overnight

I've been at it for a long while now lol

FYI they probably don't block those ports on IPv6

i'll be going at it for weeks, and then give up, and then going back at it again

I'm trying to use them on v4

I know, I was just suggesting a quick fix since you don't want to contact them :)

It's really frustrating here, because you cannot ask them unblock 80 and 443

Tunnel and NAT

and it's not even a public IP

That's very common now

CGNAT saves on expensive ipv4 addresses

Hooray for CGNAT

CGNAT, ugh

I am paying a price premium to not use cgnat

but at least we can have internet access

I wish I could just pay for it

But I have double NAT anyways until FTTP comes

They're trenching it through the far side of the park near me

But I want it now...

Roadmap says I get next September despite its cruel proximity

I feel like I need to do a degree on all of this to understand lol

oh that's the worst, you can see it, and you can't get it

Pretty 🤩

I can stand at my driveway and could (with practice) throw a ball at the window of a house that's had fttp service for a year

It's cruelty

I feel your pain...

Whats funny with china is that China uses EPON

So this means the ONT's can acutally easily function as a "Switch/Router" without extra stuff on top

EPON is just Ethernet over Fiber. Its directly translated into a standard ethernet packet

I had 1G connection, and I moved into a new place in 2022, and then I was told the ports on my floor are already full.

GPON however does its own thing

50mbps and that is all

In 2024

25Mbps is all you'll ever need

yup. I don't quite know the theory behind EPON and GPON tho.

EPON is literally just ethernet encapsulation of the data over the fiber

Can't pay for more, and when I will be able to it'll be too expensive for me to bother bar that my work pays for $250USD/mo of services

I have 500mbps, but lord knows with the network situation here, do I actually have 500mbps

Better, sooner, cheaper

GPON however does its own encapsulation. GPON allows for other protocols to be encapsulated in it

Such as voice data

Worse, in no less time, twice as expensively

Not just IP data

But there is a cost to this, there is extra processing that happens

Gotcha. thanks!

$250USD/month would be like 500/500 Low CoS Telstra EA

I don't get it lol

So technically...

https://www.smh.com.au/technology/is-25-mbps-enough-for-the-future-20130410-2hkcv.html

I live in whatever level 3 service area and can get nothing

GPON is heavily used for TDM (Telephony) networks, so its actually easier here in the US to continue to use that technology for the residential and commercial data

Telstra EA has different zoning to EE

Lastly, EPON is cheapr than GPON

Nobody will talk to me about anything but 50mbps fttn

I've tried

well, he also ate a raw onion on tv, so...

I want to spend the company money but no

I think GPON uses something called GEM frames..

yeah

I ran 5G for speed for a bit but I was using too much data for it to be possible

Can't get res 5G

This is actually more correct. POTS and TDM is wrong on that one above

So data plans only

I feel like China's network, be it ethernet or fibre or data, they are all a bit different to the rest of the world

yes

EPON was easy to deploy for china due to density and need for it to be cheap.

China also has many other standards of its own

Because when I was in the US at my friends' places, their technical speed is much lower than 1000mbps, but the actual speed is MUCH faster than my home network in China

Latency probably

Even this house in the middle of nowhere is route 1 for Telstra EA w/ zero build cost

You use a foreign VPN

Oh I'm not talking about VPN speeds

just the overall experience is quite different

In the west we use something called ONVIF for Security camera protocol spec.
China has GB/T 28181.
This is a fun one because it is kinda based on ONVIF but its a REQUIRED standard in china for security cameras and has means to allow law enforcement to interface with it.

however, in my last place, I got FTTP 1G, and over ethernet cabel, I was doing 100MB/s downloads on steam.

hahaha I'm not surprised lol

Meanwhile CALEA exists in the west

and the NSA

Yes I know this one well. I have to actually interface with law enforcement about this seeing as I work in telephony

It's not that unusual even if I don't like invasions of privacy of any kind

Fun fact: we are able to use the traceback tools ourselves if need be.

Well yeah

You control the hardware

I've given up on the whole privacy thing.

