#networking

I was testing to see if these cards were fake

I'm checking throughput, vlans, and temperatures during test

Sustaining

To uncover if one is fake

Ah

The fake ones died out

If its sustained

And also dont reach 10gbps

And give weird errors in intel util

So far none yet

okay

so my house has no ethernet ports

so should i just yolo it and put a ethernet cable around the ceiling / walls

or integrate it into the walls/

Own or rent the house?

If you own, definitely integrate the cables into the walls, do it nice
Otherwise, just do the bare minimum to run the cables

own

mkay thx

I have done some crazy things to get Ethernet around the house. I do own the place but a lot of the walls are really weird and I can’t run any cables though them

Yeah, I ran ethernet in my house inside of the walls. I have to say everytime I go in the attic, it's so easy to get lost at times. lol

apparently enterprises split cables together too

So it's should be fine if I do it too

Even if I owned my place, I couldn't run anything in them. It was already a pain to bring fibre in.

Old-ish European houses are fun.

external cable conduits?

yeah i know that feeling

Not exactly, but the wires are running through tiny conduits.

Within thick stone brick walls.

don't forget concrete

It was made to run the 3 electricity cable not sheathed together.

i tried to sneak cables into pre existing electrical conduits but it was a nightmare and i didn't managed to do it

And this doesn't run with safety inspection anymore.

yeah, it's against the code to put low voltage cables with high voltage ones

Yeah,. European houses you'll have a lot of trouble.

i'm so jealous about american houses. It's so easy to wire them up

Usually here if the wall needs to be drywalled on a brick / cinderblock / concrete wall, we have to put a fake wall with a small space

with a knife you cut a hole in the wall, drop down a cable from the attic and you are ready to go

Yeah, pretty much

just find the wall in the attic, drill it, then drop the wire in. lol

and fish it out downstairs

It's only the outside walls that are nightmares to do because of insulation

still easy

Yeah, compared to concrete, definitely. haha

here if you don't want any external conduits you have to break concrete with a chisel, patch it up, paint it and maybe you get unlucky that the conduit is broken and concrete leaked inside or you made a turn that is too tight and you have to do everything again

Yeah, that sounds so painful

and patched concrete might never look the same either

i have few cables i cannot pull out even if i try so hard: like pointing the feet to the wall and push myself

haha

If you dont level it properly you see the trace

Modern house have wider conduits. But it's hard to retrofit. So I have cables running around.

also old (but not that much) buildings were built without expansion possibilities cause at the begin there was no TV/no intercom/no internet etc and when they added all those things this is the result

Yeah, that would trigger my OCD like crazy. lol

How modern buildings are

everything separated/ empty conduits for future cables

These pics are so tiny

but infrastructures seem solidly built

copied from the interwebz

If i will be living into a condo i want to buy it when they are still building it so that i can tell the workers to put separated conduits in each room for ethernet/TV and some more empty conduits for future stuff

Man, though just imagining have to concrete in conduit into a wall

seems super hard to keep it still

nah, you do it slowly

Ah, I see.

Yeah, I'm used to only doing floors

and dumping concrete everywhere. We had to like really strap down the underground conduit

to keep it from moving

you pour some concrete every few meters and they stand still

Well, i mean the walls

Then you do the final pour

the floor is pretty easy

still the same i guess

Haha, that still seems really brutal to deal with

Here they even used pieces of metal screwed onto the wall

haha, yeah, that really seems brutal to deal with

Very cool though

yeah

seems like they will mix some different wiring there tho

I kind of wonder how hard datacenters are to make over there now

well, there are elevated floors that can be lifted up and there is a space between the real and fake floor

But usually if they are building a datacenter they know they need to add conduits for wiring

That's really cool. haha

yeah, imagine having to run a new cable. You just lift the panels you need and that's it

Yeah, I'm totally putting a ceiling grid when I get around to building a house. lol

lol

Elevated floors aren't necessarily great for a space you're living in, but ceiling is easier. It's just passing from one room to another that can be messy.

not if you have an electric demolition hammer

ouch

https://linusdrop.tips/MiniatureIndelibleHackee

Finally! IPv6

lol welcome to club of limited connections 😛

i noticed like 2 weeks ago i was suddenly seeing my IPv6 everywhere

https://linusdrop.tips/DeterminedRapidVixen

Usually the elevated floors in datacenters is for cooling up through the racks

Most cabling is wired via overhead cable channeling

mmm yeah, elevated floors are more common in modern offices

I worked many years ago helping to rewire some network cabling in a computer room that had raised floors where the cabling was run in it; it was a fucking pain

Would you prefer pulling out cables from conduits into walls? i did it today and i was sweating

Proper conduits are not too bad

heh

I have pulled cables through non-conduit dropped ceilings in offices, that fucking sucks too

i had to cut the cable in some point cause i couldn't find it's full path (also cause i had not that much time to do it)

Especially going past firewalls

pretty sure it is easier than conduits into walls

ofc it is easy if the conduit is 10 cm wide with few cables inside

Most of the pulls in that office were 50 cat5 cables at a time

sometimes it is better to pull them out together, other times it is better to pull 1/3 out so that there is enough space to pull the rest

Indeed

I've run networking in home by using the pull away sticky stuff and clasps on the ceiling, even worked on the texture paint junk that's up there and I cba to redo

Sigh.

Anyone here know a cheap MU-MIMO router I could get in the future?

