#networking

Oh, right. I forgot you are not on fiber!

I was confused by the "copper". It took a sec. My brain is not functioning at 100%

honestly im lucky i have coax

most everyone else by me has satellite

when i first moved here my upload was 300mb 😄

that upload speed is why i hate coax

yeah, that would be tough for me. I WFM and I have to do A LOT of uploading of large data sets

I don't even work from home, but i would like to self host a VPN and Plex but my upload speed majorly limits me

often times it sits around 10-15mbps

i have 10gb fiber but its PPPOE so speeds are all over the place

Hey guys, I have a budget of $300 and need a new Router? Any recommendations for either a backhaul mesh system (cables are in place) or a standalone router?

I have become a bit partial to TP-Link. They seem to offer some solid performance to price ratio. They have a nice number of tri-band routers that would fit into your budget.

Thx! I ended up going with one of their 6E Tri-Band Mesh systems! Picking it up tomorrow. Got a good sale on it too

Definitely going to take advantage of the backhaul capabilities it has

holy shit i need to throttle my server

it is taking my entire internets bandwidth

What ISP is still doing data caps?

Good speeds for the in

#Murica 😄

Mostly Comcrap and others

I have 1GB/100 from Cox and no data cap for $70

Just have to call loyalty department to lock in a deal

Ethernet cables alone won’t solve latency issues

90ms at times while directly connected to my router

Lowest was 24ms

Nothing will fix shit hardware

Other than replacing it

cox does data caps for certain plans in certain parts of the country, but i don't have a data cap with my isp.

On a well functioning router it will

WiFi latency typically upwards of 10-20ms in my experience

satellite

you get 5GB

and then your internet is crippled into oblivion

you get "priority data," which is actually usable. then standard data, which is maybe 620kpbs

ethernet only really solves poor access point placement in my experience

i get similar latency wifi or ethernet (6ms)

my access point is also on top of my pc to be fair

Too many active channels near me to use WiFi. Ethernet works better for Plex when movies are 90 mbps

Local network yes but still a lot

If you want to get a realistic ping test, you'll need to test it under load and to a local device. If you do it during peak hours when neighbors are also online it'll be the worst case.

If you're on 2.4GHz or 5GHz, the ping will vary quite wildly. 6GHz is still quite clear and empty though. I get 100-200ms on 2.4GHz, 50-100ms on 5GHz, 6-7ms on 6GHz, and <0.1ms on ethernet.

Considering my internet latency under load is around 40ms and can get up to 100ms during peak hours, 6GHz is close enough to ethernet to not make enough of a difference to me. 2.4/5GHz though would add noticeable latency

ah that would explain it

Would it worth messing around with https://iperf.fr

most places im in at my house are able to transfer wifi 6

wifi 6 is 802.11ax, which operates on all 3 bands. It's referred to as 6E for 6GHz specifically

i meant the 6ghz band

funny enough, years ago when i worked for a company that did a lot of radio stuff (I did DSP there,) it was a big deal for RTT and ACK timouts for wifi

i have not had enough coffee yet

that all added considerable latency, which was kind of a function of distance from the transmitter and other stuff.

I believe now latency is roughly a function of how many OFDMA resource units are requested against the average channel utilization. 802.11ax's introduction of OFDMA has really helped reduce the effects of congestion. Previously a device would always have to waste the whole band when they broadcast

WiFi 6 only operates on 2.4 and 5, 6GHz came late to the party along with a couple other features so 6E was introduced a bit later. It's part of the spec but if you only have a WiFi 6 device you don't have 6GHz support but if you have a 6E device then you do

Thankfully WiFi 7 clears that up...
checks notes
nvm, 7 doesn't require 6GHz support either
yay flexible standards 🙂

I said 802.11ax operates all three bands. Which is what WiFi 6 is. WiFi 6E is still WiFi 6 in other words.

But that's the confusion, 6 and 6E are "different" implementations and chipsets

I know what you're saying, and 6E is an 802.11ax extension

I have the 802.11ax-2021 standard open right now. It is all the same in the eyes of the standard. It's not an 802.11ax extension. Only the WiFi alliance has differentiated it. Different chipsets will have an upgraded RF frontend, but the guts of the 802.11ax implementation remains the same

WiFi 6E is an 802.11ax extension, to add 6GHz support

No it isn't. 802.11ax includes 6GHz capabilties. WiFi 6E is a device certification, not an extension to the 802.11ax standard

try testing to a local device as that's what I'm talking about

That removes the internet from the equation

This is the general description of 802.11ax if you don't believe me

802.11ax-2021 is not the 2018 version which is 802.11ax and when it was released originally

Did you think IEEE doesn't publish records? The original 2017 request included 6GHz:
https://development.standards.ieee.org/myproject-web/public/view.html#pardetail/6202

5.2b change Frequency from 6 GHZ to 7.125 GHz due to new band.

It's just an optional feature that the WiFi alliance chose to differentiate with their certifications

https://ieeexplore.ieee.org/document/8424259

Also seen in the first published draft

https://www.youtube.com/watch?v=j9DIlgvKBTk

👀

I bought the slate 3 because of ltt… the transition was not smooth with xfinity…

"Slate 3"? And if this is a networking device... yeah, Comcast could make it easier to use your own gear.

GL.inet

Ahhh I couldn't find anything by the name of "Slate 3" from them. I do see the Flint 3 though.

Anywho, let me guess: you had to deal with bridging the xFinity modem / router combo potato?

Sorry flint 3. Yeah. I turned the gateway into bridge mode and for the first ten minutes, there wasn’t any internet. And then I restart the modem from the app, and five minutes later that solved the problem.

And then I learnt SSID is case sensitive so I renamed the SSID. And now it’s working and so far so good. Will try the wireguard feature when I’m away from home.

OK, got set up with WOW Internet 3G today. The only reason for 3G is because it was slightly cheaper than my current 1G with AT&T and I get a locked in forever price.
So far, I am NOT liking the eero Max 7 router that comes with the service. It's tri-band but you cannot seperate the bands out into different SSIDs. All of my devices keep "choosing" the 2.4 frequency even though they can do 5Mghz.
Anyone have any advice on how to leverage the 5Mghz band?

Just to ensure we're talking about the same thing... by 1G and 3G I presume you mean 1gigabit and 3gigabit internet. (1G and 3G are cellular network generations, hence why I ask.) Also, I presume you mean 2.4 GHz and 5 GHz when referring to SSIDs from the Eero system. (5Mghz isn't a frequency measurement.)

Assuming my presumptions are correct, 1) nice speed upgrade!, and 2) if the Eero doesn't outright support separating the 2.4 GHz and 5 GHz bands, you might be stuck with their process to temporarily hide the 5 GHz band. (Or you could replace the Eero hardware with stuff that let's you do what you need to.)
https://support.eero.com/hc/en-us/articles/360049983772-How-Do-I-Temporarily-Hide-the-5GHz-Band-on-My-eero-Network
https://support.eero.com/hc/en-us/articles/115005497223-Can-I-set-my-eeros-to-use-the-2-4-or-5-GHz-frequency

yes, sorry. 1gigabit and 3gigabit

kk just making sure so I can provide useful information. 🙂

And I do NOT want to hide the 5GHz frequency. I want to use it. Especially on my computers and phone.

Yeah I get that. Unfortunately, you may have to replace the Eero hardware. For the record, it really is up to each and every single device manufacturer to decide which frequency band is "best" depending on a wide variety of factors.

This is the nature of WiFi. You can read all about it here: https://wiisfi.com/

looks like I need to get on running that Cat 6 cable to my office.

• 2.4 GHz is longer range and goes through objects better than 5 GHz, but is slower.
• 5 GHz is shorter range and does not go through objects that well, but can be faster.

yep. My home isn't very big and I capture 5 GHz signals just fine from my office.

just not with the eero

so, going to see if I can throw a switch on the 2nd 10G jack on the router and run cable to the office.

