#networking

iperf is really easy to use. You just have to open port 5201 on one side (on windows New-NetFirewallRule -DisplayName "iperf inbound" -Direction Inbound -Action Allow -LocalPort 5201, get ip with Get-NetIPAddress, starts with 192.168.x.x, 10.x.x.x, or 172.16.x.x-172.31.x.x), run iperf -s on that side, and finally run iperf -c <remote_ip> --bidir -t 0 on the other PC

always more the merrier, but leaning towards 8+. was banking on my fiber ISP to upgrade me to 2gb at promo price but that was a hard no lol. seems like 2.5gb is just too costly even for future proofing, prob gonna step it down to 1gb as i currently have it. my ISP provisions me for 1.4gb so itd be cool to have that overheard, but not necessary

hopefully under $150 usd

i run omada AP in my house, so i was thinking for 1GB the TP-Link TL-SG1016PE

probably this is the only one that fits requirements

non poe is 160 and non managed chinesium 2.5g switch is about 50

that requires unifi controller right?

prob

there is not alot of vendors that make 2.5g switch, smb is mostly 1g and enterprise mgig is usualy 10g

you can get this if you want but it is noisy

correct

wdym chinesium

yea i think ill stick with 1gb

appreciate the heads up

chinesium

oh lol i thought you meant the flex mini 2.5

why do you need a managed switch anyways

i dont want my IoT devices snooping on my cameras, PCs, servers

you know nothing technically prevents you from using multiple L3 networks on single L2 domain, assign iot devices a ip and mask outside your main lan and point it to a separate gateway ip 😈

hey im all about saving money here. i just figured it would be easiest cause i do need more POE ports lol

im from the uk and im wanting to know how easy is it to get a new router can i just buy one and get rid of the one i own that is from a company that rents the router and get way better speed

tipically you would retain your old router but put it in bridge mode

then it would act as a modem

but what about the speed would that change and would i still have to pay the previous provider?

you would offload several cpu intensive tasks like NAT to your new router so you might get some speed or stability improvement
are you on cable, adsl or fiber?

im currently just using wireless

but what if the new router is a lot faster?

there can be a improvement on wireless performance, probably the largest one but i am asking what does your current router plug in to

it does have a fibre connection

I used to have one of those modem/router combos (it's one box, but has the coax in for cable as well as all the wifi bits,) and I got a new router; I also did turn it into bridge mode, and was getting near network speed i pay for over wifi.

when they upgraded our plan, they just gave us seperate modems and routers; if that's the case, all you pretty much need to do is just swap the ISP provided router with a new one and it's done.

i was thinking about something like a tp link router

your ISP would need to provide a dedicated ONT if you want to remove your current router

ONT?

optical network terminal, basically a fancy media converter

yeah dunno

this is evil

sometimes i wish i only had systems with like 64GB of ram because i really can't be arsed to sit here waiting for it to train memory on 768GB

then again most of the time spent turning on is actually the HBAs initialising so like idk but still haha

It's easy to get what you wish

Just pop the side off your system and remove sticks in pairs until you have an amount of memory you can train faster.

You can send the memory to me for... safekeeping and or disposal.

64GB can be still a lot on DDR5 if the board decides to retrain

luckily i'm on a relic aka DDR3

Perfection

pc pile

The stuff off to the side i really do need to work on selling

also there are 2 more computers on top of it

finally doing home assistant and actually having so many smart sensors is so fun, did a mm wave sensor in my entrance place and now made it so the light stays on if i am in the room and turns quickly off if i am not.

xd that mmwave sensor is more "dangerous" then 5g mmwave

no clue what my sensor does tho but quick google i got 30-300GHz while 5g mmwave is just 24-40GHz

mmwave presence detection is typically an ISM band, 24GHz or 61GHZ. Other bands are available regionally, but they would need a fair bit of work to ensure compliance for a global product

nice

my shit is just from china so at best 61GHz

that extension reminds me of "why did AP drop out of network" problem i had yesterday and this morning. After testing cables all around that branch of the network i realized yesterday i turned off one of the power extensions next to my HTPC because i don't use that HTPC at all. Except the switch was also connected to that extension 😄

also i feel sorry for that USB port of the mini PC when sometime in future you will kick that USB wifi adapter and break the USB port or the wifi adapter 😄

Zigbeeeee

But yeah I was considering doing a 180 on it but like the amount of stuff I plan to stack on top of this is fun to the point I'm just gonna let it be on the front

hmmm, do i buy a beat up used TL-SG1016PE $50 or a brand new TL-SG2210P for $70

dont need all 16 ports tbh

If I have a switch going out to 1 2.5G port, there’s no reason for me to team 2 ports on my 10G nic right

or use USB extension cable. That is how i put my zigbee adapter further away from mini PC

So the title is no basic tech support questions... what about ones that are a tad more complicated? Should i use #1027757333117415424 ?

I'd say it's okay to ask here, but #1027757333117415424 provides better continuity and keeps this channel free for regular networking discussion

i havent decided on a coordinator yet, kinda leaning towards ethernet one and not usb

Its 10$ for one

Usb stick with Zigbee 3

Anyone able to tell me which one of the open source network management tools can do the following :

Easy-ish to setup ( rip I know I know xD)
Can setup ACL's , show IP addresses of connected devices to switches / which port as well with mac addresses ( basically connect to a switch)
No - up to 10-20-30-40-50 devices free type of "open source software" ( that's not real open source software in my opinion)
Can monitor network traffic. Can filter through traffic like wireshark for specific protocols and IP's and mac addresses.

Basically a supercharged Switch Management Console but with the ability to connect to other network switches as well. Doing them one at a time / deploying changes is a pain in the arse ! Please help !

1.What switches are you using and do they support netconf/yang
2. This is a firewall feature

1. 2960x Catalysts.
2. I would not entrust this type of things to a PaloAlto firewall no offence. we recently were forced in to an update and it broke half our network so sadly I have to pass.

In the sense that, I don't really have time to reconfigure everything an update comes and breaks half of it and renders the 14 locations I administer useless...

Have you tried zabbix?

Has an agent. Won't work for my scope 🙁

Aside rolling DNAC which is $$$$, no

And you're not getting firewall like features on a switch unless you buy a DPU enabled switch for $20K+

Dayum. Thank you for clarifying my conundrum! 😄

Yah, management tools are pricey for the most part, you could look at Ansible though

It's got a learning curve though

My boss hates anything related to cloud or spending $ ....So I gotta manage with anything usefull I can implement.

Then Ansible it is 😄

I thought ansible was a paid software. You just blew my mind

mtputty too

I know there is a paid version Ansible Tower, but I think Ansible itself is free
I could be wrong, been a long while since I've looked at that stuff price wise and the like

this thing is awesome ! ❤️

https://www.lansweeper.com/
my coleuge used this tool and he always speaks highly of it, try it and if you buy it it isnt that expensive

Less then 100 assets xD no bueno .....I have 200 VM Ware Servers just to start xD

Alot of documentation to read for Ansible. thank you for all the help 😄 I'm gonna dive in and start bugging you guys here if I don't understand something rip

Well, I've ran into the peculiar issue of mobile carriers throttling UDP traffic.

I have an SMB share going on at my home network, and recnetly I setup wireguard on the server + my laptop. Everything has worked so far, except actually streaming media from the server (double clicked in the SMB share as if its a local file) is basically impossible. Iperf3 shows over 75% dropped packets and like 4-5mbps when sending data to the server. 80mbps when downloading from it..

AFAIK SMB loves its ACK packets, so I assume most are getting dropped. What'd be the best way around this?

jellyfin self host?

@nova glacier it did it again...

and it capped it back at 100mbps

rip. what have you replaced so far?

Installing newest drivers
new router from ISP
new ethernet cable (yes its cat6)
Reset network
Turned off all power saving things in the settings
FlushDNS

New cables on both sides or just PC side?

just pc, not the one in the wall, if possible that will be my final option

Oh, do the in-wall cabling go directly to the router? I assumed it was another keystone

if the cable from ISP that comes in to your router is cat5 ( limited to 100MB / S) there's nothing you can do on your side to improve it

no its both cat 6 in the wall

and from wall jack to pc

pics or it never happened xD

it worked on 1gbps for over 6 years

maybe ISP messing with you and changed your speeds ?

nope, i called them already and everything is fine on their end

also accessed router settings and it shows it can handle 1gbps

are your LAN ports in your router set to 1GB /s ?

yes

do you have any custom settings in your router ?

no

ok then reset it to factory

already did that multiple times

what ISP you got though ?

This is a signal integrity issue, none of this relevant to be frank.