Well its not just about controlling the hardware

not because I'm from China, but just, i've always had the idea that if they REALLY REALLY wanna know, they will know

You see, the traceback shows you the entire call flow. I only control one piece of that. I have carriers on both sides of the call I cant actually see data on

because it exits my network after i process it

Makes sense to me

Even this is only route 2, only ~$800/month for 200/200 Low CoS w/ zero build cost

With something like the ITG tool, you can see all the carriers that call crossed

The Telstra fibre network is very impressive

Only $800/month...

for internet???? $800???

Oh you silly sausage

You're in the middle of nowhere...

I don't have that kind of money

how many of us have that kind of money lol

Linus does

I know, but my point is almost all premises are route 1, which is quite affordable if you're desperate

If I had an $800/mo internet budget I wouldn't live rural

That's with quite a markup, the tail is only about $500/month

It's also offensively bad value for money

Not really...

Have you tried to run fibre there?

Does Starlink get 200/200 with an SLA?

Their costs are not my problem
It's bad value

that's still CRAZY

wait 200/200 means 200mbps?

If they're running fiber for that money they should be giving me 10 gigabit

Not really...

At a minimum

You can get 10 gig

Not much more

I guess I'll really have to get used to internet prices in the west.

For some reason I no longer trust your concept of "not much" :P

Just Australia.

it's generally 3000rmb a year for a 1G connection here, which is about 400usd

~$2000/month for a tail to Sydney

From the middle of nowhere

It's an enterprise service with an SLA and is in the middle of nowhere

That does not make it good value

and this plan comes with 5 lines of phone numbers with unlimited data

If you need it, it's great value.

Cheaper than EE (which is outrageous for 10gig) and cheaper than even Starlink of an equivalent class

Also Telstra support and service sucks because they have incumbent syndrome

Eh not really

Telstra Wholesale is pretty responsive

Other than for TEBA

They will take weeks for TEBA

Wholesale won't give me the time of day

I feel like you guys are talking about different things now

Kinda

one is talking about wholesale/enterprise, one is talking about home networking

Well not really home networking, it's for business

ohhhh gotcha

Just to a home office

But that doesn't mean I have an enterprise budget

None of these services I've talked about are residential services

I'm not running a typical home network setup

is it really THAT strict that you cannot use residential/home services for your home office since it's technically a business?

MLL is where it gets real pricey

No nearly every small business uses residential services

ohhhh ok

Nope, if you're willing to pay, you can get it

got it.

Even medium-size businesses use residential-grade services here

I actually got numbers for this a couple weeks ago

Enterprise/real business grade is stupidly expensive for most smaller businesses

agreed

91% of small businesses are on TC4 AVCs

I had to help set up my last company's new office's network stuff, and that was the first time I ever got to know the enterprise side of things, OOOFFFF

Yeah that lines up

And I doubt many pay for an eSLA

it's stupidly expensive for nothing really

A company I was dealing with recently has hundreds of TC4 services

Lots of small branches

Ugh

Wait let me check the council building here

I'm pretty sure they're on TC4

Hmmm

Two Telstra services on seperate ports lmao

NBN co's big plan is for all businesses to use business plans but the value proposition for small offices is not remotely compelling and I think there would be uproar if they tried to enforce that they pay enterprise ethernet pricing

They never shut up about their ARPU but they're not that stupid yet

The SMB AVCs can be appealing for some, but EE is usually just sold to suckers

Telstra EA or TPG Fast Fibre is a much better option

Or whatever the fuck the TPG group calls Fast Fibre now

They are so confusing, change organisational structure every two weeks I swear

I wish they'd pull their heads out of their butts and realise that making it make sense cost wise would make it a lot more popular

If the infra's there screwing people over on sub gigabit just makes us look like clowns to every other country

Yeah no

That doesn't include the UNI profile either

And EE seems to have a build cost very often

With a paid feasibility study required to even get a quote

It's a joke

Absolutely

I don't even think any RSPs sell a product that uses 10gig EE

I doubt there are many customers for it

At that point just get a rack or two in a colo and the users can Make Do

Looks like Future Broadband and Lightning IP sell it

Actually Future BB doesn't offer it on EE

Only on Telstra EA

"Future broadband" would make sense, as is is presently nonviable

I wonder who they use for PoI backhaul

Hmm TPG

I mean look if I had a 500-1000 seat office I'd pay for it, but at that point I'd really need two or more