MU-MIMO routers are not cheap at all

It'll be a while

Ebay or used market or craigslist or refurbish from store is best bet now

my network before and after

italia, italia, italiaaa

hell yeah

Has net neutrality officially ended or are we still wait in ng for our deaths

It's not dead yet

It's gotten close quite a number of times though

now they even want to remove memes from eu

well, not only memes

@fresh copper https://linusdrop.tips/AggravatingVirtualXenotarsosaurus

That doesn't seem like a fun game I'd want to play for 17 hours

he's coding hard

It basically gets rid of the ability of any website to easily host non-moderated user content. It would effect everything from online forms to mailing list archives to even google search itself, especial google image search. It was decided long ago that if a user requests some user content wether by searching, or entering forms for specific topics, or otherwise, that the legality of the content shown was not the responsibility of the website owner. This happened back when Google images first came out and people were upset that someone could search for something copyrighted and google might show it in the search results. This happened again with YouTube where people were uploading clips from Sponge Bob.

To be clear, this does not mean that any website can host illegal or copyright infringing content. If the copyright owner or proper authorities etc contact the website with things like a DMCA notice they still have to take it down. This just means that they can't be sued before they are given notice. If they are given notice and they still do not take it down, then they can be sued. The EU thing would remove all of this precedent (at least in the EU) and require all sites to either manually moderate everything or implement some form of filter that attempts to determine content that should not be on the site. This filter would have to have a significant amount of false positives because websites would have to be vary careful. Even letting one thing through could potentially leave them open to litigation. Some versions of the proposed rules would allow them to have some small amount get through the filter as long as they do their "reasonable prevention measures".

Lol, I find it funny that it considers terminal a game

But why. If it has been like this for years, why now they made a law about copyright and stuff for online pictures etc? Aren't there bigger problems to solve instead?

That's how the internet works. You put something on it and it becomes accessible for everyone rather useful or not

@rocky badge I've spent that long in a terminal for several days on end, lol.

oof

how does ethernet over coaxial work in comparison with powerline?

My house is prewired with coax but i dont wanna run cat6

Can't recommend it, and I specifically ran my house with both to deal with that.

What is everyone's experience with AT&T internet?

Is it better than Comcast

Hell no.

It actually depends

Are you in an area where you can get AT&T fiber gigabit?

@final epoch There is a version of Ethernet over Coax but I don't recommend it because it is a very old standard and therefor is very slow. There are a number of other protocols that can go over ethernet though. Most ISPs that provide internet over coax use some form of DOCSIS. I again don't recommend this because it is an enterprise standard and all the equipment is expensive. What I can recommend is MoCA. As long as you go with MoCA 2.0 it can carry gigabit speeds and is actually really good and has significantly less interference than power line even if it was run over the same coax cable as a TV signal. The converter boxes are rather expensive. I see them for $100-$200 here in Canada. The up side is that a number of ISP modems actually support it out of the gate and allow you to use it on whatever coax line you have plugged into it.

@crystal forge are those your only options? From what I have heard, they are both kindy sucky (customer service wise anyways). Actual performance unfortunately will depend on your area, so may look for some sort of local reviews site? But IMO, its six of one, half dozen of the other

@short relic those are my only options unfortunately

@rocky badge AT&T publicly hands your data over. Hell no no matter what area it is.

AT&T gonna hate me this month, lol

2.1TB of steam games to download + ~1TB of WSUS updates to redownload 😄

Nice

My isp kinda hates me

2TB of movies/Tv shows uploaded last month

• atleast 2TB of download each month XD

Got a parabolic tplink antenna and a ubiquity bullet m5 titanium. Configured the bullet for acces point and all, cant find network. Infront of antenna

AT&T put and undisclosed 150GB bandwidth cap on me, so I cancelled their sorry asses.

heads up for anyone using Devolo™ or similar ethernet over power line adapters, they will cut down your internet speeds in comparison to just connecting to your router.

Ways to reduce sound in a rack?

I would get sound dampening foam for the sides, but does that actually do much?
and what can you do to the front/back? at least for dust filter or so?

wrong channel @zenith ridge

Place quieter fans in said server's/switches

@hallow nimbus I replaced my NVR's standard fans with noctua super small ones

Wow what a difference in noise

Before it was basically audio for two rooms down a hallway

i will probably do something similar to my pro curve switch cause its goddamn loud

@chrome hound i can also use those sfp ports on those switches with that BiDi LC to sfp connector, right?

i want to make a unraid server. i plan to upgrade it later can i transfer old license to an new server

At colledge they threw all cisco switches out and replaced them with 4 times cheaper switches which work better xD

And the teacher replaced and corrected about 20% of the things cisco forces them to teach for the cisco certificates

And we no longer have to use their software as it's too broken

@daring plover I appreciated the Cisco curriculum when I was studying for CCNA because lots of the stuff they talked about could be instantly carried to other brand switches. The fundamentals and things like configuring stp, multicast,vlans, etc,

Netacad had easy to understand reading

10/10 prefer it over book reading

CCNA is one of the ones that we can get here after we're done with network management

And we threw Netacad out

It's overcomplicated

And things such as cisco packet tracer will even randomly ping incorrectly in the most basic setups

Packet tracer has it bugs but I used it and was able to pass ccna easily

You just cant count on what the software does but your understanding of networking concepts