I would rather be hardwired in the office anyway

Some client devices (phones, tablets, laptops, etc.) might offer a way to "prefer" 5 GHz or even disallow 2.4 GHz connections, but that depends on the device and its software. For example, my Intel AX201 WiFi chipset lets me adjust the Roaming Aggressiveness so it's less prone to hop between bands. (However, whether or not this helps keep the adapter on one band depends entirely on how the AP is broadcasting the signal.)
https://www.intel.com/content/www/us/en/support/articles/000005546/wireless/legacy-intel-wireless-products.html

interesting! Will dig around on my devices for that.

Sounds good! Just know that if you do find a way to "lock" things to the 5 GHz band and then end up with crappy WiFi results... that will explain why your devices were preferring the 2.4 GHz band. 😉

very true

It seems logical that all devices would simply allow you to set order of priority and then switch bands based on that defined priority when they are available

cest'la vie

Ipconfig /all

Girls stop one at a time

Is it better to just have one ssid and let the device decide what’s best for them ?

Don't know if this counts as a "tech-support question",

Does anyone know any reliable gigabit capable routers that won't kill themselves or start randomly misbehaving and dropping out after 3 weeks (lol), in the ~$90-~$110 range, preferably not too niche, kinda need them to be available in a physical store xd

What router do you have now ?

WiFi or Ethernet for your devices?

Also the vast majority of gigabit routers don't do that

Is there a reason why switches come in 1 gigabit, 2.5 gigabit, and 10 gigabit, but not a 5 gigabit?

5gigabit dumb

the answer is switch chips usually support 1/2.5/10 gigabit

dumb, yet it's an option offered by ISPs. Or in my case: 3gig. Which is also stupid. I figured that 5 would make the most sense rather than 2.5.
So, we're just on a merry-go-round of stupid now.

welcome to the world of advertising

a 5g switch would likely be more expensive than a 10g switch

100meg/1/2.5/5/10 or nBase-T is what you want

Most new switches that have 10G-BaseT support usually have 2.5 and 5 built in

Seems tough to get that info. Just walking through Netgear's products and I don't see anything written up that way. Advertised as only 10gig or 2.5

Link me a 10g switch

Been a while but the 10g should be nBase-T

https://www.netgear.com/business/wired/switches/unmanaged/xs508m/
https://www.netgear.com/business/wired/switches/unmanaged/xs505m/
Netgear's site sucks 😄

yeah, those scale all the way up to 10gig, which puts it outside the bounds of the average budget.
I guess what I was referring to was a 10g SFP with multiple 1/2.5/5 g ports.
Point being, ISPs offer up to 5g speeds at the residential level, yet there seems to be a gap in gear available unless you overshoot all the way up to 10G.

Not that it makes a ton of material difference in the end, but it's nice to feel like one can leverage the internet speed that they are paying for without having to purchase gear that far overshoots their needs.

First world problems, here.

I will probably just end up going with something like this https://www.netgear.com/business/wired/switches/unmanaged/ms305/

And just leave a little speed that I pay for on the table.

a 5g switch would likely be more expensive than a 10g switch

and 2.5g to 10g isn’t that big of a jump

2.5g is already more than a single consumer could even use

quite possibly.
It's simply a value for your money game.

when you can get a 10g switch for less money, the value proposition for a 5g switch is nonexistent

I guess.
10g switches aren't exactly affordable, though.
I found that I could get a Trendnet TEG-S5061 ($77 usd) + an SFP + RJ45 adapter ($35 usd). That is a 1/3 the cost of a 10g switch. If I have 3gigabit fiber service, then I can at least leverage most of the speed I am paying for for $115.
I think I am figuring this right.

Networking is an odd game.

There's also no guarantee that if you do pay for 3 gig, you won't always get 3 gig.

At least thats been my experience so far

I mean, I get that. But I have to trust, to seem degree, that what my router is reading is the speed going to it from the ONT is fairly accurate.

My speed varies (sometimes significantly) hour by hour

with fiber??

Usually ~700MB to 1gig

Coax, but I doubt fiber is any different

it should be. That is kind of the whole point of it.

Current meta is buying them from AliExpress, they are 25$ for 5 port 2.5+2x 10g or 30-40 for 8port 2.5+ 2x 10g

There's very much more to this than "fiber good."

Fiber is better

But it still fluctuates. Just not as much as coax.

maybe not "fiber = good" but "fiber = better"

there is little doubt that fiber is more scalable than coax

Its shared medium, gpon has like 2.5g down and a gig up total bandwidth with 128 potential users sharing it

Its the same on coax, neighbors share part of the RF spectrum. This can influence your speeds.

And even more goes right out the window with wifi where speed is basically irrelevant

Yea but coax doesn't have nearly as much bandwidth potential

Yep, so its got a greater fluctuation.

You shouldn't see that much with fiber, but its still there.

And they alocate single precent bandwidth to upload

Idk that upload is too big of a deal for my normal user self.

So you get shit like 1g down and 10mbps up

Very true lmao

I can't buy from them. I have this mental block that everything on there comes with a high scam percentage.
I have zero to back that up with these days. But like I said: mental block.

You don’t trust or distrust Aliexpress, you trust or distrust the sellers on Aliexpress

Up to you to verify the sellers are genuine

true

What is your budget and how many ports you need?

budget is $175 usd (MAX) and 5-8 ports.

2.5g only or with 10g uplinks?

was hoping for 10g uplink since it makes sense to go from the free 10g port on the router to the switch. 2.5 on the other ports is fine.

https://store.ui.com/us/en/category/switching-utility/products/usw-flex-2-5g-8

Or https://store.ui.com/us/en/category/switching-utility/products/usw-flex-2-5g-5

why has all of my searching not brought these up?
Google is slacking on the job

I believe they can be managed but they don't have a web interface, rather it needs a ui cloud key or vm and you need to put stuff in dhcp options

I am guessing that you can use it as a "dumb" device on your network and just use it as an unmanaged switch.

Yes

Is the sg2210p a good first switch , i'm a networking student and looking for a fairly decent yet budget switch

get a used cisco switch like c1000 or c2960

things like this are low power and excelent for learning

just purchased from B&H to get free shipping. Thanks for the suggestion!

One message removed from a suspended account.

One message removed from a suspended account.

modem => internet comes through differnet means than ethernet - coax, optical etc. More often than not combined with router/AP in home router category.
router => device which takes internet and distributes it to the devices behind it. In IPv4 world it hid all the devices behind it, in IPv6 world it is less important. Often combined with AP in home router category.
AP => device through which you connect via WiFi to your home network. In home router category it is usually part of the router.
WiFi repeater => takes the AP's signal and repeats it to make WiFi singal coverage bigger

not sure how many devices are on the LAN port of that router, if it was me and it can't be replaced, then get a switch for the LAN port (so you have more than one device wired via ethernet), then get a mesh system or secondary AP, depending on how much coverage you need

One message removed from a suspended account.

what is your budet to fix this?

One message removed from a suspended account.

One message removed from a suspended account.

One message removed from a suspended account.

One message removed from a suspended account.

1st issue that i see is that old tp link
it probably only has 100mbps ports on it

One message removed from a suspended account.

if you want a drop in solution with easy setup just get deco X50 (2 pack) and a gigabit switch
one deco will be right next to your modem/ont, other on 2nd floor
kpn experia box can be removed and a rj45 coupler installed

One message removed from a suspended account.

Anyone good on routers and not beeing able to acces homepages?

Yes. there's no reason to split 2.4 ghz and 5 ghz into different SSIDs unless you have really bad coverage and are trying to override it

Actually helps if you're trying to segregate the network into shitty iOt devices and regular devices. Makes it super easy to VLAN it off

Also when you're in an area that's overloaded with Wi-Fi, you can ensure your devices are on a clean channel with 5GHz in an apartment building vs 2GHz

And that can have insane implications on speed.

You can go from unable to stteam 480p Jellyfin on a local network to streaming 4k on a local network.