And then it's back to being a very hard sell

my boss in the UK has a 4.5G connection AND starlink since he's in the country

I don't even dare to ask how much he's paying for all that

AKA nobody actually gets 10gbps here

Lots do

Not for you

Just not on EE

lolllll

For your entire enterprise yes

Oh yes no residential 10 gig options

But if I was slicing it thinly enough to make it affordable you're not getting 10 gig out for anything

Everyone gets throttled and then you're back to being as if you didn't have it

:p

Oh god this is 8 minutes long and contains very little new information

No new information

That video is like a decade old

Looks it

But yeah I know of it but to my understanding it doesn't come here

Very little does :P

TPG fast fibre definitely wouldn't

Pretty much only in capital cities

Just need to run my own relay of multigigabit wireless bridges from Sydney or Melbourne

It's going to be a lot of poles...

I'm sure Amplitel would love to work with you on that one

Gotta suck when a relay 300km away from your house gets cockatoo'ed

I hope you've got a carrier license

Just one?

Yes just one

You'd need to apply for licensing for every hop

And there would be a ton of them

No that's spectrum licensing

You'd also need a carrier license to install the network units

Or a trial exemption

I mean no not to my understanding, not if I use boring old WiFi

Here's your first form

You wouldn't need spectrum licensing for Wifi

Ah I see your mistake

But you would need a carrier license

No no, relay for me

Ooooh

Not for you

Amplitel would probably make you use their contractors without a carrier license

They'd probably make you use their contractors either way realistically

I'll pay the bill in my dreams tonight

You mean your nightmares?

Nah we just skip over the destitution

maybe in the future but i try to use ethernet where possible

Looking to accomplish deployable Wi-Fi in gyms and arenas for athletic event scoring purposes. 8-30 computers on a private network. Currently I lay ethernet, running back to a tplink switch, into an offbrand router, which is where I tie in the venue internet to this system. Will I run into problems hooking the DM up to some school/arena networks? Or will things proceed as normal? How hard will it be to dodge inteference from venues with wifi already present? I got a wifiman aswell but to be honest im not sure what I would even be looking at when using it. How much speed is lost when using wireless bridging? When events have multiple buildings 150-350 ft away, what is the best solution besides ethernet which i currently do and am tired of. I asked Ubiquiti AI for tips as well and will attach what it provided below. Anything outside of this I should note? Could this be viable for down the road pushing video streams as well? or would i need ethernet for that application?

Appreciate it, will also add, its crucial to these events that internet never drop, or the event stops, i just hope wifi is at a point where i can stop laying cat5e

yes, you should be cordinating with the venue IT to get internet access

plugging into random ethernet is not going to work all the time

for long distance you can use point to point links, as long as they are line of sight they work well

some venues easier said then done, i try for the most part to atleast get a brief chat with someone in IT though. how far apart would these 6mesh devices need to be apart if they were on tripods with line of sight above a crowd?

idk the ui product line much but something like this https://store.ui.com/us/en/products/ubb

seen those in use before, very well may consider these for those oddball use cases

internet reliability is hard from what you sound to be working with

since you are relying on the single venue connection

you would want redudancy

starlink and run double wan into my dream machine maybe?

double wan won't help much if it's coming from the same source

sorry i dint word that well, if one is from the venue and one from starlink that would add some reduduncy rather?

i suppose maybe the ubiquiti lte is another option, problem is cell service not always reliable at some locations

someone, but idk if starlink reliability is up there yet either

@rocky badge knows more about event stuff, but I'd assume for high stacks events they would have multiple redundant connections with ISPs

there is only one event a year i work with an ISP, probably the other 15-25 a year usiing venue ethernet

if this is just some small event, I would just write something in the contact about best effort

4G/5G is a better option

Also if the general public would be using this it's against the Starlink ToS

Starlink is very ... picky... about this

Well yeah, as is every satellite internet service

Windstream is somewhat forgiving about it

what happens is they throttle you instead of just hit you with the ToSV

NBN Co. does not hesitate to shape FUP violations on Sky Muster

for 24 hours

oof really?