I for snmp I did physical labs

Netacad is simple but if you have a bad teacher

It will be complicated

They literally threw out the best resource out there to pass ccna

@subtle glen I think so, check the switch for optics compatibility, but yea those should work

but after we talked the other day I don't think you have to use BiDi, you can just use a standard dual LC

well, in case it doesn't fit (even if i split the 2 plugs)...

i was also thinking about this transceiver https://www.fs.com/de/en/products/11802.html

that was the issue though, I could only find BiDi that were single mod fiber, so your fiber changes

by looking at the plug of that one it seems single mode

well no I mean the type of fiber you have to use, SMF versa MMF

https://www.fs.com/de/en/products/40446.html

@little schooner Our teacher replaced a lot of things from cisco that were overcomplicated or even kinda wrong

And he simply threw the netacad out as it was the worst in those regards

He made his own network and website to replace netacad

Well, 2 websites even

👀

so many types of fiber

can't i just use the one you sent and that transceiver?

@hallow nimbus What is floatplane

Floatplane is the early access service like vessel but floatplane is owned and managed by floatplanemedia witch is owned by LTT

you are so spooky

Yes i know

i almost broke the monitor for the jumpscare

👀

OH SHIT

stop, you are gonna scare me too much

i can't handle this

hai

anyone in here? i need help with a project of mine

with what

i have a small media creation group. and each of us work at home. and we have a common storage server. and i need a good way to connect each of our pcs to that server. without hamachi or those shit programs

we currently use hamachi to connect to each other pcs

port forward?

owncloud? or ftp

oh, you want to acces other's storage or pc?

i dont need to acess their pcs. but would be a good extra feature

they can open some ports

i can open the ports i need

we have 3 workstations and 1 laptop. with 2 other servers. one of wich is windows server 2012 r2

servers have hamachi asewll?

yes

but hamachi is our bottleneck

3mbs transfer speed

at max

we have 250mb down and 120 up

you could set up a VPN on your server/or create a dedicated VPN machine where everyone can connect and communicate

this would be one option

can you help me with that?

with setting up VPN?

with everything if you could help

These are my "servers"

Each have 8gb ram ddr3

well i dont have much time tho :/ you can try to play around with it in VM's at first to get idea about that

oh they are in same network?

How do I create my hyper v server's?

My pcs are in the same network. I'm hosting. But the other 2 pcs arent

And my school laptop

oh oke, then yeah VPN will do the trick

And a role server to access the storage?

i think no, since if you connect to the VPN, you can have access to all machines if they are up

currently im hosting all the storage in my workstation. but im ditching it

in that network

yes

ah then yeah, idealy you should make a dedicated storage server and a dedicated access point server aka VPN server

this is all the disks

i just need to find a old pc with enought sata ports and use freenas or something

yeah, its not nessesarily needed, but strongly recomended

or maybe a 4tb drive

but yeah you should play around with this at first on VM's

https://cdn.discordapp.com/attachments/463345300560412683/501690213001592833/unknown.png

this is our "client" side

how it looks like

the disk's in raid 0 wouldve looked little nicer tbh 😄

windows will allow to do that?

my motherboard is too old for that

im on 775

my pc is kinda broken

mmh dont know much about older boards

software raid then

how many vms will i need for what i want to do?

2 is minimum, and all dependant of your resources too

its a core2duo with 8gb

t6570

uh, yea i wouldnt go over 2 VM's there

what do i need to get everything working?

well a VPN server is really the only thing, when looking at your original issue, rest is just "best practise"

yeah

would be great just have the vpn

is the main problem really

or maybe, your router supports a VPN "server" feature

my router is a piece of shit

its an isp router

portuguese routers are cancer

heh oke

this is "advanced"

aighty 😄

then yea you need to set up a server

should i reset my windows server? i think that is a bit fucked up

uhh, i dunno, if you saw its fked up, then i guess 😄

this is my router at the moment xD

global suspension. 30 days 22 hours

kek

rip me

so. can i dm you and you help me later?

yeah 😄 hope i have time later on 😂

thanks

Anyone ever dabble in port forwarding on a pfsense firewall?

Yee

Anyone ever do L2TP on Linux?

i get to dive into the world of UDP and TCP ports tonight

@fresh copper https://linuxexplore.com/how-tos/l2tp-vpn-using-xl2tpd/

I did not know you were here too. I am sure you know why I am asking

Yup lol, to connect me to EVIX.

I am trevor@jantechcs.com

also small world isn't it lol

Yea, for some reason all of yours emails end up in my junk folder. Chris, I, and our friend Mike are working on it. We had no idea Cisco had such a lack of layer 2 tunneling protocols

Neither did I

until now

I have been using DMVPN for my own private exchange using 10.90.100.0/24 and 10.90.110.0/24

When we first made EVIX we were using DMVPN but due to lots of issues we had to switch to something more conventional. Zerotier has a lot of the same features as DMVPN but eliminates many issues and it does not require everyone to be on it so that’s what we use for inter-hub links and a small number of our members. Unfortunately there are not a huge number of compatible systems

what issues did you have with DMVPN?