ISPs should be ripped a new asshole for unnecessarily overcrowding the WiFi spectrum. People only buying 150Mbps should NOT be on a 80MHz channel unless they are doing local servers. I highly doubt every single customer is so a 20MHz channel is plenty!

in my experience most IoT devices don't support 5 ghz, so it doesn't end up mattering, especially in a home setting where you aren't gonna have hundreds of devices

Exactly why segregating those off to a dedicated 2.4GHz network is helpful

wat? if your iot devices dont support 5 ghz then making the 2.4 ghz a separate ssid does exactly nothing

Devices unfortunately will choose 2GHz over 5GHz sometimes. And that leads to shit performance

It does have benefits

i havent ever seen that unless you have bad coverage

Even low signal 5GHz, if a clean channel, is far better than during signal crowded 2GHz.

So sometimes, the device will choose 2GHz simply because it's a stronger signal. Even despite the clean 5GHz weaker signal delivering substantially better throughout

sometimes, but with how cheap mesh systems are today it sometimes is easier to just actually make your house have good wifi coverage

Please stop preaching mesh. You sound like an ISP

This is exactly what I was talking about

Leveling Linus house with Wi-Fi gave him absolute trash WiFi performance. And this is exactly what ISPs have been doing instead of actually configuring WiFi correctly!

If no one calls them out, they won't change and get smarter.

Even changing to 40MHz channels on 5GHz would help with the overcrowded situation. Also, lowering the power within substantially help! You don't need to blast Every person at 100% WiFi power! That actually causes your devices to use more battery as well.

My current WiFi is at 30% power. I still copy files at over 1Gbps on 5ghz in my entire house. Absolutely zero reason for putting it at 100% power and interfering the neighbors.

Just use copper

Problem solved

What is the benefit of having separate VLAN for iot and is it worth it for average joe ?

If you are asking that question, you are not the average joe

petition to ban wireless mesh systems in homes

I hate their existence because people that don't know shit at all always buy them

You don't need 3 APs in your 120sqm house

I have one U6-lite in the house and the property is quite large, the connection just drops out at the gate, so the whole driveway/front yard is covered and the backyard aswell

Doesn't quite reach the garden and I'd like it to extend out the front a little more so at some point I'll probably chuck a U7 outdoor on either side of the house or something

Failed chip from Mediatek on my Asus motherboard ( Asus Tuf Gaming B550M Plus Wifi II) 😭🤧

It's the model MT7921, as I searched information through reddit & forums, this model in concrete is considered one of the worst products from Mediatek due to his huge failure in a lapse of 1 year or less, as own experience, problems started in less than a year and had to inmediately remove it from my motherboard

Its just m.2 module inside, just swap it to intel ax one

as @opal pagoda said, you can either replace the module inside, or just plug in the M.2 key A/E card in the slot directly

finally got my locally hosted tailscale working.
i can finally close up the bazillion port i have open (gaping security risk)

that and i can only access my server's SMB share and not both it and my pc since windows can't change SMB port which this solves

also no longer need to jankly route RDP to PC via server's nginx since i can't have both it and the server be on 3389

I'm planning that, soon is my birthday, if everything goes fine and I get a little bit of money I'll buy a module

Intel AX200 or AX210, depending on how much they're going to give me 😂

nice i just closed my ports for immich and emby this week

i love routing on https!

only got 443 open now too

i have both 443 and 80

for http and https

you just do a 301 redirect of all http traffic to 443

though in this case i use cloudflare's redirection

so i don't need 80 open at all

no reason to

it's a pain setting it up but it's all worth it in the end lol

i may have to consider that

im still quite new to all this but it has been fun optimizing my truenas server

finally i can use VBAN over the internet

i add a ztna auth to everything that can handle it

for auth
cloudflare take the wheel

well i dont trust it fully so i have 2 auths

one cf, one mine

Mines started giving me BSOD errors even though I legit just got the laptop a few months before. Brand new HP Elitebook G11 work laptop. Had to throw that piece of shit away for an Intel AX212 chip. Not a fan of Mediatek. Even less of a fan of Realtek when it comes to wifi. Intel is absolute King when it comes to wifi adapters.

intel the wifi goat

🙂 Absolutely. They not only make it easy to get drivers, but when they claim a chip is actually an 802.11AX adapter, they mean it, unlike Realtek especially. There are Realtek adapters out there claiming to be AX, yet when you go into the advanced properties tab for it in device manager, its utterly devoid of anything you'll expect to see.

Realtek is by far the worst of the bunch. They are ok when it comes to ethernet though at least.

is this open to the internet

Read what was said, or try visiting it yourself. ||Yes it is||

Your redirect rule is setup wrong

oh shit yes

and the headscale admin UI is up

If you go to http://purinnyova.com it'll redirect incorrectly to http://purinnyova.com/www.purinnyova.com

and analyzing the fileserver request the username and password can easily be bruteforced

It will do the same on https aswell

tbh just have the site on apex

also I'd advise against having direct links to things on the status page

that are open to the internet. Please close your stuff

close your internal services?

they're web services proxied through CloudFlare

learn something before yapping

I'm not that dumb, but you can access the services with barely any authentication

which isn't good obviously

the things that need auth have auth

very poor auth that is

What drugs are you on

I always have ztna challenge before granting access to another login portal

the post request for the fileserver is just this:
{"username":"test","password":"test","recaptcha":""}

anyone could brute force that with burp or even curl

because that's how a post request for a login works? Idk what you expect.... All the work is done on the backend

no capchas or 2fa...

Fail2ban will ban you from brute forcing

oh, alright

how would you know there's no 2fa? You ain't logged in

this is some basic user's hobby stuff not a company or government

I have seen worse

I wouldn't feel safe with this but yeah

Paranoia

fair

Been doing this shit for nearing 10 years

Never had a problem with just having something open

I ain't a target

I don't like that

I would be happy if CloudFlare allowed proxying of non-web stuff, but I'm not very worried

You can but end device need to have cf client

Warp

Not the kind of proxying I mean

Unless I'm misunderstanding it, you need to be connected to warp to connect to the things behind cloudflared

Oh yeah that's literally what you said, sorry I'm tired

My main concern there is if I set it all up and then disable normal access in the firewall.... What if cloudflared stops working? I don't have physical access to the servers

I'd have to use ovh's painful KVM to log in and enable it again

I have dual access
1st is over cf and 2nd is over tailscale

With tailscale you need to configure key to last forever, otherwise it will stop working after 3 months from what i remember

Oh and how do I allow other servers to connect? Does running cloudflared on them just allow that?

Yea
If cloudflares is configured on one device in a subnet you can configure it to access anything in that subnet or even others if route exists

That's intentional
I want to redirect apex to www

Yes but read what I said. It's done incorrectly and doesn't work

Huh

It works just fine
My friends tested it too earlier (first time accessing so no cache either)

Odd

go directly to https://purinnyova.com, it'll redirect to https://purinnyova.com/www.purinnyova.com instead of https://www.purinnyova.com

Because the rule is setup wrong

bruh the fuck did i fuck this time

oh

i accidentally ticked preserve query string

Now I'm getting error 525, ssl handshake failed

still redirecting to the wrong thingy

Let the cache reset

ah fuck the cloudflare rule
i'll just redirect with nginx

can you see if it is fixed

It's even more broken now

what does it say now

It now redirects to https://www.purinnyova.com/www.purinnyova.com and shows an nginx 404 page

You're doing something very wrong and idek how

Go back to the CloudFlare rule and just stop having a skill issue

how about now

what tool can i use to test this shit without local DNS cache gaslighting me

you need the API key to actually access stuff

or else you'd just see settings

Screenshot the CloudFlare rule please

there is none
i just set apex dns record to direct to my IP (proxied)
then in nginx rule for that
return 301 https://www.purinnyova.com;

Well something is screwing it up and adding the bit to the end

there shouldn't be anything left to possibly do that

The actual redirect seems to work so it might be in the site itself somehow

The site itself is just serving an html file
As basic as it gets

i like to redirect people to https://http.cat/ status code

Try short.purinnyova.com @opal pagoda

DNS issue

Well when I curl https://purinnyova.com it's redirect says https://www.purinnyova.com and nothing else, so something after is making it https://www.purinnyova.com/www.purinnyova.com

DNS cache?