The only remedy is figuring out which part of the cabling is the culprit. Try swapping the keystone to a cat 6a keystone before redoing the in-wall cabling. Perhaps reterminate the in-wall cable with 6a plug too

You got direct Fibre comming in to your router or a DSL type of situation where they "claim" to give you 1gb/s ....there is no copper wire on the planet that can handle 1GB/s xD

alright, ill check the keystone tomorrow or whenever my uncle is off work to help me, guess ill have to deal with the issue for now

its fibre directly in the router

does the in-wall cabling go directly into the router though? No keystone on the router side?

idk why either ISP lying to you or the real "wiring" that's done . something is lying

yes

what are you even talking about. They're have LAN-side ethernet cabling downgrade from 1Gb to 100Mb. The ISP is completely irrelevant

so the cable int he wall has a connector on one side directly in the router and the other side of the cable is connected to a wall jack

Are you able to provide some details as to how the cabling sitation looks like in the central panel in your neighbourhood / building complex ?

I have a feeling, either the cabling inside the central panel is a mess or was not done with 1GB /s in mind

yeah that makes sense. Just start with the "quick" fixes of getting it reterminated with 6a plug on the router side and a new 6a keystone before going to the effort of running new cabling

Unless it's 30 years old it was made with 1gig in mind

I still feel ISP ripping him off ..

Ok more like 20

the house was build not even 10 years ago, and the 1gbps worked for over 6 years

Neighborhood? building complex? It's an in-wall ethernet cable with a keystone on one end and directly plugged into the router on the other.

Then it's the router or switch or network card or just the wall panels being shit as has been happening to me

yea i will look tomorrow if i can look, maybe i see something in the wall and will swap it out

My wall ports are kinda lose so love dropping to 100Mb

i really do hope the wall port is the issue, its a easy fix

My bet is on the keystone too tbh, but we'll see

so rn i have a double keystone in the wall but only 1 is connected since i only use 1 ethernet cable, i can just swap the wiring to the unused one

since the current one worked for 6 years its def a correct cat one

Yea, but a 6a keystone would have better signal characteristics. Considering it works most of the time, a better keystone should push it further into stablility away from the edge.

fair, could be that its already a cat 6 a keystone in the wall, i have 0 clue

I doubt it, they're lke 3x the price (still cheap af though). Pretty certain no contractor would install those unless asked explicitly

pretty sure my stepdad did it himself

I hope they're not because that would leave fewer things to fix/upgrade before the last option of replacing the cabling

but i think the cables in the wall are just cat6, can i put a cat 6a keystone int he walljack then?

that is true

you can put any category keystone. The signal performance just gets better as they go up in category (though not every category increases the requirements). 6a I know increased the requirements but I'd have to look it up to see what other categories get a better connector

i see, that makes sense

@nova glacier once again thanks for the replies, i will see when my stepdad has time to check out the issue, i will just reterminate the connector that goes directly into the router and replace the wall keystone and then see if the issue persists.

basically how you cat run 10 gig on a short cat5e cable its not reccomended or that reliable but its possible

linus reused the cat5e keystone pretty sure in the home cat 6 upgrade video

also 100mbps can be a sign that the cat5e is damaged or not terminated correctly so yes that could be causing the issue

I tested a cable a few days ago and it tested fine but moving it around in the wall port and the switch light only turned on at a specific point

replaced the cable and its fine now

this was a patch cable

My bad your saying its fine to put in higher category keystone, that is perfectly fine

I need

Help

Specifically WiFi help please god

we love to see it

just tune your eyes to wifi. that'll help you see the problem

just state your problem or ask your question

@nova glacier the wall keystone already is 6a, we gonna swap it so i can use the left one

Oh, it's got 6a stamped on it? Might as well check what the cabling is rated to as well while you're there

Cat 6 cable

In the wall

So its the correct cables

Lets just hope the right one is a faulty keystone

Just to be absolutely sure, you are reading these ratings from the printing on the cable and letters stamped onto the keystone, right?

Yes

Sorry, the amount of times I've had someone just repeat what another person told them and it turned out false makes me always have to make sure lol

Thats fair

We are gonna rewire and then vheck and if that doesnt work then we buy a new keystone since i will have to order it online

Better to use higher gain antennas in an area with extreme interference or would that just pick up even more noise?

Lower gain is technically better for the outdoor use but I do need to concentrate the beam to a drone of sorts

bit stuck to say the least

directional antenna would be ideal

or use an unused band

or both

if you really wanna be rude, you can use the highest broadcast power possible, and the lowest gain antenna possible

@nova glacier redid all the connectors and keystone in the wall, it connects and is at 1gbps (1gbps forced in settings) shouldi put that to auto or leave on 1gbps

auto is generally ideal

that way if the connection degrades it’ll just switch to 100mbps instead of failing to connect at all

What's the application?
Antenna gain doesn't amplify everything like a regular RF amplifier would. A higher gain antenna usually has a narrower beamwidth (kinda like a flashlight, think of a floodlight versus spotlight), and lower side lobes that can reject interference.

If the interference is in the same direction as your desired signal, then yep - you're boosting noise too. Sometimes cell phone bands and broadband noise can also hurt you with a high gain antenna.

if you tell me the application, as well as the frequency you're interested in, i can provide more insight.

I’m setting up a fail over between two servers but my question is how bad is it to have nginx proxy manager and pi-hole on the same system with them in docker containers? Npm is only being used to relay internal traffic but using a domain instead of lan ip. Thinking of using bender instead and using pi-hole with a local only domain. im not looking for security flaws as much as im looking at compatibility problems.

why is a chandelier connected to my home wifi??😭

Copy its mac address and input it into macvendors

Oh ok thanks

It says "intel corporate" should I kick it off or smth like that?

Idk much abt networking

that just means it has an Intel nic

Afaik Intel doesn't make any IoT WiFi chips, so that's gonna be some desktop or laptop

Intel does not even make Intel chips anymore

Well no, they definitely do

They just don't make all of them anymore

Yea I was wrong o swear they sold off the networking part a long time ago, but now a days they are just not bothering anymore and laying off more and more people

https://www.reuters.com/legal/transactional/intel-separate-networking-unit-new-ceo-tan-overhauls-business-2025-07-25/
dont know if it went through

i swear they did it many many years ago

That was other parts of the business

Optics and FPGAs I know were a couple, their infiniband alternative too (omnipath or something)

it was the cell modem business they sold off iirc to Apple in 2019

aaaaa

i think this was it

anyone got a clue what i might be able to use a UVP pro for now a days

it looks so nice but its so old

is there a bootable OS that i can use like ventoy but that also allows me to get versions of operating systems by downloading them?

cause like i love ventoy, it's amazing but also it's very annoying when i am setting up a system that can connect to the network but i need an OS or something that i don't already have cause then i have to go and install it and put it on the mf drive and it's a pain

could always kick it off and see who/what complains

best way to identify devices imo

They do make some Intel branded chips that are just realtek inside. Some Intel Killer chips

intel inside but wrong

pxe?

you still need to have iso somewhere

I was thinking that but idk I might write something to do it

Hey, noob here. I have built my new pc and i had some issues with connectivity with ethernet. After some days it did not work at all and i found this. I had to pull the cable out with a lot of force and it seems like i pulled one entire pin and half of another pin out of my new Mobo (Asrock B650M Hdv/m.2). The cable was also new. How can this happen and is the port still some what usable or what is the best solution to this mess?

seems like it melted and got stuck, is the board in warranty?

Probably yes, but idk if I can use it since the cable was probably the issue i guess

But how the f does an Ethernet cable melt?

yeah that's what I was thinking, what was it plugged into?

on one side into my mobo and on the other side into a wall plug for ethernet

https://tenor.com/view/storm-gif-beautiful-sky-cloud-gif-3694021287105068226

it probably killed optoisolator on the mobo

Any good quality cables to suggest haha?

is router/switch on the other side alive?

yes, everything else is fine

there is some deeper issue here on L1 that new patch cable wont solve

like you drilled a hole somewhere and connected mains to utp

Well, i try to get a new mobo, if not i will put it in a usb hub or smt

i have doubts that asrock will warranty this

before you do that, see if they'll do the warranty, they might not but i'd try

in any case a pcie network card is cheaper than a new motherboard

well yeah

or taking it to a store and asking them to solder a new eth port on it

i can't imagine they'd charge that much since it's a pretty easy fix, you could even do it yourself if yk how

its not worth it to do microsoldering on a low end board

yes, this is what i mean with "trying to get a new one"

well yeah tbf but some places will do it alr

gotcha, i thought you meant buy a new one haha

oh i just found smth. i am blind: The cable did also melt at the other side of the cable, but not the port part but only the end of the cable

do you have PoE though the plug?