With VyOS, it will not let bgp packets go over mgre interfaces so we had to make a separate gre interface and and separate IP address for bgp traffic vs the normal traffic. Then other issues came up that made even this not really work.

oh, damn

We did originally plan for Cisco to be able to join. I guess we did not realize that it can’t always do gretap or OpenVPN

oh, and Cisco can do L2TP

I configured my Cisco router to use a Virtual-PPP interface

Yea, so that’s we are trying to get L2TP to work because it looks like Cisco supports it

sounds good. Here is the config on my side:

pseudowire-class EVIX
encapsulation l2tpv3
ip local interface GigabitEthernet0/0/0

interface Virtual-PPP1
ip address 206.81.104.27 255.255.255.0
ipv6 address 2602:FED2:FFF:FFFF::21/64
pseudowire 72.52.82.6 1 pw-class EVIX

I’ll relay that over

alright

does the server you guys have run ESXi?

My ISP offers me the possibility to get a IP block, should I get one? I mean I am not sure what I can do with it. I can separate my server traffic from other traffic I think.

Like a block of IP addresses or the ability to block incoming traffic by IP?

Block of ip addresses

i want that

makes things simpler

Yeah, but what can I do with it. I have no idea

@dire hearth is it free to get it?

No, but I remember that is at a very low cost

Under 10 euro

If you are not sure what to use it for, just dont get it

I would love if I could get more than 1 IP residentially

I have the option for 4 IPs at home, but I don't use it

does a dual AC input PSU from corsair exist? to also allow an UPS to be connected? or would it be fine to only be connected to an UPS?

not from Corsair. I have my pc connected directly to the ups and it works fine.

24/7, doesn't hurt the ups?

There are redundand ATX psu's tho

they run servers 24/7 off ups'es

why would it

hmm, cool

any recommendations about what brand of ups to take?
I got a corsair psu 850watt

unraid as OS

APC is a good brand, just take one that has a higher VA than your power supply Wattage. You can also consider other brands, just search for reviews

VA and Watts are basically the same

hmm k

found APC with 1500 va in my local store for 700€, worth it? overkill buy i could add a second server on that ups and or network gear

it mentions a 900watt max load btw

Of course having more power than you need means you can power stuff longer.

You shouldn't overload an ups but a 900W load compared to its 1500 seems a little weird. Maybe that's normal

I need at least a 1000Watt ups XD

you need 20/10

NEIN

from what i can see it's like that till the va are over 5k, then the watt is the same as va value

Here in EU with 230V and all that stuff, the VA are the same as Watts. If i remember correctly you have to multiply the VA x 1 to have the number in Watts that is basically the same value

@hallow nimbus apparently my cheap shitty brand ups cannot handle 1 pc, 2 switches, a nas and 2 routers

Wat

i mean, it is small, what did i expect

i would need a 1000w one too

The 1000 watt is for me pc and screens alone XD

So i would need 2 1000 watt upsses

eeee

For networking and server

i got you

PERFECT

a little noisy but it should do the work

Can i dig it in ?

XD

And make a vent

you can throw a match into the fuel tank

Lets not

why, winter is close

@hallow nimbus since the generator takes few seconds to start, i'd recommend some batteries to keep things up and running while the generator starts

I need moar

🤔

aka i need more

i was thinking for a solution

this should work

I need more

WAY more

but like WAY WAY more?

It need to be able to keep running for atleast a week

oh, you didn't specified that

Now i did

😂

Thats starting to look like it yes

you don't pay me enough for this

XD

I dont pay you at all

true

so... when will you pay me

for my advices

once you build that shiet

uuuu

one fire and battery room is toast. Bring some bread down there to prepare.

what's better than bread that taste like acid and cancer smoke

It's missing an e

But it's aws day

^

Add pf on that.

that's 1 if i remember correctly

ur a pf

Yea power factor is annoying. It does depend a lot on how you are billed. Most large buildings and industrial buildings are charged more for having a bad power factor (the don’t actually measure the power factor but they do charge as if the power factor was 1 so it looks like they are using more power than they actually use). Most homes these days are charged on their actual power usage. Computers and servers usually don’t change the power factor that much because of the way that the transformer and rectifier work.

There are devices that try to adjust that

It does not matter for homes because power companies usually charge by actual power usage these days so power factor does not matter. In places where it does matter they will put large capacitors in parallel to make the power factor closer to 1 (as most of these places have lots of motors so their power would be more inductive on the reactance scale). If they have a varying power factor then they may use super fancy equipment that automatically adjusts.
There are also cheep Chinese devices that supposedly help. They do often have capacitors in them but without analyzing the power factor yourself you may be making it worse or not helping at all. I also already mentioned that it does not really matter for homes these days.

i've seen a video of a guy testing those chinese things and as i expected they don't work

but like you said, it's pretty useless for home use anyways

We probably saw the same video

Great Scott?

He has great videos

yep

hello there my new network guru friends 😃

Hey peoplesss, I'm working on a project and either looking for advice or could be a potential job for anyone capable. Basically I'm looking to set up a server that sends tasks to multiple virtual machines to complete. They are different tasks. Basically it is running through a conditional campaign. Any advice and knowledge or resources I should look into are helpful. Thanks! I wasnt sure which thread to put this in so I'm sorry if I picked the wrong one

so you are basically wanting to implement an orchestrator.... whats they hypervisor?

@tropic girder Do you have any more specifics? I would love to help but I am not entirely sure what you need.