this isn't DNS

Let me ask my friend to test it

it works now, redirects to yt

didn't change anything

prob takes a bit to propagate

it's been set months ago

Ok weird I opened up chrome on my phone (I don't use it normally) and went to purinnyova.com and it redirected and worked

fucking weird

Yep now it's just working

I'm gonna guess the CloudFlare rule you originally had just hadn't updated fully yet

i havent changed anything since this message

so i guess

yep I blame the CloudFlare rule taking a while to update lol

its 5 minute revalidation

DNS is not rules

rules should be separate

Rules are basically the equivalent of the nginx redirect you just did but on a CloudFlare server

I don't have my ssh key USB on me so I just typed two long ass commands manually through the proxmox VM terminal (can't paste in it for whatever reason) to add the cloudflared repo

i just used command that is displayed in cf one

yeah no shit... you can't just do that on a server

https://i.madzahttr.com/gTSntak1i0QhYtiV63fqqf8P9dyNthsg

oh god I have to type the key manually

maybe I'll just temporarily edit the ssh config to allow passwords

the documentation references pages that have entirely changed

maybe I'm an idiot but I can't get this to work at all

it was having a fit over TLS stuff to localhost

that still doesn't solve why ssh won't work

Am I mad for using windows server and psexec

Yes

How to rember a private ip vs a public ip

RFC1918 deals with most of it

Its for a cert test

Are you comfortable with subnetwork masks?

like as in the ranges that are defined to be private?

https://en.wikipedia.org/wiki/Private_network

If you're asking, you're not ready for the test. And if you pass, while not knowing that simple stuff, I feel bad for whoever certified you and hires you based on the cert

anyone with a pihole setup care to share how they have it placed in their network stack? ive tried running pihole before on an opnsense router but i had really bad performance issues accessing web pages

On a pi connected to the router, as intended

1. Connected via wire to router while on a Pi.
2. Running in a VM on a server connected via wire.
3. Connected via Wireguard to a VPS running in a container.

sorry if this is a dumb question, but do you have your router running to your docker app, then back to the router after the pihole?

Sorry I don't use Docker

But the pihole is essentially the DNS address. So your devices just go to pihole for DNS.

So no, they don't go to the router for DNS. They go to the container for DNS.

oh interesting

thats fine lol i just expected docker would be the easiesy way to run it

Docker is most common. But definitely not the only containerization tool out there, and definitely not the most secure.

Tf
It is dns, all you need is l3 connectivity to it on dns ports and l3 connectivity to quad9, cf or google dns from pihole to wan

Hi , has anyone tried making docker use router dhcp?

How do I correctly bind my dnsmasq instance in OpenWRT such that the devices get the correct local domains attached? Or should I just switch to using one dsnmasq instance since I'll be planning to link together multiple locations?

# MVP config
config dnsmasq 'lan_dns'
    option domainneeded '1'
    option localise_queries '1'
    option rebind_protection '1'
    option rebind_localhost '1'
    option local '/lan.alpha.local/'
    option domain 'lan.alpha.local'
    option expandhosts '1'
    option authoritative '1'
    option readethers '1'
    option leasefile '/tmp/dhcp.leases.lan'
    option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
    list interface 'lan'
#   list notinterface 'loopback'
    option localservice '0'
    option listenaddress '10.1.4.1'

config dhcp 'lan'
    option instance 'lan_dns'
    option interface 'lan'
    option start '100'
    option limit '150'
    option leasetime '12h'
    option domain 'lan.alpha.local'
    option force '1'

config dnsmasq 'guest_dns'
    option domainneeded '1'
    option localise_queries '1'
    option rebind_protection '1'
    option rebind_localhost '1'
    option local '/guest.alpha.local/'
    option domain 'guest.alpha.local'
    option expandhosts '1'
    option authoritative '1'
    option readethers '1'
    option leasefile '/tmp/dhcp.leases.guest'
    option resolvfile '/tmp/resolv.conf.d/resolv.conf.auto'
    list interface 'guest'
    list notinterface 'loopback'
    option localservice '0'
    option listenaddress '10.1.6.1'

config dhcp 'guest'
    option instance 'guest_dns'
    option interface 'guest'
    option start '100'
    option limit '150'
    option leasetime '12h'
    option domain 'guest.alpha.local'
    option force '1'

https://www.optica-opn.org/home/industry/2025/october/softbank_and_cisco_to_deploy_all-optical_network_in_japan/

Is there a good company that makes pure copper cat6 Ethernet cable? Trying to make my own custom length cables and trying to make sure i avoid copper coated aluminum. Might try to find braided cable

any actually cat6 spec wire has to be pure copper. otherwise it isnt cat6

@clear igloo i have never seen the utility meter be connected via Ethernet

yes
my preffered supplier is datwyler but i buy in 3km+ of cable at a time

lol interesting

God damn. Thats a lot. All i need is like 500ft at the most.

The “cat6” wire i got kept breaking some where in the wire when trying to terminate so i think it might’ve been cca. It also never specified pure copper

Cool

https://www.fierce-network.com/cloud/cisco-just-built-easy-button-edge-compute article link

Edge computing is cool tbh. I always thought processing data separate from a centralized area is a good thing

what country are you in? i could find you somewhere to buy real cat6 cable

you can always buy it from ubiquiti

dahua (security camera company) also makes/rebrands actual copper cables

Anyone here running Sophos home firewall? How are you liking it? Hows the management with sophos cloud compared to somthing like unifi? I'm looking at swapping all my UDM-Pros with Sophos XG115 V3 flashed with Sophos Home OS

Usa

insight, fs.com or monoprice
here is link to what monoprice is selling, i dont see any aluminium cables
https://www.monoprice.com/category/networking/networking-bulk-cables

Whats the difference between cat 6 and 6A?

55m max distance doing 10g vs 100m

6 is perfectly fine for home use

Longest run im going to be doing rn is like 20ft

Maybe like 35ft

yea 6 will work fine

im here to meet all the ceos

I'm interested to see how its getting power from the meter base

if its in the meter base its probably not breakered

hopefully there's an inline fuse or something?

I would hope so but you never know these days, lol

I noticed that there are RJ45 connectors that have you put the wires through a guide of sorts before being put into the full connector. Should i get one of those if im using stranded and do they require a special crimper or no?

I'm not 100% sure on stranded but they do usually require a special crimper since the crimper needs to cut the excess wires off at the end

I have a pass through crimper

then you're good

pass through plugs with a pass through crimper is all you need 🙂

Im talking about something like this in the top left where it has a guide

Not the bottom left.

oh, I've never seen that before, those look like a huge pain

I just go with these and pull the wires through

Unless they just blew out the top left for illustration purposes

My concern is the wires ending up in the wrong spot when i try to push them through the connector

That's fine, until you crimp you can redo it

From my understanding, its a separate piece to put the wires through before going in the connector

Nah, don't bother with it, just get a regular passthrough plug and feed them through that way, heck give yourself enough slack and you can do one wire at a time

It's been a while but when I used them they were pretty nice

Interesting, with the removable comb?

Not sure what you mean? That little plastic part?

yah, apparently it comes out of the plug

Or at least that's what I assume Prinz Eugen was saying

The one I used it stayed in

Let me reword, the comb comes out to feed the wires through and then stays in the plug afterwards, yes?

Yeah

Ok, cool, yah that's what I meant 🙂

I just think the removable comb to start with would be extra parts to fiddle with and add pain to the process

They were already in a separate bag and it was fairly easy to get them on. I was doing like 50 terminations so it helped a bit

When I ran out of them had to go to normal passthrough and it took me a bit longer

Oh, well that's definitely easier then if they're seperated from the start

Yeah it is, especially when the wires are slightly thicker than it was designed for

But they're great when it's the correct size

Hey guys I was just testing my LAN ethernet connections which both devices are using 1Gb NICs however it never goes above 950Mbps in iperf3 tests, what can cause this kind of overhead?