Realtek Inside ®

this is result of much higher voltage that caused insulation breakdown

such as lightning

i dont understand that

Damn that Ethernet cable got cooked

if it was lightning then other things would be messed up too

surely

nevermind

usualy it is black after lightning strike so thats why i was thinking mains

The other side

The port in the wall seems fine

check other eth cables if you have any

what about router end?

Well i live in a big house and do not have access to the router but the switch on our floor seems fine for my eye

unplug it from the switch side and check if its melted there

News: This seemed to have happened to the person living in my room before me aswell. I have his cable even in my room, both sides of the cable melted (a bit) but the plugs seem fine

Agreed. Lightning is a very rapid event that flings char everywhere from/at the port and afaik it shouldn't last long enough to start melting the fire resistant jacket.

Was this a thing with a cable run inside the wall?

no, the cable from the pc to a port on the wall, i have no clue about the cables in the wall

humor me this, but send a nice detailed picture of the motherboard rear I/O

just the lan port or the whole?

whole

so, i guess real quick since i've seen a few things, those saying it's not lightning are right, usually lightning chars the port and blows out anything near the port

good enough?

to me, it looks more like localized heating of the cable and mechanical damage, either a bad cable or connector, or contaminates

what do you mean with contaminats?

i just don't imagine ethernet can carry enough current to do that

foreign objects, conductive stuff, that sort of thing

I am just confused because this apperently happened before with a different pc and a different (but maybe low quality) cable in the exact same way

you went from wall -> switch -> PC?

no, wall to pc

aaaaaaaaahhhhh.

there is a network switch on the floor, so switch -> wall -> pc

I would probably mark that port as inop

i would show maint that cable, and explain the same thing.

yea, i will ask somebody tomorrow of the group that handles that stuff but the problem until then is, that is the only port i have lol

they should have a tester to verify the port isn't wired incorrectly/has some intrusion

yea that's proper fire hazard. Not a lawyer, but suing whoever installed it is probably a realistic option

i hope so, we are students and the people who maintain that stuff are volunteers

absolutely mark that port as inop for the time being though

ha, they were prob students living here 20 years ago

it could be something as silly stupid as a poor/improper termination at the jack. so figure 24AWG can do about half an amp or so in free air

not sure if ethernet is capable of doing that on it's own

it could also def have been the motherboard, too, but without verifying the jack is good i wouldn't say that.

It isn't. PoE can push ~0.3A, PoE+ ~0.6A, etc. Not exactly enough to be melting things

yeah, just keep in mind that ethernet cables are usually bundled, so if enough was passing through multiple conductors it could heat up.

again, not an ethernet expert, just using prior experience lol

So, if multiple pins are not connected correctly it could melt?

technically even if one is loose it could cause heating due to the resistance there

imo that's not a realistic event. It requires a lot of amps to start melting things, those amps need to have come from somewhere and neither side's ethernet transformer will be pushing anything like that

But why would the other side of the cable melt?

yeah, i don't disagree with that, which is why im suspecting something in the wall.

if it was PoE for whatever reason, and maybe two pins were touching or something like that, whatever swiss cheese happened for the failure to happen, enough current could certainly pass to heat up a conductor; that much? idk.

based on how that's melted I think it was actually touching something else that was hot enough to melt it.

It looks like you had a candle or something back there...

I doubt every PoE switch and injector ever has actually followed the spec to limit current per-port, though to have that and a cable with an insulation fault like that? Yeah probably not as likely as it being something else

I reckon you could definitely melt something small like a defective, unshielded conductor with 30-50 watts

standards non-compliant devices are evil, especially as far as safety is concerned like current limiting but yeah ig that's possible

small amounts of power in a tiny volume can generate enough heat to start to melt stuff.

we do calculations on the bundle, conductor, and expected power to determine which conductor is suitable for a specific load, but non compliant devices certainly make that fairly ambiguous.

it seems like PoE is supposed to stop at about 960mA/pair, which in a few ohm contact could cause some localized heating.

Definetly no, on one side it was only the back of my PC with cables and the other side was a wall port, so nothing but air around

I love buying a passthru cat 6 crimper only for it to not properly squeeze the crimp down

just bought the klein tools one ):

Buy once, cry once

Hi. I have a basic wifi router, after I got fibre. I suddenly got 192.168.100.x instead of 192.168.0.x The devices on 192.168.0.x works fine, but 192.168.100.x doesnt. Theres no wifi on the 100.x and is connected through ethernet. Any ideas?
I didnt have any problems with that router before i got fibre, the isp blames the router
also when im on the 192.168.100.x network, i portscan the gateway and nothing is open, so i cant configure it

I have a tp link BE3600

Are you connecting that ethernet device to the ONT? If it's a standalone ONT without wifi/router services, it's only intended for your BE3600's WAN port not other devices. Connect to a BE3600 LAN port instead

damn they got it on the dew

must be for gaming if it needs game fuel

ah so this is how to shut up nexuses

loudest mf in my dc

is that a watercooled switch

yes, a cisco one

i wonder when we will get 25gig residential to most places

never lmao

sad

Maybe by the year 2100, at least in the USA

True story. We got two new 9504s and I turned them on in the provisioning room and they were so much louder than our other 9504s that data center staff came running in like WTF

I was wearing ear protection because I couldn't tolerate the loudness

and then they BS about adjacent SFP+ 10GBASET transceiver placement...

"muh cooling"

I mean to be fair, 25G SFPs average around 1.5 watts but 10BASE-T can be up to 5 watts depending on the length

Thats when in germany half the connections average at 1gbit, for sure...

That my 250mbit connection is considered above average here is quite sad.

Especially when you STILL CAN GET under 40mbit internet. for not that much cheaper... If it would be like 7 euros, id get it. For 25? Holy f.

on nexus its wierdly limited in a pattern while on c9500 48y4c its just number limit and position doesent matter

Muh breakout cables

If any of you have done the net+ what are the most important topics to memorize

Studying for it this year

just passing the exam is easy by doing dumps over and over

dumps?

exam dumps

What's the point if I dont learn anything 😭

well you asked for most important topics to memorise
irl topics highly depend on your infra design, like i dont have to know how OSPF works irl but it was surely on the exam

you aren't learning if you memorize anyway.

Worded it badly 😭 😭

subnetting is number one for sure

Getting there lol

When we are living on Mars lol. Going to be a very long time

i mean 10g residential is already a thing in quite a few places

mostly major urban areas in europe

yes but "most places" dont have fiber infra coverage yet

Exactly

come to Norway

i have seen both 89 and smn like 80% have fiber access

good proposal

i like cold

eh it was 30c way too much of the summer

Whoever recommended I try Zabbix for network monitoring .... BLESS YOUR HEART ! THANK YOU SO MUCH!

I just bought a brocade icx 6610-48 for $40 on FB marketplace and now I have no idea how to set it up. I have a little experience, so not a totally noob but please help me.

Alrighty, someone here smarter than me has got to know something about addressing abysmal speeds on a client machine using WireGuard on LAN, because this is frustrating me.

Am I missing something, because despite successfully connecting the devices to each other, the client's speed is so bad that it can't even run webpages. I have both devices giving me over 800Mbps Download & Upload, so what gives?

• Installed WireGuard on both Desktop PC (Server) and Laptop (Client)
• On PC, I've created the host and client tunnels

----- Server -----
[Interface]
PrivateKey = {SERVER Private Key}
ListenPort = 51820
Address = 10.0.0.1/24
DNS = 1.1.1.1, 1.0.0.1

[Peer]
PublicKey = {CLIENT Public Key}
AllowedIPs = 10.0.0.2/32

----- Client -----
[Interface]
PrivateKey = {CLIENT Private Key}
Address = 10.0.0.2/24
DNS = 1.1.1.1, 1.0.0.1

[Peer]
PublicKey = {SERVER Public Key}
AllowedIPs = 0.0.0.0/0
Endpoint = {SERVER Public IP}:51820

• Portforwarded 51820 on Router
• Allowed Inbound port 51820 in both Server and Client devices (just in case)
• Moved CLIENT config file to Client device to run
• Allow Network Sharing in Adapter Settings to allow WireGuard Tunnel use Ethernet from Desktop PC.

Client successfully connects to the Server, however the speeds are abysmal.
What am I missing here?

both are windows hosts?
what are the specs of devices

Right... forgot to mention that.
Yes, both are Windows devices.