I'll look into hypervisors, literally building it from the ground up. @fresh copper Basically my company is looking to build a campaign system for direct messaging for social media websites. Specifically Linkedin right now but eventually would like to expand to offer the service for any social media platforms with direct messaging capabilities. From what I understand it would have its own server and the application would be a computer application not web based really. It would simulate itself like a user would by direct messaging users a message then in a couple of days (or what is specified for that campaign) it would go back and see if there was a response, if so it would skip that person and message someone that the system had sent that same message to but didn't respond. Goal is to start a conversation and then notify the user of the account that they need to respond to a message

We have this service from another company however its half the product we want and each month our servers get slower

I think you pinged the wrong guy my dude 👍

Yes I did sorryyyy

@sturdy zinc thanks, I'm looking more into hypervisors. That was a term I was looking for

@tropic girder That sounds interesting, I’ll have a look at what would generally work best in that situation

@tropic girder I would go through the AWS route, a not very well known but very very flexible product (orchestrator) you could look into is called Stratoscale, maybe give a look into that product?

@sturdy zinc sweet I will! Thank you sooo much!

@tropic girder not a problem, if you articulate and leverage your infrastructure with the elastic power of a AWS cluster then growing will not be an issue, you will always be covered, you need more capacity boom, presto more capacity, next months things are slow...no problem, you pay only the resources you use

Oh that would be perfect! That's exactly what we need

I haven't messed with AWS yet but heard alot about it

AWS is fun

Until it goes down for awhile and part of your school relies on it

I'm using Google Cloud platform now

wow. google finally has a second customer

The first being Google...

anyone know how to fix the issue of a Windows xp machine not being assigned a IP address by the network?

Find the Windows Update that disables it. <INSERT "don't use Windows XP" WARNING HERE>

its a system with 733mb of DDR1... so i dont think i can run anything better on it
if i happened to find 4GB of DDR1 laying around i might install windows 10 on it.... but... untill then is stuck on XP

Have you tried resetting the network stack? (Oh Windows XP ... 🎵 memoriieeees 🎵
https://support.microsoft.com/en-us/help/299357/how-to-reset-tcp-ip-by-using-the-netshell-utility

@sullen patrol run Linux /s
But yea, @inner quiver’s solution should work

tryed it.... its still unable to renew IP address

Did you look for the update that breaks networking in Windows XP?

wait WHAT?!??!?!

@unreal wedge tell me more

Look for one of the last updates ever applied to it.

ok if i find a bad update how do i roll back the update? im sorry i dont work with XP machines often

I'm looking for it, but read this https://www.zdnet.com/article/registry-hack-enables-continued-updates-for-windows-xp/

Apparently you can still update Windows XP, even today.

@sullen patrol Google the broken update if you can find it, though I have no idea where it is anymore.

k

https://gyazo.com/fc80a7b072ad03e5c25e44aa020632e6

I'm pretty happy with my university

Ew ads

Yea, my university has symmetrical gigabit too

@latent stag Get an adblocker

Anyone here able to help with pfSense?

@unkempt ferry I know a bit about pfSense. What’s your issue?

@fresh copper do you know if using a dedicated switching chip or a very high-clock intel 8700k chip makes a difference when handling network traffic?

Would the 8700k handle it just as good?

@unkempt ferry I might be able to offer some assistance.

@stuck verge @fresh copper Thank you guys for responding, I actually solved my problem but I do have a few question. Right now I have residential Verizon service. The domain I'm using for the DHCP is verizon.net. What is that domain and can I set it to something different? Also, after a pfsense install, are there anything that I need to set to make sure everything is safe? Thanks!

Bro I don't know this stuff, I'm sorry

What is the search domain and what does it do?

Can I set it to anything I want?

@unkempt ferry search domain is the first thing computer with append to at the end of a DNS lookup. For example, entering web address to server1 will default to server1.verizon.com if you have search domain set to that

Otherwise it has to start appending other ending domain names, like .com, .net

It's just a default setting

That dhcp can provide

What difference does it make if I change it?

Convenience that's it

Nothing else

Because when I tried to set it to something else, the internet stopped working

The internet should not stop working

Because of that

Ok, I'll try it again in a bit. Also, I'm setting up a OpenVPN and what is the IPv4 Tunnel Network?

This is from memory, but, it's the subnet of where you want your openvpn clients to reside in

It should be different from your lan subnet

The default was like 10.0.8.0/8 I think

ok so if i'm using 10.20.0.1 to access pfsense, then it should use that scheme or be something completely different?

Just not in same subnet. Anything but 10.20.0.0/whatever mask your using

Otherwise it will have lots of problems routing external traffic to internal network

ok, and server mode is set to remote access, so if i'm in a network that blocks stuff, can I use this remote access vpn to bypass the blocks?

Yes, but I've been at a school where they have DPI and block openvpn as well

Your mileage will vary

Make sure to enable option to use the DNS server of your remote access network and not the blocked network's dns server

Ok well my school allows hotspot shield to work so do they block openvpn?

Openvpn should work then if hotspot shield works

My school is just outright crazy with the protections

Blocking vpn is disgusting

yea it is

I work for my school's it dept and they don't give a shit about security

they gave me admin on my computer login and also gave me local admin for all the computers...

so should I have a IPSec vpn instead?

Yea when I'm traveling and at school

I did not know about obfsproxy

And yes dpi still caught my port changes

Crazy "security" this school has

Use a private OpenVPN over port 80. They can't sniff for that.

Well because my school has wifi as open unencrypted access

@thick minnow

Vpn is a must then

They even say in big letters "THIS NETWORK IS NOT ENCRYPTED USE AT YOUR OWN RISK!"