The only thing I can think of is I'm using an "older" ASUS Router/Modem with no WAN connection as a switch between devices

Ethernet overhead

It's literally overhead in the packets and is 100% expected

Can it really be that much, its fine realistically I was just curious

Yup

Interesting

If you set the MTU to jumbo frames like 9000 it will be lower overhead and be around 990Mbps or so

I can't remember the exact numbers off hand but 1500 should get you a bit higher, I forget if iperf uses 1500 by default or not

But this isn't really recommended on just any device iirc.

With the typical default of 1500, you're losing 14 bytes to the Ethernet header , 20 for the IP header, and another 20 for the TCP header. 1500-54 = 1446 which is 96.4% so about 964Mbps of data in a perfect scenario after overhead

Yeah okay cool

I just crimp regular non passthrough ones, it isnt that hard

Ngl I should practice crimping Ethernet

AFAIK they are to prevent the supposed issue of pass through connectors having "exposed" wires at the end that could contact the switch port housing in the back

I haven't had an issue with normal pass through connectors though. And all my ports have plastic in the back, not metal

Interesting, I didn't even think about that but it makes sense

Hello, I have a problem with my network speed and I was curious if there is someone here that can give a little advice

https://www.asus.com/us/networking-iot-servers/wifi-7/all-series/asus-rt-be92u/
https://www.asus.com/us/networking-iot-servers/wifi-routers/asus-wifi-routers/rt-be86u/
With these parameters (ASUS only, $350 max, wifi 7), which one would be the better option
Using it for enterprise purposes

Using it for enterprise purposes
very consumer router

Who is enforcing ASUS only for an enterprise WiFi installation? They make quite good consumer wifi, but they just do not make enterprise wifi. They stop at SMB. Like single office startup or coffee-shop level installs that have zero care for enterprise features

i would consider it very consumer out of the box and smb if openwrt would be installed on it

but neither is enterprise

They do have a separate product line called "ExpertWiFi" that adds just a few basic SMB type features

prosumer at best

Nah, it really is 100% for businesses not consumers at all. It's still certainly not enterprise-grade

"large home"

What they don't have is a WiFi 7 in the ExpertWiFi line, so @low egret's requirements can't be met

Nope. It's for businesses. This isn't just my opinion or something lol, it's literally the ASUS Business WiFi Solutions product line

i wouldnt be suprised that asus doesent know how to market these things to businesses

I certainly wouldn't buy it lmao

yeap

just get ubiquiti
it isnt "enterprise" bc lack of support services but certantly better than whatever asus is selling

today i found out ubiquiti has released ups in eu
excitement to see it has network port|
research it further
dissapointment that it doesent have SNMP, email sending or anything other than shutting down compatabile ubiquiti devices over l2 (and no it doesent turn them back on if power comes back)

stupid product

odd. Are they doing the classic ecosystem play where they have another product you have to buy that can do that?

nope

if it could send email on power loss and once more when it comes back up i would have bought it

or fkn snmp

it is more uselless than the shitty cashgrab APC smartconect ecostruxture bullshit

We used to use 2 AX86U Pros so

not that I'm in a position to do it, but I'd probably run a 48/60V DC bus with a central battery bank rather than going with UPS if I were to setup a rack

We still use one but the second one is the one that had issues

this is how telcos do it

ik. I'm very big into telco lmao

We've used their routers for the past 10-15 years, and they've been great
We use custom firmware on them also

you need centrally managed wifi if you have more than one ap
please get ubiquiti, omada or some more serious vendor

do atx psu's exist that take 48v?

atm you can get a 5kwh 48v lifepo4 rack battery for 500-700 euros
would be perfect for this

I think you could be misunderstanding enterprise. Enterprise means all your wifi is a single cohesively managed platform with high observability, IDS, captive portal, etc.

We only have two, that's all of them
And another one for home use, but that's not the point

does it come with the large home?

Ok then , let me reword it then
We used them for a moderately sized company, and we mainly use STS VPNs and etc

one big flat network, no firewall, no 802.1x, no wpa3enterprise
i think you are missing the point

Not sure, but I also know how to design power supplies so it's a solvable problem. (haha scope creep )

i would very much like 150w psu with 48v input for under 50$

We have WPA3E, we have a firewall
And It's 2 networks

buy whatever, it is clear that your IT department is hobby level at best and i have seen homelabs with better infra

I do have the start of a 240W USB-PD EPR (5-48V, up to 140W @ 28V and 240W @ 48V) PSU with a BQ25756 charge/SMPS (can actually go to 70V) and RAA489400 USB-PD controller. Not sure about $50 though. That might be tough, that's not far from the BOM cost of just the BQ25756 board

Oh no, our IT department is waay more than just hobby level
It's not in my control to pick a different company, otherwise i would

And they're fine with consumer grade wifi? There's all sorts I suppose

if you have IT department why arent they ordering this?

or are you using MSP?

https://www.theverge.com/news/798780/wi-fi-8-prototype-tp-link-test-explained lmao

WiFi 8. I still have a WiFi 6 router

found some but they are absourdly expensive

This is on the same router that we used to use
And i think we have like 3-4 different firewalls
For us, ASUS has been very dependable, and it's been plenty secure
But i will definitely ask what the deal is

do you have companion radius server to auth users?

Oh no it's all first party
We're not a fan of MSPs at all lol

What type of company would only use Asus consumer routers lol

Unofficially I'm part of the IT side
Since i plan to go into that field
It's voluntary

Ubiquiti, tplink omada are much better options

I think we tried to use them in the past but ended up going back

To Asus, that's really funny

I feel like there's some lack of understanding in your IT

Or skill

I think the reason for it, is that it's just easy to setup
Can't really stop for an extended period of time
I don't really know the reasoning either
I think they just want a drop in replacement without having too much hassle
I know previously we had a non standard internet company
But up until like a year ish, we've been using at&t fiber

Yeah so skill, probably not run by anyone competent

disaster recovery plan of glhf

That's very strange. Consumer routers are fundamentally unable to be drop-in replacement meanwhile that's a huge draw of enterprise systems. You can adopt a new unifi AP in seconds and it's just immediately fully configured by the cloud key or controller VM.

Actually I think we do

meanwhile i do complete site to site vendor switch with only "downtime" being that sessions were terminated and need to re establish, same for whatever updates i do

It's maintained and ran by the company itself
But we do have our own team, full certs and etc

nope - im out

burn it all and start from zero

From what i've seen, we would have to not only get 2 or 3 routers, we'd also have to reconfigure a whole bunch of stuff since we have them configured specifically, and they wouldn't work elseware
And we can't be down for very long either

That just makes no sense, to be frank

I don't know the FULL scope of it, just from what iv'e seen so far

And how long would you think that would take lol

2 sites and 2 APs, right? 30-60 minutes maybe.

less if paralel operation is permitted

True

one afternoon and case of beer in both cases

I think there's more than 2, since there's a "site" for each employee

thats just vpn

today forticlient edr ztna killed me
found a incompatability if you use letsencrypt certs on fortigates, fortimanager cannot pull config from them so it gets stuck in a revision diff

dumb

Yeah, can't be down for that long lol

You can't be down for 30 minutes but at the same time you're willing to run on consumer hardware with no redundancy or enterprise management/observability? It's really hard to believe an IT team in such a demanding environment would not only desire consumer gear but actually mandate it.

Tbc I'm not saying you're lying about that, it's just that it's unbelievable. Unless you've got a masochist on the IT team lmao

Mikrotik? :P

Tiks for routing, switching and P2P links but not for access wireless with multiple ap

Tiks for everything!

However many thousand hotels can't be wrong!

Sounds like the nepo special to me :)
Someone's in a space where they utterly lack the skillset and common sense required and should never have been hired
(Or dude's full of shit and this is a 40 person "enterprise" where they can't justify an actual IT person)

Even at 40 people just buy a set of Ubiquitis or whatever

I am a team of 2 and I need to set up my ubiquiti gear this weekend ):

gonna take me all day I think

Shouldn't take all day

there are many boxes

becase I have a few access points in the home, and then I'm adding another in my partner's workshop

anyone have any router recommendations in the 100-200$ range? i am willing to look at second hand routers, but i dont know a lick about ubiquiti equipment and not sure what i should be looking for

im somewhat new to routers in general; ive built my own before on an old optiplex but performance was not great. i would like to get the functionality of a dream machine but its a bit expensive for me

What speeds? Port requirements? Anything in particular you care about?
A dollar amount with no requirements is great for a salesperson but less so for a technical forum.