Desktop PC

### Motherboard
GIGABYTE X870 AORUS ELITE WIFI7 ICE AM5 LGA 1718, ATX, DDR5, 4x M.2, PCIe 5.0, USB4, Wi-Fi 7, 2.5GbE LAN, EZ-Latch

### CPU:
AMD Ryzen 9 9900X - Ryzen 9 9000 Series (Zen 5) 12-Core 4.4 GHz - Socket AM5 120W - Radeon Graphics Processor

### RAM:
Patriot Viper Venom RGB 32GB (2 x 16GB) 288-Pin PC RAM DDR5 6000 (PC5 48000)

### Storage:
KingSpec XG 7000 4TB M.2 2280 PCIe 4.0x4 NVME 1.4 (7400MB/s Read - 6600MB/s Write)

### PSU:
SAMA XP 1000w ATX Power Supply - 80 Plus Platinum Gold - ATX 3.0 & PCIe 5.0 Compliant - Fully Modular - Low Noise Intelligent ECO Silent Fan

### GPU
MSI Radeon RX 580 Armor Mk2 8GB DDR5 (Primary)
NVIDIA GTX 1060 3GB (Secondary)

14" Razer Blade RZ09-0370

### Display
14-inch QHD (2560 x 1440) 16:9, 165 Hz Refresh Rate

### CPU:
AMD Ryzen™ 9 5900HX Processor, 8 Cores / 16 Threads, 3.3 GHz Base, 4.6 GHz Max Boost

### RAM:
16 GB DDR4-3200 MHz

### Storage:
1̶ ̶T̶B̶ ̶S̶S̶D̶ ̶(̶M̶.̶2̶ ̶N̶V̶M̶e̶ ̶P̶C̶I̶e̶ ̶3̶.̶0̶ ̶x̶4̶)̶
2 TB Samsung SSD 990 PRO (upgraded)

### GPU
NVIDIA® GeForce RTX™ 3070 (8 GB VRAM)

Anyone willing to allow me to pick their brain regarding and extremely specific issue ?

The issue is : Random DNS time out requests from a couple of computers on a specific location that causes a short network disconnect for the entire said location in a domain ?

This issue is present only for said location. Other locations not affected.

Try changing the MTU of the client. In the [interface] block of the config, add MTU = n. It can range from 1280-1420 on windows. It's supposed to automatically discover a good MTU, but for various reasons that can fail and it'll default to 1420 which can be problematic on some connections.

If you use public dns then you might get rate limited

Not a public DNS. it's our internal domain DNS. We've got 4 DC's for some reason I fail to comprehend ..

On DC1 : for DNS DC2 and 4 are refferenced
On DC2 for DNS DC1 and 3 are refferenced ( etc etc ).

the network switch configs also are setup with( on each of the 14 locations ) ip helper address : DC1 and DC2.

Connection between the locations is done through a specifically programmed MPLS Router.

So we don't need to use a vpn on the locations in order to access domain related things.

Oh, I thought I wrote it down last night, but I guess I deleted it when rewriting it...
I was going to say that I've already changed the MTU for both devices, from all the way to 1280 and 1420... nothing changes

Run an iperf server on the desktop and have it port forwarded for the laptop client to connect to it through the public IP. Maybe there's a quirk in the routing unrelated to wireguard.

Doesn't seem to matter which MTU I change in WireGuard.

Top one is without WireGuard enabled.
Bottom one is with WireGuard enabled.

Other info to add that might help:

• I'm using Dynu for the DDNS.
• My Laptop is using wireless (despite speeds also hitting 800+ Mbps download/upload)
• Goal is to make sure that I can use a device that's outside of my house to connect to my Desktop for streaming or access.

I am aware of Tailscale and others, but that's not the point of getting WireGuard to work.

port forward the iperf server and test against your public IP instead of the LAN IP. It really shouldn't be different, but it would be make absolutely sure the packets are being handled the same as in the wireguard test.

Looking at this, testing iperf3 against my public ip is about the same as the Wireguard connection

are you using an ISP provided router? I've heard some ISPs will throttle port forwarded connections

No, I'm using an Eero 6E Pro

Damn. On a sidenote, 140Mbps is really poor performance for such a router considering your razer has got 6E too. This is all pointing some kind of issue with the wifi router imo.
Are you using multiple nodes? Maybe 140Mbps is able to take a shortcut vs the public IP requires round-tripping to the primary node.

yeah, I'm using one of three nodes (counting the primary node).

Does Eero have a utility for testing and re-optimizing (node to node beamforming) the backhaul connection? It's a common feature for mesh wifi

No it doesn't

try re-running iperf tests with -P 4. I've never needed parallel tests when running between my linux hosts but maybe the windows version can't do it with a single stream

wireless might be an issue here

as this is half duplex media

try connecting with an cable

iperf only tests one direction at a time anyways. You have to add --bidir to make it test a full duplex connection

doesent hurt to try

Like this?

C:\iperf3>.\iperf3 -c x.x.x.x --bidir
Connecting to host x.x.x.x, port 5201
[  5] local 192.168.x.x port 55403 connected to x.x.x.x port 5201
[  7] local 192.168.x.x port 55404 connected to x.x.x.x port 5201
[ ID][Role] Interval           Transfer     Bitrate
[  5][TX-C]   0.00-1.01   sec  2.50 MBytes  20.8 Mbits/sec
[  7][RX-C]   0.00-1.01   sec  1.50 MBytes  12.5 Mbits/sec
[  5][TX-C]   1.01-2.00   sec  1.62 MBytes  13.7 Mbits/sec
[  7][RX-C]   1.01-2.00   sec  1.12 MBytes  9.50 Mbits/sec
[  5][TX-C]   2.00-3.01   sec  1.88 MBytes  15.6 Mbits/sec
[  7][RX-C]   2.00-3.01   sec  1.50 MBytes  12.5 Mbits/sec
[  5][TX-C]   3.01-4.00   sec  1.88 MBytes  15.8 Mbits/sec
[  7][RX-C]   3.01-4.00   sec  1.50 MBytes  12.7 Mbits/sec
[  5][TX-C]   4.00-5.00   sec  1.75 MBytes  14.7 Mbits/sec
[  7][RX-C]   4.00-5.00   sec  1.75 MBytes  14.7 Mbits/sec
[  5][TX-C]   5.00-6.01   sec  1.62 MBytes  13.5 Mbits/sec
[  7][RX-C]   5.00-6.01   sec  1.62 MBytes  13.5 Mbits/sec
[  5][TX-C]   6.01-7.01   sec  1.38 MBytes  11.5 Mbits/sec
[  7][RX-C]   6.01-7.01   sec  1.62 MBytes  13.6 Mbits/sec
[  5][TX-C]   7.01-8.01   sec  1.25 MBytes  10.5 Mbits/sec
[  7][RX-C]   7.01-8.01   sec  2.50 MBytes  21.1 Mbits/sec
[  5][TX-C]   8.01-9.01   sec  1.25 MBytes  10.5 Mbits/sec
[  7][RX-C]   8.01-9.01   sec  3.38 MBytes  28.4 Mbits/sec
[  5][TX-C]   9.01-10.01  sec  1.75 MBytes  14.7 Mbits/sec
[  7][RX-C]   9.01-10.01  sec  3.50 MBytes  29.4 Mbits/sec
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID][Role] Interval           Transfer     Bitrate
[  5][TX-C]   0.00-10.01  sec  16.9 MBytes  14.1 Mbits/sec                  sender
[  5][TX-C]   0.00-10.02  sec  16.6 MBytes  13.9 Mbits/sec                  receiver
[  7][RX-C]   0.00-10.01  sec  20.2 MBytes  17.0 Mbits/sec                  sender
[  7][RX-C]   0.00-10.02  sec  20.0 MBytes  16.7 Mbits/sec                  receiver

iperf Done.

I wasn't meaning to you have test that, but that's an expected result. Half duplex means both transmit and receive share the medium, so --bidir results in halved bandwidth

Because the Razer Laptop doesn't have an Ethernet Port, I plugged in a USB-C Docking station, then plugged in a CAT5e cable to my switch.
IT's still giving me ~35 Mbits/sec

I searched a little and it seems you aren't the only one having poor LAN performance with Eero routers.
https://community.eero.com/t/h7hfp7n/slow-lan-speeds-between-devices-on-eero-pro-6
https://www.reddit.com/r/amazoneero/comments/xrwzy0/eero_pro_6_poor_local_network_performance/

Would you be able to test from a remote network to see if it's just an issue that occurs between two local devices?

The closest thing I think I have is just my phone that can use Mobile data, so that it's not on the house network.
Would this suffice, or any other ideas?

I also have a Steam Deck, but...
Or, what if I just use my Phone's Hotspot on my Laptop (so that it's off my house network), and test from there?

if your cell's bandwidth is higher than ~35 Mbps, ideally much higher.

yea that should be fine. Most modern phones have good enough hotspot capabilities that the cell connection would still be the weakest link (unless you've got mmWave ig)

Hmm... still getting the same ~35 Mbit/sec even when connected to my phone's Hotspot against my PC's Public IP

what's the performance of the cell connection?

set mtu to 1400 tho

Just a quick note: My laptop was just recently fully reset, so no shenanigans in the background.