On the landing page

xd

my school blocks all school MAC addresses

So you cant go after them

plus the NAC has an application on the device so if it's a school owned device you must connect to their secure WiFi

My school also blocks unknown mac addresses on its switches

I plugged in a laptop to wall outlet

Jt started to work and then

5 seconds later it shut down

But it was working for brief period

The scary part

Hmm

Possibly

Even with 802.1w implementation?

Depends on if portfast edge is enabled or not

@little schooner Dedicated switching is better because of latency. They may preform with similar throughput but the latency will be higher.

@unkempt ferry that’s the search domain. It does not really matter that much so you can kind of set it to anything.

edge enables portfast but also enables BPDU guard, and one other thing which I'm completely blanking on right now

Yeah edge port is the non Cisco version

Yah, portfast trunk still exists 😛

XD

Ok cool so I got my VPN to work

I wish they weren't so expensive and didnt need contract for upgrades

Instead I settle with netgear, dlink and some edgeswitches

The edgeswitch is fanless so that was a plus for me

I think only HP doesn't have contracts for code upgrade requirements but most others do as well, not sure on all of them but just from what I've seen

Meanwhile I cant get multicast to work properly on these other switches

Someone non-standard about them

Something*

Any recommendations for a switch?I was looking at a WS-C3750G-48TS-S

Multicast is evil, always

Like Cisco makes it so dead simple

One command and its enabled for vlan

Edgeswitch is a whole crazy set of settings to set

And then you have to fight with config sanitation

@unkempt ferry If you're familiar with Cisco IOS commands then it's a nice switch, a bit on the loud side though

Yes they are loud switches

Oh theres no interface.....

But what if replace with noctua silent fans

Noise goes away?

There is an interface, it's pretty poor last I remember

Like you can view the status of ports but full fledged configuration is not going to happen

Like this one https://www.newegg.com/Product/Product.aspx?Item=9siaady4b02535

Fit inside of Cisco switch?

You might be able to jerry rig something

When you say loud switch like how loud

Like a jet engine

XD

Like I have a dell r710

Like a Dell2950

Like that server is tolerable.

the r710 isn't that loud

The 600 and 700 series are pretty nice by comparison 😃

But 2950....

I would say 2x the R620

700 series are def. quiet

Maybe a bit more, hard to say for sure

So a cisco switch is louder than a r710... great

https://www.youtube.com/watch?v=XZJ9il5FJYg
Listen at full volume /s

@unkempt ferry you can try to buy new fans for it

Like I was going to do

Yea thats pretty loud

If it's for home use and you don't need things like OSPF, BGP, etc. then something like a webgui based TP-Link or similar would be ideal

Is it always that loud or is that just when it boots

Well that's with chassis open

While in WinServ it's ~5k but I keep it off all of the time xddd

@rocky badge omg that is unbearable 😂

13k fan noise

@thick minnow my teacher once said that he owned a web server hosting moodle and left it up for 10 years straight uptime

Only linux can do a thing he said

moodle, I remember that

moodle reeeeee

He was big into moodle

Teaching classes on w2k and configuring it and stuff

@thick minnow you should set your iDRAC un/pw to root calvin

/s

My school's iDRAC says it's the default 😛

At one point, my school had public IP set on idrac

Anyone could visit and take over

true

OOF

PCS

https://www.pcsknox.com/

port 9100 vulnerability

xddd

Best way to defend against all attacks is to shutdown the egress ports on all devices and remove power from said device too

haha

😛

HAHAH

They blocked iDRAC

"reason" non-managed

also their blocked page doesn't work

If the firewall randomly crashes is it a bug or security enhancement?

Keep the bad guys guessing as to if it's working or not 😄

This is true

huh

Can't bypass a untrusted root in edge?

Have you tried dealing with their 4G business class dept?

ATT: "We promise this feature is enabled and works"
next day
Us: "We tested the feature and it does not work and wasn't enabled"
ATT: "Whoops"

I tried

No

lul

they blocked it yup

can't access it on chrome

They also blocked vSphere

Good boye

So they're actually securing their network a little

I can't shutdown hosts anymore

So now you can't be expelled 😦

XD

Uh-oh @rocky badge the Google Andministration is after me!

Why

For it is not me who they think do the bad thing

lol

and it was spelt "Andministration" so, ya know, 😛

Baltimore? So Cloudflare is the CIA...

welp had a disc die in my netapp 😦

Dang, do you have a replacement drive ready or do you have to get one?

well I had a spare hot in, but now I have to dig one up

saw this posted in #voice-chat-limited Now I've been wondering this for a while now but with asymmetric data speeds is it possible that the upload speed would bottleneck the download speed or vice-versa since tcp connections send acknowledgements for every packet received? Since ethernet has a MTU of 1500 (ignoring jumbo frames) the maximing amount of bytes you could send per packet is 1434 if you take 14 bytes for ethernet and 20 for IP and 32 more for TCP. A simple ACK packet shows up in wireshark as 66 bytes. That would mean the connection would need a downlink/uplink ratio of 22. The example in the image only has a ratio of about 10. If everything I said is actually reasonable and not flawed then that would mean they could only get a TCP connection download of about 100mbps. Is there anything obvious I'm missing here?