Anything less than or equal to gigabit's easy

my current internet input is just shy of 1gb.

if i can transfer faster than 1gb speeds locally i am happy, but that would be a switch issue, not router right?

Depends on how much stuff you're happy to have sitting plugged in where it goes

i figure ill need at least 2 ports for a switch and then AP

Ok so you don't care about the router's WiFi much?

no i was hoping for a rack style solution

and if it supports POE thats even better

Now you see these are requirements to list upfront lol

yeah here ill send a pic of the kind of things i was looking at. i just dont know if they are any good

It was decent but it is kinda old

how much does age affect routers?

Software support mostly

And of course they'll lack newer features or offer less throughput doing so for a given market segment

That will definitely do gigabit but I have no idea when the software support stops

Meanwhile UBNT does have newer non-rackmount stuff that looks quite interesting, like the UDR 7

But that may cost a little too much

my current setup is not in a rack but it would be nice to have more uniform tools

well, "rack" shelving 😄

An Eero and a Deco?

eero is what my isp uses, deco is my current home router and ap combo

Double mesh routers lol

i am growing quite tired of decos bullshit though i can hardly customize it

Fair enough!

eero is only there so my isp can diagnose issues. nothing connects to it and there are no other satellites

I don't much like them either ngl

Subscriptions are bullshit

deco will become my ap once i have a dedicated router

im not paying any subscriptions but i cant put limits on devices, see monthly data, etc.

Interesting ask

at least i can port forward, my previous isp completely removed that function from their routers.

Maybe I should be showing you Mikrotiks :P

Run something like fq_codel

Well here's the Mikrotik option anyways https://mikrotik.com/product/rb5009ug_s_in

The software configuration is somewhat more involved than most home routers unless you use quickset

But it does have a dedicated feature in the mobile app for setting bandwidth limits on devices and whatnot

It has PoE, some faster-than-gigabit connectivity, can be rackmounted with an extra part...

Wildly overkill

But you're kinda below the cost of new Ubiquiti kit but want non-consumer features

i dont think it does poe

That does PoE in

it says it can be powered via poe

You want it to do PoE out too?

That'll cost you
https://mikrotik.com/product/rb5009upr_s_in

...If you're putting it into a rack you could just use an injector...

They do also have another product with a single PoE out but no rackmounting

well if other solutions are this expensive i may as well just spend a little extra for this

¯_(ツ)_/¯

Fair enough

well, i just broke all my rules for impulse buying, but should i need to i can sell it at a profit

Deco has subscriptions?

Yes, it’s their equivalent to Eero Secure

Tplink also has a wide variety of subscription services for isps

Fuck TPLink

leeches

They’re far from my least favourite

honestly tplink isnt that bad, at least the mobile interface is good. sucks the deco routers dont have a web intetface though

mesh routers work best for me anyway since my parents dont want a bunch of wires running across the house

https://www.youtube.com/watch?v=EFEuWGFDL9U

guys whats the "best" wifi u can get in the uk

How much are you willing to spend?

I'm sure a Cisco partner can help you figure that out when you hand them that blank check to design your network for you :P

Might cost you a kidney and your firstborn when they put an AP in every room at minimum transmit power... but what can you do?

Bonus: you convert your entire house to microwave and you don't need separate heating
Wanna get warmer?
Download some iso's over wireless

is there a linus video on like entry level networking im using my isp’s router and i wanna upgrade my setup im sure even a basic router will be better than the isp? or am i wrong

basically just want a router actually not a whole setup any recommendations for 300-400 range usd ?

depends on what you have from your isp. is your current "router" a modem / router / AP combo? what problems are you having with your wifi?

yes it is a combo, i’m not having much issues i just wanna bump up the speeds and range i feel like the isp isn’t giving the full capacity that i have with them we have 1 gig speeds and ive tried speed tests on various devices and they rarely get past 300

what about when hard wired into your router

the latest tech that i’ve tried a speed test on is my iphone 17 pro max and even that is like 350 at best

and use a speedtest site like ookla or fast.com

it’s very far

like the opposite side of the house on the first floor

that probably has quite an effect on your speeds then

ah i see

should i get some sort of extender or something then

try a speedtest near your router and see if your speeds are closer to the advertised ones

if your speeds are under 300 you are probably only reaching the 2.4ghz band on the opposite side of your house. 5ghz and 6ghz have much shorter range and are much more sensitive to walls. if you can place your router in a spot with more open air it would help too.

Thank you for the information i’ll give it a try once im home

@shut stag maybe u can help, i have to plug my router into another box on the wall to make it work, and that box has more cables going into it, this means i have to have my router in a cupboard as that is where the box is

yeah i believe that cabinet is called an ONT box

what is the issue

Well, after obsessing for ages about having a public static IP for self hosting.

I am now getting a VPS to setup a proxy, cause giving my IP out now feels oddly revealing.

If you are hosting only websites then cloudflared is excellent

Game server too.

can someone help with my lapto0

it wont connect to network, not wifi not ethernet
i can manage my router via ethernet without issue
router says its connected fine

i have tried to reset networkint settings
changed dns on the laptop
used different types of dns
disabled firewall completely
resetted the router itself
used a different ethernet cable
used a different router
reseted the different router

😃

Good troubleshooting so far. Assuming other devices can connect to your router(s) and reach the internet, it sounds like you've ruled out local network gear, so it's likely something on the laptop.

Could be security software blocking things, could be a hardware issue, might be drivers, or it could be a broken Windows install. To rule out laptop Wi-Fi / network hardware, you could try putting a live Linux OS on a USB then boot the laptop from it and see if it will connect.

its a fresh install

disabled firewall and anti virus

i managed to fix it by doing sone netsh stuff

:3

HI . i have a dynamic address going on so i use mikrotik cloud ddns for my wireguard but as i noticed when i sudo wg that it translated directly into ip address . would this still change when ever mikrotik cloud update my ip ?

https://interestingengineering.com/innovation/metasurface-tech-enables-instant-6g-alignment

More 6G news

The only problem with 6G is going to be higher frequencies

Higher frequencies mean more attenuation and that means your gonna have to densify the cellular network

Densification isn’t a bad thing but it costs a lot of $$$ to the carriers

If i want to get into networking should i get an 8port gigbait managable switch or a 20 port with 18 ethernet to 1000Mbps and 2 gigabit sfp port?

sfp ports (gigabit) are useless unless you are using optics with it
what is your budget?

around 100-150 dollars

but I live in Hungary so prices may differ

CSS318-16G-2S+IN from mikrotik is in that range and it has two 10g ports if you want to mess around with those

It is 74.000 Hungarian Forint so its likr 200 dollars

can you tell me a cheaper please

do you have any noise or power consumption limitations?

No

https://www.senetic.hu/product/CSS318-16G-2S+IN
you just havent found the right distirbutor

https://www.senetic.hu/product/CSS610-8G-2S+IN
cheaper but less ports version is also avalibile

if you want to mess around cisco IOS: https://www.ebay.com/itm/116787125724
ports are only 100mbps but cli is same as any other cisco switch

eeeh fuck it im selfhosting everything. If something bad happens imma learn my lesson

put your server in a dmz with firewals

Can someone explain this please? Why is mlo worse than without mlo?

TL;DR: WiFi 7 features are woefully under supported. Even if an Access Point and Client Device both support the required WiFi 7 "extended features" (like MLO), how they function on each device is entirely up to the vendor.
https://www.wiisfi.com/#wifi7

Multi-Link Operation, or MLO, uses multiple bands/channels at the SAME time -- for example using 2.4 GHz, 5 GHz, and 6 GHz all concurrently. However, according to this article (dongknows.com), real-world MLO client tests are very disappointing tests show that speed in MLO is limited to the maximum speed of the single fastest individual band.
https://dongknows.com/wi-fi-7-mlo-multi-link-operation-explained/

Also, the RSSI: -74 value highlighted in your screenshot is only for the 6GHz frequency, while the other RSSI values for the 5GHz and 2.4GHz channels look much better. Higher frequencies have shorter range and don't pass through objects as well, so 6GHz may not be ideal for the location of your Client Device in your residence.