I'm using a Samsung Galaxy S10.

No, I mean test the cell connection through speedtest.net or fast.com

Yeah, I'm doing that right now.
Seems to be getting about 70 Mbps

30 Mbps Upload

through cellular alone

That's probably not sufficient to really gauge if there's an improvement

I hate suggesting factory resets, but at least one person in this thread found that that fixed their eero LAN performance though another tried that and it didn't work. Given Eero's mostly closed nature, it's pretty hard to diagnose them

dang... so pretty much it might be my Eero's fault?

I do see that I have a new Software Update on my Eero, so I'll try to see if that update will fix anything.

If you another two computers to run iperf on, that would help rule out a local issue on either the laptop or desktop

I'm sorry, I couldn't understand that.
If I had another two computers to run iperf (so like my Steam Deck and test against my Laptop)?

LAN performance should always be quite close the wifi link's bitrate minus some overhead (or the lowest performing link between nodes if crossing a mesh). I can get roughly 2Gbps (bidir) between my laptop on a 2.4Gbps wifi connection and my desktop on gigabit ethernet.

Ideally two completely other computers. If you've only got that steam deck, then test it against both desktop and laptop. That would identify if there's just one problem computer.

https://www.rxddit.com/r/Ubiquiti/comments/1n61r79/can_a_nanobeam_still_function_after_losing_this/

post title: " Can a Nanobeam still function after losing this much working fluid? "

the forbidden orange juice

Technically the desktop can't be ruled out as the problem without a test between the laptop and steam deck, but this still does further point towards it being an eero issue

Can I pull the hard drive out of a nas and recover the data?

It depends

And how good you are with data recovery

ah crap.. on what? i have terra master f4-210 the sata card gone poop so isnt powering the drives

im as good as data recovery as i am with using a chocolate tea pot to make a cuppa tea

Is it encrypted? What type of system? (ZFS?, RAID?, etc)

raid i bellieve... the support man from terra master said that i needed all the drives powered on simultaniously

if i connect all the drives to the pc would it show as 1 drive?

No

You would need some sort of recovery software. Idk the fine details for it

So plugging a drive into a computer wouldn't work?

I heard i can mount the volumes in Linux similar to what happened in the episode of LTT when all the data died

Ltt paid a specialist to do it

I suggest same to you

Dam it lol 😆 😂 I mean i would understand if it was millions of pounds worth of you tube videos, but all I have is a few family photos

it depends greatly. if it was mdadm (linux software raid), then you can actually just plug them in another linux machine. Other forms of software raid can also be recovered in a straightfoward manner, since they store metadata on the drives and it's trivial to get the software. Hardware raid is usually much messier and could need a specialist

cool thanks guys

I just bought a brocade icx 6610-48 for $40 on FB marketplace and now I have no idea how to set it up. I have a little experience, so not a totally noob but please help me.

Do you have a console cable?

Yeah recently a friend had the motherboard on their NAS die and they were using hardware RAID... afaik nothing survived, wasn't worth paying someone to recover it

ok so, ive managed to get all 4 drives detected in windows/linux (I am unfamiliar with linux systems) how can I determine the RAID type? i set the NAS up almost 3 years ago, so i cant really remember.

all the drives seem to respond well, and apart from a sketchy SATA connection on my motherboard.. its all green 🙂

guys do you think I should buy a more expensive n nice ugreen NAS or just the cheapest like synology or other brand NAS i can find

cuz I want 2 use it 2 auto back up family media n stuf, but I also wanna mess around with some self hosting stuf like a jellyfin server n stuf like that

but im worried that ill use the self hosting stuf for a while n then get bored of it n stop using it n then think I shouldve jst got the cheapest NAS i could lol

That NAS doesn't appear to have used hardware raid and was running an openwrt based distro (i.e. linux). It will be most straightforward to investigate them in linux with the commands mdadm --examine /dev/sd* , pvscan, vgscan, and lvscan. If encrypted, you'll need to use cryptsetup to unlock the relevent partition or LV. Windows would require third-party drivers and be far more involved

Oh boy

I bought another router. I think I have a problem...

I don't think TP-Link is a very good brand. Did I pay too much?

Considering its retail cost, $14 isn't too bad if you need a backup router or one for a vacation property. https://www.amazon.ca/TP-Link-AX3000-Router-Archer-AX55/dp/B09G5W9R6R?th=1

For a second I thought you said the retail cost was 14 dollars

That's the wrong one. That's the non-"Pro" with only Gb ports

Sigh. I can't even with consumer networking companies anymore.

They're both 70 dollars. about. Pro is 74 USD

Oh it's one of those regional things - Amazon.ca doesn't seem to have the Pro model. (Or I'm blind.)
https://www.amazon.com/TP-Link-AX3000-Archer-AX55-Pro/dp/B0BTD7V93F/

https://www.amazon.com/Netgear-Nighthawk-6-Stream-RAX45-100NAS-Renewed/dp/B0C11YQBLT/

This is the one I have now

https://cdn.discordapp.com/attachments/834558873398411335/1405453694736011345/20250814_002923.jpg

https://cdn.discordapp.com/attachments/387022787480387605/1357499485466398720/20250403_163748.jpg

Would you believe I accidentally bought a second one?

It's supposed to support 2.5Gb on at least two ports, and the ethernet cable they included is only Cat5e...I'm gonna assume it only qualifies for that speed because it's so short

Cat 5e can do 10gig

I would really not wanna run it longer than a few meters but it can do it

I've managed to get it mounted, I followed your terminal command along with a hell alot of goggling, been up all night.... and I have it!

Now I dumping all of the data to drives, I tell you what, that nas is a piece of something. One of the common problems with terramaster nas drives is the sata interface, they fail regularly it turns put and they don't stock replacements. Im going down a £20 desktop PC with red hat/software based raid next time. Sod that proprietary stuff

Heyo. Any ideas if Hetzner allows loadtesting a service at another hosting provider like OVH, with tools like WRK?

"Oh but the router overheats so I had to strap an extra fan to it"
"No, no support for custom DNS"
"Port-forwarding is confusing and doesn't appear to work"
"The UI crashes on change and goes down for two minutes"
"No WPA3 support ever, go buy a new one"
"Roaming means paying for their mesh setup"
"The new one has a subscription model"
"Yes it's the 420XL 9999mbps but there's a rev2 and rev3 and rev3 takes away half the RAM and adds broadcom chips so you can't ditch the terrible firmware and go OpenWRT"

Every vendor seems to have their own bullshit

Hence why whenever I can go Mikrotik I do and now I'm finally approaching gigabit+ network speeds Mikrotik still has no home offering for I am struggling for good options

Possibly something like the banana pi offerings

Hi, so i have an internet router that is pretty old and supports 2.4ghz bandwidth and i want to install a 5ghz router but my isp says that it is only available for people who have net speed over 50 or 60 mbps and i have the 20 mbps internet so they wouldn’t install it so is there a way that i can replace my router on my own i dont have much knowledge abt this

accesspoint or router which you can switch to repeater/accesspoint mode. though unless you want faster local bandwidth i doubt it will help make your internet feel faster

2.4ghz can supply more than 20mbps, so you wouldn't see any difference

it's honestly criminal that you only have 20mbps in this day and age

does anyone know what this is
i havent downloaded anything recently

i just got home from vacation bruh

A trojan

Either new hashes from a previous download or something changed likely

how is this network equipment related?

It's always DNS

true

Yeah I think disabling the TCP/IP stack on their computer should help

Appears to be something that Windows Defender has identified as being a Trojan malware program.

https://tenor.com/view/jgmm-cat-meme-ragebait-cat-think-cat-ponder-gif-7034802297606826390

oh really

i got it out dw

I mean, you asked... 🤷 glad you managed to get it sorted though.

It seems that some hardware control driver recently got marked as a trojan

It broke fan control's latest update since it used that driver iirc

You haven’t taken my suggestion of a ccr2004??!!!

lol

i booked a room in my uni for studying
found an ethernet cable on the floor thats connected to the walls, im pretty sure that was ment for the small pc thats for the tv but i plugged it into my personal laptop instead lol. the speed was 1gbps
(student wifi was 300mbps)

Someone does not know what 802.1x is

I think it's a great one!
However: money

I'm sure you can appreciate my present situation

I was considering an immediate replacement for the hEX but since I've backburnered it considering how close to optimal gigabit I can get as it is

Though with my company paying for my internet, check back with me when the new multigig plans drop as I may not be able to resist buying something for the novelty of it

Multigig internet. In Australia. This was not in the prophecies.