Yes, not every sent packet is ack'd

Tcp acks use the in-flight window to ack

So if you have 10000 bytes to send, and you send 2 packets of 1000 bytes, you might get an ack with a last ack'd byte as 2000

I forget the max tcp window size but it is at least 32-64k

Alright that explains thanks! I guess I should've just read up more on how TCP works

¯_(ツ)_/¯

It is a very complex thing if you get into all the different edge cases. Fascinating though 😃

I bet

@subtle depot the 1500 MTU does not include L2 headers, so the 18 bytes for Ethernet II (14 at the start and 4 at the end) is not included. That's why you will sometimes hear MSS or Maximum Segment Size as being higher, 1518 for Ethernet II and a but more for VLAN tagged packets. That's why VLAN tagged packets still get 1500 MTU

Yeah so that 1434 number should be closer to 1460

got the wrong number for tcp too

Changes the ratio but not the answer to my question

Thanks anyway

Is this a good idea 🤔

@subtle depot It can potentially increase speeds by detecting when it can have a larger MTU than 1500 but adds some overhead

This parameter controls TCP Packetization-Layer Path MTU Discovery. The following values may be assigned to the file:

0 Disabled

1 Disabled by default, enabled when an ICMP black hole detected

2 Always enabled, use initial MSS of tcp_base_mss.

It means that once enabled, your OS try to find the MTU between your client and your server using Path MTU discovery mechanism. It probably increase the default MTU (1500 on Linux) in your case, allowing bigger packets to be sent.```

Most end-user modems are 1492-1500MTU.

Anything large can lead to data loss or corruption.

True

I love my 9000 MTU that HE gives me though

Their entire network is 9000 MTU

Is there an small enterprise modem capable of doing QOS?

Avaliable in australia for NBN

I think that just about all of them do. If you're looking for something cheep then the EdgeRouter X is nice and very cheep. The unifi security gateway is easier to use but it more expensive. Let me know if you need something more powerful though

ddwrt exists, and has QOS capabilites.

If you are ok with consumer gear then load up a Linksys WRT3200 or whatever other consumer gear up with ddwrt or OpenWRT

Like Dooley mentioned

Depends on the definition of small enterprise modem, to be honest.

Most of the time I find people who want small enterprise stuff would be fine with consumer stuff loaded with alternate firmware.

If I have 2 Cisco APs(AIR-CAP3602I-A-K9), can I create like a mesh network with them or would it not be a smooth handoff as I move around the house?

Would I need a Wireless Controller?

Ok nevermind, they are controller based, so I would need a controller and thats what I want to avoid

You can do standalone mode with the 3600s but smooth handoff needs a controller

the x800 series like the 2800 and 3800 APs can do local controller mode with one basically running a WLC VM inside the AP and acting as a controller for the rest

So if you can get a 3800 or something then you could have that be a master controller for the 3600s

I see....

So I kinda want to improve my home wifi without really spending too much so pretty much buying used stuff from Ebay. Any recommendations?

You could try UniFi APs and running the controller in a VM

UniFi AP AC Lite, are those good?

This one is like 60 bucks on ebay

Can I run a controller vm for the cisco ones?

The lites are good

I dunno

Yes but you need a license

and the cost of a license is going to be about the same as a used 2504 WLC last I checked, which will have a RTU license on it

Wow is the 3800 series expensive

Yah, they are still in high demand as the next gen AP has only just started rolling out so it will be a couple years longer at least before the used ones flood the market =/

So since the 3602is are like 12 bucks right now, i might as well get 2 of those and then upgrade in the future when the 3800 are be retired.

So these the 3602i can be used as standalone so I can mesh them but without a smooth transition?

As far as I'm aware, yes

If you're not in a huge hurry I can ask tomorrow at work to make sure since I could be wrong and you'll get smooth transitions but I doubt it

https://software.cisco.com/download/home/284464214/type/280926587/release/8.3.143.0

is this the virtual wireless controller?

Yep

Oh yea that would be nice

I would appreciate that

Also, what do you do for work?

Network and solution validation

Haven't dabbled with mesh standalone stuff really so I would rather double check with someone who has 😛

Ok cool, I just started working for my school's IT so I started to learn about this networking stuff and I'm still a noob at a lot of it

Learning is half the fun, breaking things is the other half imo 😛

lol

The funny thing is my school doesn't give a shit about security, all the student accounts have admin for some stupid reason

*looks at @rocky badge *

Putting the client on a VLAN and not being able to access the router is fun

@clear igloo

That's a rip

RIP is bad, mkay

We need to use smarter routing protocols

This is a really easy network to draw

The office has the MDF and every hallway has IDFs

Did you have a seizure while trying to use paint?

I was on my phone

I want perfect lines!

Nein

@clear igloo So is there a way to get the virtual controller without a license?

Also, how much is the license anyways

Depends but I've seen them anywhere from $500 to $1000+

Holy shit

So I'm assuming you haven't met Cisco pricing

I'm just a high school student that wants to play around with some aps.

Come on cisco

😛

As I said, try looking at UniFi

looks like I have to redirect my domain fuckingyourwallet.net to cisco instead of apple now

I would go with the 3602i APs in mesh and deal with controller stuff later

Well the UniFi software is free but the UniFI APs are more expensive

Well the 3602i APs are 12 bucks on ebay

Plus UniFi is eaiser

Yea that is true

Max n

N succc

Now if you go to fuckingyourwallet.net

I mean, Cisco is enterprise/business stuff

Apple is more consumers and stuff

Completely different markets as well

Yea I'll get the UniFi Lites

Well i guess they both fuck wallets

And you don't need the $70 controller

Run it in Docker or on a Debian based VM

Run it on baremetal!