Of course

There's not much bandwidth to the birds, and people violating the FUP take away from everybody else's experience

Then again, doesnt NBN use contracted stars in addition to their own so they have to follow their own fair use rules with their upstream

With their upstream?

uplink

Ah, yes

Space Systems/Loral, LLC a subsidiary of Maxar tech... ive heard this name before

The service has gotten a lot better as they're moving premises off it

If I am correct this will work

oh wait wtf

they only have 2 Ka Spot band transcievers out there

wow they serve quite a bit of people off 2 birds

84,300 premises active

yeah this would work, I actually did something somewhat similar but completly different implementation

yes it would

Just be aware, you are adding another hop in the mix so this can add latency

^

would want it as close to your actual server

its better just to have your gameserver up in the cloud

Also it probably won't be $0/year with egress charges

right next to the proxy

or just forget the proxy

wait no you cant, there are more than 1 MC server

Oh nvm OCI gives out 10TB/month free

yeah

I did the proxy differently, on an IP level instead minecraft

I bet you can exceed that with the resource packs (if you push those) and the web map.

wanted to make sure before I give it out and it ends up screwing people over

have a tunnel between the vps and a virutal router

that web map will chew through data

mine did

The web map will be using CF so it doesn't matter

what would go though cf though

only the webmap

are you publishing it on a wiki or something?

yeah

on a tutorial I made on a Minecraft Admin reddit discord

also on my github

It used to be the webmaps would cache bust all the time, i wonder if thats still the case

if they dont, then itll be fine, but if they do, thats gonna be interesting

Webmap won't chew through data if you disable 3d rendering/ only have a certain zoom

no fun

ah

3d rendering is just more storage used than the world itself

not sure if you are aware of https://www.setup.md/

lol it is. I had a 4k texture pack on my webmap too for shits and giggles

chrome would just die

doesn't have docs on proxy via vps

but this should be fine as I tested it already way before writing the tutorial

also with this method you would need to forward multiple IP and ports in your router

from what I remember from my MC hosting days

vs having velocity on the host mc itself

Why not have everything in the cloud?

It should be just port per server and extra for those plugins that need ports

cost

Eh

cost

yeah, vs just having one port open or even none at all

plugins like simple voicechat can run on the server's port but it isn't needed as it runs off the velocity server

I was recomended conditional port forwarding to only allow communication between the proxy and the home server]

I shouldn't worry about hosting at home as its only 1 server right now

this is basically what I did

setup some static routes and worked pretty well. Any VM on proxmox I hooked into the 192.168.20.x network was routed via the vps

Hey, super quick question, are marvell 10gig sfp nics worth it for like $30

the PCIe Card ones?

Yeah

What model

Model QL41132HLCU

Actually $20

for $30.. 20???

HOW

buy that

Craigslist baby

if its real, yes

is it dual port

Do they work?

How about QL41212HLCU

As far as I can tell yeah

I am Ballin on a budget and want to upgrade my networking to 10 gig to my server

now the problem here is that im not sure those support generic SFP modules

Never heard of the marvell chips being picky

i know they take the cisco stuff well.

That matters because my broke ass is gonna run the cheapest sfp adapter I can find

Generally if it's not going into some prima donna switch and it's MSA compliant you're supposed to be fine

it looks like the generics do work

It's going to be direct attached to my udm se for now, will that work?

I'm kind of an idiot about this stuff

yes

Cool, I'll pick one up

Actually the $30 intel x520 might be another option

x520 is apparently good

Is 30 bucks a good deal though

Yes?

Only the best for the jankiest server $200 can buy lol

I mean free would be better value but I doubt you'll bargain them down to that

Maximum jank

i have 2 wifis normally, my regular then its the regular name + 5GHz at the back, on my PC the regular is really slow however when i connect to the 5GHz the speed shoots up to over 3x faster, im using a wireless USB dongle, a pretty good one but today i cant seem to find my 5GHz wifi, only the regular