It'll be a great laugh considering my large enterprise (5-20k computers) customers I support in region already often have slower internet in their offices than I do in Nowhere, NSW

The politicisation of high internet speeds was amongst the worst policies ever by our former govt and we still have a long way to go towards fixing that

It has been for about 24 months (publicly)

Not concretely

FYI it is Defender claiming false positive for WinRing part of FanControl https://github.com/Rem0o/FanControl.Releases/issues/3410

100% due to crowdstrike

people are developing really weird stuff https://github.com/bijomaru78/eccm

Whence I get home I finna be setting up some web services with nginx

I wanna open jellyfin to my family so they can watch dank media

i kinda like that, it would be useful for industrial

tp link extender dont connect with eather net nbrah

Why different wifi when you have what looks to be usable wifi?

@tepid hamlet

As much as I love blaming Crowdstrike, that is obviously Defender

Ethernet is more stable than WiFi

My wireless wifi rn has massive packet loss

connecting via ethernet cable to wifi extender is wifi with extra steps

fix this first

How

Yea but it’s like really close to the router, also did this same setup earlier with AT&T and connected the extender Ethernet to my pc and it ran smooth like butter

My situation is my WiFi router is college provided

But it don’t have a Ethernet port so I gotta use something else to get stable connection

When I trouble shoot it it say the default gateway is not available

check dhcp settings, you might not even be getting IP assigned

It's still WiFi

You will not achieve greater stability than just using a decent wireless card in nearly all situations

Oopsies I set it to automatic

Doesn’t say unidentified network but still says no internet

Im just making assumptions with my past experiences

The other WiFi extender made it better

So I assume this would do the same

sometimes wireless extenders do wierd dhcp fuckery
just use regular wifi card

This ?

Intel AX210's are pretty good

They do have newer ones out now though for WiFi 7

I think so

what motherboard do you have, you might have a slot for it already

Just remember the golden rules of WiFi cards:

• Intel
• Only Intel
• Never not Intel

They aren't even pricy

its just OEM's that cheap out and go with realtek or mediatek

yea i got one already

do i just buy antenna's

i think the wifi card might be my problem tho

my bluetooth stutters alot

cuts in an out

but still i'd like to atleast get my ethernet working before i try anything else

i didn't spend 200+ just to give up on it:(

Do you not currently have antennas plugged in? There should be two antennas connected to these two jacks if you're using the built-in WiFi on the motherboard

im using a router

unless u mean i NEED antennas plugged in

for it to be good

me: Buys ASUS laptop.
Opens new laptop.
replaces wifi card with intel card

yes

Yes, WiFi adapters do need their antennas for it to perform well.

as a former RF engineer that hurt me to my soul

It doesn't help that RF finds a way because everything is an antenna if you try hard enough. This isn't the first time I've seen this happen because of that. It'll work enough to connect so people won't realize something is wrong

(okay maybe not everything everything, but y'know what I mean)

actually a really huge issue in the grand scheme of things.

Yes, you need antennas for WiFi to be good. Your motherboard would have come with antenna's in the box.

we have cell phones littering everything now, pretty much

i got a pre made

and i got it 4 yrs ago

Then the seller should have included the antenna's. If they didn't, you got scammed.

oh well bra

you can also just buy antennas anywhere

Just to confirm, you do have that pair of jacks without anything connected to them? Some OEM prebuilts might use internal antennas instead

yea nothing is plugged into them

how i check if they got internal antenna

If you have those ports, it's not internal

By any chance did you save the accessories box that came with the prebuilt?

no

its fine they only cost 6 dollars

I recommend getting a set with some leads so the antennas can be placed away from the PC case. Though depending on how close you are to your router, you might not need that

the router is right above my pc mounted on a wall

Oh. I mean, you might as well use an Ethernet cable at that point but that's up to you

nah it college wifi

its connected to the wall with no other ports

Ah

Just make sure to get a 2.4/5GHz(/6GHz if WiFi 6E/7) antenna and don't get something big. Given your distance to the router, bigger/higher gain will primarily increase noise and just make it worse

r these fine

Is your adapter WiFi 6E/7? It will still work on WiFi 6 (or earlier), but it will be very slightly worse than a dual-band antenna

uh how do i check

802.11ac

fuck it brah im just upgrading my wifi card

it comes with antenna's anyways

wifi5

Defender is doing it due to Microsoft closing down harder on some of their more funky drivers fan control and open RGB and UXTU uses due to how fucked your computer can get and the amount of issues some of those drivers have

Well it's still not Crowdstrike lol

unless you want to make a 5GHz AP from it. Then never Intel

If you want an AP, buy an actual AP

The issue is that ArcticWolf has identified this driver in the wild being used in malware because it's trusted and vulnerable and Microsoft uses that intel to inform its malware detection

( https://bugzilla.kernel.org/show_bug.cgi?id=206469#c2 to be exact )

Dam

it's because of CVE https://support.microsoft.com/en-us/windows/microsoft-defender-antivirus-alert-vulnerabledriver-winnt-winring0-eb057830-d77b-41a2-9a34-015a5d203c42

https://nvd.nist.gov/vuln/detail/CVE-2020-14979

Looks like something stupid in country select to me IMO

International AP broadcast regulation compliance is a sucky mess

no, the driver/HW doesn't support it. It is literally mentioned on Kernel page https://wireless.docs.kernel.org/en/latest/en/users/drivers/iwlwifi.html

AP mode on 2.4GHz (on devices driven by iwlmvm, note no 5GHz AP support due to LAR

Guess what LAR is

you can't disable it by changing country. It is disabled globally, no matter what country you select.

I get that

It's easier to not trust the user because US law requires you not to for US products

It's very annoying when you do not live in that country

Otherwise intel has to ship a US SKU/driver for US use

Easier to just not allow it and immediately be compliant everywhere

6ghz is going to be incredibly fun considering the US is considering selling off the 6ghz band for cellular etc.

Going to make a lot of devices illegal overnight

Ah. It's actually passed

Even better...

I'm gonna be optimistic that there's some other band in the range (1.3-10.5GHz) that they're willing to reallocate before getting to U-NII bands, but it does feel like the writing is on the wall 😔

hi

there is this: "The Cruz plan could take 200 MHz or more away from the 1,200 MHz currently allocated to Wi-Fi between 5.925 and 7.125 GHz..."

Which tells me they might not take away the entire 6GHz spectrum

so you may just end up with fewer 6GHz channels

The bill states they are looking to reclaim a minimum of 800MHz. 300MHz over two years and 500MHz more over 4 years. It doesn't actually specify the 6E spectrum, just 1.3-10.5GHz not including 3.1-3.45GHz or 7.4-8.4GHz. It does specify 100MHz of that initial 300MHz should come from 3.98-4.2GHz. It also specifies 3 bands to be investigated.

(A) between 2.7 gigahertz and 2.9 gigahertz;
(B) between 4.4 gigahertz and 4.9 gigahertz; and
(C) between 7.25 gigahertz and 7.4 gigahertz; and

There is a way that 6E could survive unscathed, but it depends on the incumbents of those bands

I imagine cell providers would much rather have the lower bands in question too

U-NII spectrum would just unfortunately be the backup plan

does anybody have experience with the mikrotik cAP ax? We just moved in a new house and i am probably going all in for mikrotik, since i am studiying computer science and i think it would be a great way to learn and to experiment even more with my homelab. I will get two of those acces points and im choosing between these two routers(since they are the same price??).
RB4011iGS+RM and RB5009UG+S+IN. I am going to be putting in one of these switches also. CSS318-16G-2S+IN. I have narrowed it down to this and i hope that i did it atleast half correctly 😅 . All of these will be run outside the homelab and will be just used for the house.
TLDR: opinion on: mikrotik cAP ax?,
choosing between RB4011iGS+RM and RB5009UG+S+IN.

What kind of connections are available to you for WAN?

1g/300mbps at the moment

Go the RB5009 to future proof any expansion your provider may offer since you should be able to get a copper module for the SFP+ cheaply.

Great! thank you!

is the setup overkill? i dont think so but some of my friends do heh

How long is a piece of string?

Is it overkill? probably. What's wrong with that?

Fair point i can call it futureproofing and call it a day 🙂

I don't know what sort of thing you're doing. Honestly my home network is overkill for me as well, but it did give me the ability to VLAN off a couple of HDMI IP bridges for my CCTV. Everyone's different and has different use cases.

Also if I remember right you can run lightweight docker containers on the RB5009 if you slap a bit of storage at it.