Omg yes this, idk how I missed that article on dongknows

is limited to the maximum speed of the single fastest individual band

Yea the second screenshot has same 6ghz at much better rssi, which honestly just seems bizarre

Much lower RSSI, but yes. Like many WiFi 7 features, MLO is a great idea in practice... in theory, not as much.

I hate that manufacturers can't resist just summing all the numbers up as if that's how it works. A wireless chipset with 2x2 320MHz channels is still always going to be limited to 320MHz (2882Mbps) of bandwidth per stream. MLO just allows that 320MHz to be from multiple bands

What causes latency to fluctuate? Mine hovers around 32=35ms but goes down to 24 occasionally w/o changing settings. Seems odd it wouldn't be that way normally

1GB download speed, direct connected to modem/router etc

the infra between you and the server you're testing against is likely to be shared to some extent, especially the last-mile distribution network. The exact technical reason would depend on multiple-access scheme in use.

I wanna get a new router/modem. even though WiFi 6 has nothing to do with using Ethernet

The effect will be exacerbated by your current load on the network as well. fast.com can be set to test your upload latency under load and you'll see how much worse it gets. Testing it during peak hours of the day will also be even worse.

if you're on DOCSIS, a new modem with DOCSIS 3.1 switches from TDMA to OFDMA, a better multiple-access scheme with improved latency characteristics. However, it requires your ISP to have upgraded their network to 3.1 as well.

you may already have a docsis 3.1 modem, as it's not exactly a new standard at this point. If you can access the web interface of it, you'll be able to check if it's connected to a 3.0 or 3.1 upstream. Some modems also use different color LEDs to indicate 3.0. vs 3.1, so you may not need access to the web interface

I just checked: it’s 3.1 now

upstream specifically? 3.1 downstream is very common, but 3.1 upstream not so much

Yeah. You would need to wait for DOCSIS 4.0 for upstream

DOCSIS 3.1 can take upstream spectrum to 204 MHz with a high split. DOCSIS 4.0 can take upstream spectrum to 694 MHz if they want

At this point maybe, but some regions have fully upgraded to 3.1 already

Yeah. DOCSIS 3.1 is 100% here. Cox did mid splits in 2023. But it’s hard to imagine they will do more DOCSIS upgrades since they are doing fiber to the home in this area

This is what I’m running https://www.amazon.com/MOTOROLA-MG8702-MU-MIMO-Approved-Xfinity/dp/B08DL4QB25

These are PON nodes for FTTH. Fiber distribution boxes scattered everywhere for homes to connect to

The up and down arrow LEDs indicate upstream and downstream connection state. Green indicates DOCSIS 1.1, 2.0, or 3.0 while blue indicates 3.1.

Both are currently blue

I’m also in an apartment building if that changes anything

Oh sorry, your modem has slightly different meaning to the LEDs than I assumed. Blue just means channel bonding. You'll have to go into the web interface to find out the state of the connection.

I mean, in any case there's nothing you can do to improve latency (for Ethernet connected devices). If you're not on DOCSIS 3.1 upstream, that's not something you can change. That would involve upgrading the appt building infrastructure, the outside ISP infra, or probably both.

There is Low-latency DOCSIS

But the operator would have to activate it

Just logged on. It’s saying DOCSIS 3.1

for both upstream and downstream though? It's very normal to have 3.1 on downstream, but not so much on upstream

I also tried QOS/SQM with some good results

Yes. Just googled it. I’ll look more into it

There should just be a page in the mg8702's web interface describing all the channel statistics. Under the upstream section, there will either just SC-QAM channels, or both SC-QAM and OFDMA. The presence of OFDMA channels in the upstream channels indicates 3.1

Yeah

Yep. Looking at them now

I have 1.1.1.1 DNS for my IPv4 and 6

Holy shit, planned maintenance with the explicit reason of next generation network upgrades?! I never thought the day would come

Do you guys have any recommendations for a fairly low power consumption device that can run OPNSense or PfSense, or do you think a Ubiquiti Cloud Gateway Ultra is a good option? (For me personally, I would obviously (and will once I move out) build my own and run OPNSense, but for my parents?)

WHAT? wait i thought the point of MLO was 160mhz in 5ghz band+320mhz in 6ghz band = 480mhz speed!

GOD, wifi7 is such an unmitigated disaster of all the worst things about wifi marketing in general. TIL that some devices can take a VERY long time to FIND a 6ghz SSID because i guess they don't know where to look? even if it's the same damn frequency every time. you CAN enable a 5ghz in the same SSID, which is what apple suggests but if you do that many devices will always prefer 5ghz even if 6ghz would be significantly better

A lot of articles and manufacturers describe it as if that's how it would work, so it's very understandable misunderstanding.

basically the only good thing about 6ghz is the open frequency...which wifi6e gives you

and even that's a bit iffy because many devices won't reliably connect to it even in congested areas

There's PSC (preferred scanning channels) to attempt to mitigate this, but I've sitll had devices behave weirdly with it enabled

what kinda internet speed you got? if it's lower than gigabit i tihnk pfsense sells one of those embeddded things. Actually any of those embedded thing like firewalla etc will be good enough

Yeah we only have 200mbps

i put my 6ghz on the very first psc channnel. my chromebook takes 5 whole minutes to find the SSID every damned time. and acer swears "thats' normal"

any of those little embedded devices will do just make sure it has a CPU capable of HW crypto

Alright, thanks! What are your thoughts on the Cloud Gateway Ultra? It would probably be easier for them to manage when I move out? Or is OPNSense easy to use? (For me difficulty is no issue at all, but for them it is to an extent)

oh parents, my parents is "Set it and forget" mostly, so not too much need to mess around after? I got them an eero, it's great, comes with an App i can log into to check things remotely

Alright. So OPNSense probably not the best idea? And it shouldn't be too expensive as well

opnsense imo no, too much fuss. i was tempted to do opnsense at my parents house but like...there's no point

it works really well but then you'd need a Wifi AP

I still live there and will continue to for the next at least 4.5 years while I finish my studies in CS, so idk

if you can get a wifiAP and a cheap appliance you can run opnsense on that'd be great

We already have separate WiFi APs for surveillance cameras

So basically any x86 mini-pc with two NICs?

opnsense and pfsense are both pretty easy to setup imo. if you're not doing really fancy sstuff

yea u know one of those embedded things? just make sure CPU can do cryptography

Alright, thanks!

heck i ran pfsennse for a while on a really old ddell laptop with a USB dongle

Install difficulty does not matter to me at all, I am studying CS at ETHZ and I am a Linux user, so I can get stuff going quickly... and we have a server running TrueNAS around as well.

Just wanted to hear what you guys think about pre-built solutions like the Cloud Gateway and stuff

i have no idea about that one specifically but i can say i've had good experience wwith eero so far

Alright!

I mean technically you could say it does from the perspective of multiple devices. It's the same technicality that router manufacturers have always used to advertise the total capacity of all streams on all frequencies anyways.

My primary concern is just software support duration

There's also a theoretical scenario where your client has 4 tx/rx chains and the AP has 3 in 6GHz and 2 in 5GHz .That would be scenario where MLO would allow 320MHz(*3)+160MHz.
I'm not aware of any client radio with more than 2 tx/rx chains though

lol

3 fiber distribution boxes near each other

I also see CC18556 on one of those boxes

i guess thats one very nice thing about above ground poles

we do not have those frequently in the west

Apparently the ethernet ports on this 12 year old CenturyLink Modem/Router combo (made by Actiontec, just has CL branding and firmware) can actually handle gigabit. This is surprising because the modem is VDSL1, so the only way to get gigabit is by using FTP or if you already have gigabit and you're using it as a switch/access point. I discovered this because I use mine as an access point (I have those Google WiFi pucks, so I need it if I want more than 1 ethernet port in the room I'm in) and I was using FTP on it last week.