For wifi: i am planing to have all of it under 2 ssid. Home_2.4 and home 5g. I am planning to put multiple passwords on the wifi that then puts you into multiple VLANS which are routed trough the whole network, for example guest and IOT and Home. I want to speed limit some of the vlans and i want to put all of the new devices connected to the switch or to the router directly to have acces only to the routers admin pannel and internet not the LAN. And anotherVlan just for homelab haha.

something like this

Yeah you will want the extra power in the RB5009 if you're looking to speed limit VLANS. If you start using queues to do it this will bog the cpu down heavily as I Dont think you can fast path it.

Are the already installed wifi cards in my motherboard good enough

Or should I use the one I bought

What category would I need to lay about 3 meters of ethernet cable that can do 2.5Gb?

most likely

cat5e or better

3m is very short

and 2.5g is very not fast

Thanks for sharing

I'm like 1.5 meters and people say I'm tall

who is telling you that 1.5m is tall?

Probably someone who is lying

I think I'm normal height at best

far below average at 1.5m

damn

average height for a male globally is 1.71m

Just looked it up, I'm 1.75 meters

Doesn't help that Asia has so many people...

For RB4011 vs RB5009... review the block diagrams and determine if the RB4011's architecture bothers you. RB5009 is comparatively less complicated

Mikrotik's WiFi 6 products are... messier... to configure than their older ones. I've used products sharing architecture with the cAP AX^2 and while they definitely did the job and having Mikrotik flexibility on my AP is always nice I found them annoying to work with

Once set up they gave me no problems

Cat5e or above

I will Thank you!

messier? as far as i understood i could use capsman to set them up? i have no problems with the terminal just asking heh 😅

No my issue with their WiFi 6 implementation is more that they broke their own conventions on it and unless you know exactly how to get what you want you get zero feedback and it just doesn't work

oof im going to have fun figuring it out then

also i have descided to go for the RB5009, im going to order it all soon. Thanks for the help 🙂

Have fun

Thanks! wil update hehe

been looking at mikrotiks recently. anything specific that i should look out for?

Oh for the most part I think they're great and I use them for my stuff

That said, the block diagrams are something you should be looking at

they actually warned us about that one in school interestingly enough

I actually want to see if i understand correctly. So in the hEX S its bad because you have 1/2gig split between all of the ports even though they are all gigabit. and in the 5009 its good because you have 8 ethernet ports and 10gig full duplex so if you arent using the SFP you get mirrored gigabit to all ports?

The hEX S is a device of multiple caveats

A notable one is that the CPU's not capable of gigabit speeds unless you go full FastTrack+Path and give up on a bunch of features, and then it gets you... nearly gigabit simplex

I honestly don't think you're getting full duplex gigabit out of it anyways if you're using it to route?

No clue in my apartment im running it and i have internet speeds from the isp 300/50 so its good enough heh 😅. But when i try to transfer stuff between my computers it slows down quite a bit(wired). Im still happy to have it its miles better than the ISP provided one.

In that case you're probably not benefitting from switching when you should

Slow Path only nets you about 250mbps

what am i doing wrong? just got it rescently and haven't done much to it other then the basics heh

You're probably making two mistakes if you made a config from scratch

The first: You may have hardware offload configured for a different bridge than your "LAN" if computers are genuinely encountering bottlenecks tied to the CPU because otherwise it shouldn't be going through the CPU at all

The second: You likely forgot to enable fastpath and fasttrack

hmm will check

from this i would guess i dont have fastpath enabled?

ip settings get/set allow-fast-path

fasttrack is an action on firewall rules

Bridge hardware offload is a setting on your bridge ports and can be configured for members of exactly one bridge on the device

That covers L2/L3 reasons why traffic would run into CPU performance problems

Admittedly, if you mean in a single subnet, fasttrack won't help you because it will only bridge, but fast path will provide signficant benefit if you can't get hardware acceleration working on the bridge

great! i will do it as soon as i can 🙂

yeaa i for now have only one subnet heh i am keeping it simple here 🙂

the software sucks

Half the Discord here will cry about you mentioning them because it's neither aesthetically pleasing nor Cisco iOS

Most of their complaints are based on somewhat outdated information about their options for configuring them now

That said...

• Wave2(WiFi 6 support in general) is still as I warned before, kinda bolted on and not great to configure from scratch, use quick set (their basic configuration tool on the top of every graphical UI option) unless you're willing to experiment a lot. WiFi 7's not happening for a good while from now.
• Their scripting language is terrible, consider using their REST API for anything beyond the basics. I've used it extensively (including code generation) and know all the tricks and still hate it

If you don't write scripts that aren't just config command and keep in mind the former there's nothing like it at the price point for flexibility

Once upon a time Mikrotik had Lua scripting (not my favourite language but at least it's functional and reasonably well understood) but then they had to go ruin it and invent a shell scripting language of their own

Where my cyber security boys at

https://tenor.com/view/cat-gif-27111796

probably busy doing cyber security

Yeah we lock 'em up in the utility cupboards after the day's done so they don't get lost

Hello, I have a question about ipv6 and how to disable it via my router?

I have OpenWRT installed on Router 1
I have T-Mobile 5G Home Internet for Router 2

My PC is connected via LAN to OpenWRT
My PC is connected via Wi-Fi to T-Mobile

I have IPV6 disabled in OpenWRT on all devices, but it is still assigned IPV6 to the LAN port.

What am I doing wrong?

Apparently it's a local IP issue.... nvm am stupid

"
Every device on the network has an IPv6 link-local address, it's self-assigned.

If you turn IPv6 off on the router it means that the router won't advertise a globally routable prefix to the clients, i.e. they cannot reach the global IPv6 internet. On the local network IPv6 is used by many protocols, that's normal."

Out of curiosity why are you disabling

https://www.picussecurity.com/resource/blog/cve-2024-38063-remote-kernel-exploitation-via-ipv6-in-windows

old but gold

na i suspect it might just be due to security, no devices or things they do need it so why bother having it on if it only ever runs the risk of issues

Well for one a time will come where services you use on the internet actually require it

You can also deal with remote exploitation of IPv6 issues by just... using a stateful firewall and blocking incoming requests

Hopefully I’m 6 feet under by then

Oh come on - it's not that bad lol

Meanwhile IPv4's not getting any better

already some stuff i wanna use but cant really enable ipv6

Idk, I just don't like it... also for whatever reason could be placebo. im pretty sure my ping is lower with ipv4

Atleast it is on Apex

I think a lot of the sites I use are lower latency on ipv6 here, it's just kinda rsndom luck

My main issue with IPv6 is just compatibility, specifically have run into issues with docker networking not working "properly" when using IPv6 (likely some things in docker images or compose configs that tie to IPv4 addresses but when IPv6 available stuff might bind to that instead of the v4 addresses... Probably other stuff but usually I'll just disable it for that reason)

Pretty sure that's mostly been an issue on Mac for whatever reason too, maybe related to Colima or rancher or something rather than docker itself but just too many networking issues not worth fixing easier to just disable it 😄

fortunately everything i have in docker just runs behind reverse proxies
i think it's moreso just docker sucking than ipv6 sucking

il just try to ask here,
im experiencing latency spikes in games everytime i load a website, video or similar
even tho im not even using 5% of my bandwith.

is this latency spike normal?
commonly goes from 22ms-120ms

for wifi

running on cable

You probably have pretty limited bandwidth then as most websites don't realy consume much

100mb/s down and up

In that case: look into Weighted Fair Queueing, CAKE, FQ-CoDel

i really wish i knew what that ment XD im no pro when it comes to networking

Research topics for you then

Probably CAKE

What you want to achieve - one way or another - is prioritisation of your game traffic over other traffic types

for some reason u talking about "weighted and queueing"
made me think of my antivirus which has webbrowser protection

i tried changed its setting from moderate to low and suddently i do not have this problem at all anymore.
Kaspersky really messes up my connection that hard?

(and yes i know alot of ppl really dislike kaspersky)

If your problems are solved so easily, sure

"Dislike" is really not the correct term
"Consider as a potential weapon to be used by Russia in war" is closer

depends on where its coming from, you could try this test on different PCs connected via Ethernet to see if its specific to a single computer/software config

thanks il give this a try straight away

The tools I mentioned earlier are some of the tools addressed on that site

It does a better job of explaining by far though lol

big thanks m8,
it really doesnt seem like it was bufferbloat and it actually was kaspersky's Webbrowser protection

big thanks for helping me tho peeps if i ever have similar struggles i now know more ❤️

apparently the bufferbloat website is blocked. but warship was running on a 6 hour delay for some reason and didn't delete the message until now

just google "what can i do about bufferbloat" for other people reading that didn't see the link originally

all links are down

When will they be back

wait

is that a gif you have local?

xd

yea local gifs work

Nice

Can someone give me the K I S S explanation about PXE Booting and why it may or may not allow things like hard drive serials or HWInfo to work correctly?

That's the easy way to understand it, the other way is because I am cheating in video games and trying to bypass HWID ban. lol

This is likely a topic that would be covered by the #rules

Never understood cheating in games, there's always the option of not playing/doing literally anything else... Like I enjoy gaming and I don't like to lose but if there's no chance I lose then there's no point in playing.

no one is going to help you avoid a HWID ban given it's against server and discord ToS

I figured it out, its ISCI related all it does it bypass harddrive bans.

And allow you to run undetected firmware/cheat on faceit/val. thanks though guys appreciate it

Limited by CPU file decompression? Math says I should possibly get close to 285

I know I don't need it, I'm just curious at this point 😂

could be partially that and also the overhead of packet headers

I never thought I would have 1 gig speeds out here in my area, let alone 2 gig fiber

Now I just need Xfinity to update their gateway to allow bridge mode or allow me to connect my router directly to their ONU. I really hate having to run my equipment in AP mode...

Yea

Comcast fiber. Wow.

That’s rare

even more rare, I'm an hour from Houston, 15 minutes from the nearest small town. up until this year I've been stuck with 25mbps AT&T for astronomical prices or dealing with the spotty 5G Home cellular from Verizon @ 300mbps and horrible ping/packet loss

fiber is a breath of fresh air

Fiber is such an amazing thing, especially with it being symmetrical usually

Symmetrical speeds on fiber is so nice

Went from DOCSIS 3.1 to FTTH. Awesome upgrade from my ISP

legendary

now behold the amazing power of fiber to suck worse than our previous ISP that didn't use fiber

honestly there's times I think I'd rather have 100/100 than 400/40

this peaks in the realm of 60ms download latency and 600ms upload latency

what do you think happens when I play fortnite or cs2

skill issue granted, but...

point being fiber is not inherently different from cell towers or even sattelite internet

it has equal capability to suck

no single connection offered in public plans maxes out the bandwidth of a single cable

we're just charged the overall server cost + profit + infrastructure and marketing

this,

this is what $250 looks like

per month yes

welcome to rural pennsylvania

not even unlimited wifi data, it's either 4tb or 10tb

our tv is done through this wifi

our tv buffers a lot

My ISP. This is Ethernet tbf. Still though 3 ms latency is pretty good

these are numbers

bad isp can make even DIA suck ass

try running the test in the morning as that is most uncongested time for residential connections

Don’t you love coax amplifiers and taps?

I was wondering where they were

Pretty confident that the HFC/DOCSIS network here isn’t N + 0 at the moment. Maybe it’s N + 1.

Over WiFi on my iPhone lol

Anything under like 50ms should be ok for gaming

Really good speeds

On Hybrid Fiber Coaxial/DOCSIS latency is 14-18 ms. On FTTH it’s 3-4 ms

I think HFC adds like 10 ms of latency

U7 pro max APs through a UDM Pro

That is through two walls if I’m connected to the AP I think I am

U7 Pro Max WiFi 7 I think

WiFi 7 is really nice. Pretty new still

Yeah but my iPhone 15 PM only supports 6E IIRC

Damn

The WiFi router I have is WiFi 6. Honestly plenty for my needs

It’s from my ISP though so it’s not the best

I’m not upgrading this year either I’m waiting for the iFold lol

Yeah I mean everything on my network is hard wired besides my phone and iPad. You definitely get the best latency and throughput over a cable

Yeah. I have my laptop plugged into Ethernet

Ethernet Speedtest

ethernet

Awesome latency. Really nice speeds too

Speeds tend to be better on Ethernet too so I’m not surprised

yeah thats fiber lol. Its low but its also the busy time of the evening

usually I average 900 Up and down

Ngl it’s hard for a fiber/PON network to be congested. If the ISP does a good job though.

honestly I do speed tests frequently enough that I know that it is higher in the middle of the day

I think the fiber network here is 10 gigabit symmetrical PON or XGS-PON

here is directly from the UDM

Ofc it’s not truly 10G since there’s overhead but I’d imagine it’s like 9.2 Gig

Still a good amount of capacity. My ISP in the past did say they could be going to NGPON2 which is pretty much 40 gigabit

honestly I thought about upgrading to 2.5GbE or 10GbE but I store my entire steam library locally on a lancache server. I dont really see the need for the higher speed for more money

Yeah

It’s hard for me to even use a gigabit let alone 10 gig

Pretty fun seeing this

I think there is 2.5GbE available in my neighborhood but its like almost an extra 100 a month, and, I dont believe its symmetrical

Saw Corning fiber on the ground

maybe one day 10GbE to the home will be affordable lol

lol

2 gigabit symmetrical here is like $150 a month

There is another fiber ISP that might come here next year that could offer 2 gigabit for $60 a month

I think 2.5 down and 50mbps up is like 180 here

Id rather keep 1000 U/D

meanwhile 1200/40 here is $130. DOCSHIT hate

considering I pretty much stay tailscaled back to my home network for Pihole at all times

Damn 1,200/40 is rough

Especially the upload.

anything less than 500 up is pretty doo doo imo

it gets even better, it's typically 20-30mbps

Although not terribly surprising given DOCSIS usually has a 10:1 split ratio

Maybe even less than that

we have zero competition here so we'll be waiting for a long time to get mid or high split

I think my area got mid split in like 2023

The area is waiting for DOCSIS 4.0 atp

DCOSIS 4.0 seems to have much improved upload speeds

I mean if I was a millionare I would just get the 2.5/50 plan and the 1000/1000 and run dual WANs into my UDM to have the best of both worlds

DOCSIS 4.0 is supposed to increase upstream spectrum a good amount. Like up to 204 MHz. Would be extended spectrum DOCSIS

honestly I really think fiber is the future

Yeah

the armored fiber I have ran at work before and its super strong.

As DOCSIS advances fiber will just be pushed closer to the customer

I wish they would just kill DOCSIS and RG6

3 GHz DOCSIS is not gonna be easy to do.

just direct fiber links to DCs

Shorten the coax run and maybe even add a mid-span booster

same. It's continued to be a more expensive and issue-prone technology than fiber. I get that it means they can avoid running new cabling, but it's a poor choice in the long-term

What node + 0 looks like lol

3 GHz DOCSIS will almost certainly require this

I mean fiber is litterally less work and maintenence long term. No copper to corrode in the ground, no boosters, no filters (except dB filters on the ends)

splicing the large utility coax is just as complex as splicing fiber

Yeah

DOCSIS is complex. PON is more simple

the actual fiber is cheaper than coax too. Granted I dont know the macro scale of the ISPs but I dont see how continuing development on coax based systems is cheaper than just giving everyone fiber

Also future DOCSIS upgrades will get more expensive

Like DOCSIS 5.0, etc

Like 25 Gbps over coax lmao. At that point you might as well go FTTH

Im not even talking at the end user level. Im talking the utility level

Also exactly

Now granted installing FTTH is more expensive to a cable provider

Could start running fiber to pole boxes/hand holes and then breakout to coax for the "final mile connections" until everyone eventually upgrades to fiber

Not even talking about the actual fiber. Talking like going into their home, installing the ONT, also manual labor

Also service disruption to the customer

they already go to the houses to install the coax

Upfront cost is more expensive but it’s cheaper over the long run

a couple hour disruption to upgrade the infrastructure vs nickle and diming consumers... oh wait

Nvidia must run all the ISPs in the US

The coax is often already there, and yet it still manages to cost more to the customer than fiber that was just planted. Profit margins of cable giants and subsidies to fiber skew things a little, but still it's crazy

Yeah

You know what else? PON networks consume less power than HFC networks

I think that we should just have neighborhood DCs /s

There’s no amplifiers and fiber nodes that need powering in a PON network

It’s literally just the OLT and ONT that need powering

I also found a video that you can turn a vCMTS into a PON OLT

https://www.youtube.com/live/LzY_jO5HV_0?si=8Zvm3pmbwqn5veUH

I wish verizon had a ONT module that I could plug into my UDM

I know they exist for some other carriers

other benifit of fiber, more protection from lightning strikes

(not impervious though)

I remember when a transformer blew up near my house

Cable TV and Phone went out

The fiber internet didn’t though

The ISP guy literally said the coaxial cables in the coax box was fried

so in my house I have fiber coming in going to the ONT box. Then Ethernet out. So I went ethernet to media converter then fiber from the media converter to my UDM. Just some extra piece of mind (plus its on the other side of my basement so I had to run fiber or cat6 anyways)

Also coaxial cable is definitely easier to falter

then I have fiber from my core switch out to my switch out in my garage for my cameras. Again for the lightning protection aspect.