This thing

It's not really surprising, gigabit for home networking is very old news and faster speeds were still necessary for local file transfers and media sharing.

100mbps home networking is nasty if you're doing anything local

only 100mbps device i ever owned was a 802.11n 150mbps wifi AP (where 100mbps LAN doesn't limit really, as 150mbps wifi link speed on 802.11n is at best around 80-100mbps real speed)

a bunch of smart TVs are 100mbps

Rumor has it 100mbps ones are getting less common because some of the parts cost more than gigabit ones

100mbps is the limit for most smart tvs which sucks when I have plex movies that are 100mbps+

USB to ethernet did the trick for me

Question, I have an internal network set up behind a Pfsense router in Oracle Virtual Box. Has anyone on earth ever actually gotten IPV6 to work at all in such a set up? IPV6 only seems to want to work on "host only adapter" it seems. But trying to get it working in an "internal network" topology has been a nightmare, seems impossible. I'm sure I set up network prefix translation correctly in pfsense. Tried everything in fact.

Are you using DHCPv6

🤷‍♂️ Its saying its currently enabled, so I have no idea why it refuses to work. You pretty much have to use a unique local address because of the NAT nature of creating an internal network behind a VM router. It never worked to begin with because of that. And to get a ULA working it seems network prefix translation is required.

😂 This is probably one reason why Amazon refuses to use IPV6 for their AWS communication with amazon warehouses. They only use IPV4. No reason why it should be this hard to get IPV6 working.

ok i have ran out of things to blame. My networks connectivity is fine.

Its my mobile network that's complete garbage. It does 10mbps on download.

No wonder everything I've tried to do is unusable.

My PC will not find my OpenWRT Routers WiFi.. but its visiable from my phone and my laptop

To be fair.. my PC does not have the antenna on the wireless, my dog chewed it

It was my wifi setting on my adapter.. had to set it to dual band because my routers a old POS I guess

dual stack is fucked, single stack v4 or v6 is simple and managable

huh? how is dual stack fucked

becouse applications can chose if they will go via ipv4 or ipv6

🤔 I don't know, they do use link local addresses of course. But Amazon has been complaining about running out of IPV4 for a while now. You'll see all kinds of IP addresses from every range above, below and inbetween the standard ones. Starting from 3.x.x.x, 11.x.x.x, 200.x.x.x, etc. They stretched it to the nth degree. And whats insane, is that the I.P addresses are all directly routable to AWS, with no true NAT. There is a public address so there is NAT, just not to AWS. Thats why they all have separate Vlan/subnet assignments so AWS can tell them apart. And they pulled this off on nothing but IPV4, which is the insane part.

Its because of this, that I'm not even sure what is considered a "valid" ipconfig anymore. 😂

they have been complaining about ipv4 public ip, for private you can freely use 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16 which are tipical but you can also use 100.64.0.0/10 for sure, other cidr blocks that are reserved are 198.18.0.0/15, 169.254.0.0/16 and you can possibly use them but im not sure

I have seen 169's yes. There is a pull of I.P addresses just sitting around waiting for a device to use them.

biggest waste of ipv4 ever is 127.0.0.0/8 and 240.0.0.0/4

🙂 Seen 240's as well. Amazon is using all it can at this point.

240 is fucked as some network equipment will drop the packet if it has that address

with ipv6 they had smarten up and there is only one loopback address

Yes. I think Coherent PON will fix PON’s bandwidth bottleneck

Makes sense. IM-DD isn’t good for 100G or above

I think my PC is cooked

My internet won’t work and I can’t start the DCHP process

It says I don’t have permission

No sites load, can’t connect to anything, Ethernet connects but it says there’s no traffic

And my firewall can’t turn on there’s an error

Tried using system restore and it said it couldn’t complete

#1439724424335982763

read channel topic

i thought this was network related

it's for the insane people of networking

https://www.reddit.com/r/FiberOptics/s/7kqXE2EJsb

This is so bad lmao. Water is gonna get into it if it rains and ruin the connection

yep

premium bodge

Multiple loopback addresses can actually be very helpful with some approaches to server design (IPC)

Admittedly these things will probably just stay on IPv4 forever, but still

all of them lead to same hole or am i wrong?

https://www.reddit.com/r/Comcast_Xfinity/s/uhRl4YFP0z

lol. 2 gigabit symmetrical over coax

Pretty hard to do unless you have the fully upgraded DOCSIS 4.0

idk which chipset it is, but comcast has an early deal with one of the chipset makers and has been deploying an FDX DOCSIS 4.0 modem already, the XB10

afaik, they didn't even consider FDD

hopefully they just decide to end DOCSIS 3.0 support and choose the last plan, but I have no idea how many legacy modems are out there

You can bind to them individually

Yeah

Yep

Already seen real-world deployments of FDX DOCSIS 4.0 nodes and amplifiers from Comcast

That's the point of them - say if you wanted to have a bunch of worker servers on the same host communicating via loopback with the same server port

I powered up my sophos firewall and doom started… is this normal?

Yes, that's the user interface

Reviewing network health has never been easier

"Hey guys my network cacodemon count is very high, should I be concerned?"

Do you guys like using Cloudflare-backed websites?
No? Good.

lol

Rip https://www.cloudflarestatus.com/

Interesting that my home assistant site behind cloudflared works fine

Service access is intermittent

Today, I'm in a room with the team behind OpenSSL, which underpins most web cryptography. Anyone have any questions for them?

https://x.com/dok2001/status/1990799794466689278

https://x.com/dok2001/status/1990791419653484646

In short, a latent bug in a service underpinning our bot mitigation capability started to crash after a routine configuration change we made. That cascaded into a broad degradation to our network and other services.

Added a $30 NIC to one of my PCIe expansion slots since my MOBO wasn't making full use of the 2 Gigabit internet I get from my ISP. Holy hell I have never see a download speed this fast in person

Should I get a used Cisco 2960 or 3850

I looked at Cisco Nexus but then I need SFPs and they are buggy and that’s why we are getting rid of them at work

like why any of them? What's your use case?
Anything has bugs, it depends on what you're doing with them, what code you're on, etc.

Homelab, we primarily use Cisco and some arista for DC stuff, and I like the Cisco OS which is why I want to get a Catalyst

If you're learning, what kind of learning?
Why physical hardware at all instead of something like modeling labs on a server?

IOS, NXOS, etc all vary in syntax too, there isn't a single Cisco OS

same concept but syntax varies as do some features

I get that, I use Cisco OSs every day at work

It’s mostly just want I want to throw int my home network to mess around with and run servers off of

I should be able to answer my own question cause I am a network engineer 💀

I'd go for the 3850 then over the 2960 since you get broader L3 features there

Yea I was thinking the same

It’s hard for me to think of home application cause I mostly deal with industrial applications

I got a great model of 3850 guaranteed working

nice!

https://www.reddit.com/r/FiberOptics/s/ItJIHOzNe3

Awesome work. Nothing better than organized cabling

This is an OLT it seems. It’s for a PON network

looks like a ZTE ZXA10. must not be america. Those might get banned in the EU soon too, they're currently just "not recommended".

Ahh

I was specing out a Protectli Vault 4 port, and realized it is very expensive. Are there any other options that have 10G SFP ports, or should I go with the option of running OPNSense off of my desktop and do "router on a stick" like config

The Router would be on one port of my switch and I would config a trunk port to my PC for the VM running OPNSense

starting to terminate my own rj45 and realized the kit i have doesnt have the pass through heads

tragic

my first termination is scuffed af

Time for a little update 🥸

im finally getting into ubiquiti

i have a feeling i will like this company

I honestly crimped thousands of them it’s fine

Yea it is alright, i picked them because really any other company is behind closed doors and i don’t deal with that

im actually probably setting up my router tonight, just need to run some wires first and prepare

I personally like to use opnsense for my routers. But that ubiquiti routers are fine.

dream machine pro