I'm going to assume that the Lite's speeds are way more than enough for YouTube lol

Baremetal succcc

/s

🅱irtualize everything

They aren't actually that expensive

If you look at their specs

What should I do for a switch? A UBNT switch as well, thats probably hella expensive

Bruh I know that, I was joking

Anything gigabit poe

Just to finish off the convo earlier, it looks like you can do seamless with mesh on standalone on the 3602i AP

@clear igloo Ughhh decisions decisions....

I'm going to assume UniFi Lites are def able to do mesh

https://www.ebay.com/itm/Cisco-WS-C3750G-48PS-S-Series-PoE-48-48-Port-Network-Switch-Free-Shipping/273512914500?epid=1760636832&hash=item3faea3de44:g:B2gAAOSwhh9btOJQ

I was looking at this switch

That's called wireless handoff/roaming

Cisco but 48 PoE ports at 170$

I need to brush up on my wireless stuff again but for now, homework x.x

Lol

Still in college?

Are there UniFi Switches that can be used with my UniFi APs and my other server stuff that won't fuck my wallet

Even the 24 port PoE is 400$!!

I'm in high school right now earning 17$ a day from working at IT....

You don't have to get UniFi switches, sometimes edgeswitches are cheaper and they have the new UniFi look

UniFi vs EdgeSwitch

Wow the edge swiches are a lot better

When the EdgeSwitch and UniFi Switch are literally the same thing but a different casing... 🤔

No, the edgeswitch is better. Has a decent cli vs the Unifi switch

I much prefer the edgeswitch stuff but if you don’t want to tinker and want something that just works then you would go with the unifi

@fresh copper Is it true that edgerouter does not have a proper ip helper-address command functionality?

They only have dhcp relay-agent

which is NOT the same

That is my current gripe about it right now.

@little schooner what exactly do you mean by ip helper-address? Is that some Cisco thing?

@fresh copper yeah it is

I need its functionality on edgerouter on order to let broadcast traffic travel past router port

But only for specific broadcast traffic.

And unfortunately edgerouter is limited in this regard

What do you want to do that requires broadcast traffic to travel beyond a single L2 domain?

@fresh copper pxeboot

the server is located on a different lan

and I need the broadcast dhcp discover packet to traverse to router + the pxeboot server

dhcp discover will hand the IP address but not the boot-server or boot file

pxeboot server will provide the rest of the details

and it will successfully boot

other solution is to merge lans or have a interface in each vlan I want to pxeboot with

that would mean a lot of ip addresses to keep track of

That makes sense. I don’t really know how pxe works so I can’t exactly say how to do it. Sometimes if you can’t figure out how to do something in EdgeOS you can look it up for VyOS or Vyatta as the CLIs are almost the same

hmm good point

Speaking of ubnt

Look what i just got

How does it actually work without the cloud key? is it the same software (interface) if you use the pc as a key?

I used ubnt at work, for first time, love it, but getting the key is expensive for home use.

You can have a raspberry pi for the controller

A windows pc

Literally anywhere

No reason to buy the key if you're a techie

Yea I've seen it showing up in the unraid container list even

So it's just the same as a key?

just not always online

possible

Imagine the cloud key as a raspberry pi runnning a small linux distro

that's what the cloud key is

if you have a RPi it's literally the exact same thing as the cloud key, the only difference being that the key is PoE powered, while you have to power the RPi with a micro usb cable

i have my controller in a cloud VPS 😄

cool

Not to expensive?

i'm paying 5$/month for 4 cores, 4 gigs of RAM and unlimited traffic at ~ 200mbps both ways

I host my controller in a ubuntu 16 vm. It's already hosting other services so why not serve double duty

Any low power device can handle it but just make sure to meet the mini requirements

https://help.ubnt.com/hc/en-us/articles/115009221227-UniFi-Recommended-Minimum-System-Requirements

Well if they're a paying customer you should probably make the required backups and not ask them to. A backup machine would be nice or at least notify them of an upgrade/maintenance window if it will be done within a few hours. (preferably outside of business hours lol)

I've a problem with the network on my pc when i use it as hackintosh. When i've not install drivers and clover with multibeast, internet works. But when i've install drivers with multibeast and i restart my pc, internet doesn't work. If you can help me pls mention me . Thx for help :)

Poor AP

😂

Yknow it's cold outside when the cat sits on the warm router

So pfSense or the UBNT Security Gateway?

Which one is better?

pfsense because of customization and package support, UBNT for simplicity

and ubnt has one of the best gui interfaces to work with it

Agree with the above.

@unkempt ferry I would go with pfSense. The USG is not great for people who want to tinker. It’s meant to be very simple but is somewhat lacking in features

I use OpnSense... Basically pfSense but opensource

OpenSense is nice unless you want to do IPSec

IPSec is not very good on OpenSense

Other than that it is nice and I have used it myself

Yeah, I don't use IPSec

expect it says that pfSense is opensource

How good is USG with dual wan?

Does anyone Know if I can upgrade the firmware of the management card in my 2950R2? 🤔🤔

wait, why cant i use both those 4 eth ports and the 4 sfp ports? What's the purpose of that

well its to give you media options, I am guessing they are only 1gig sfp ports right?

yeah

but why not adding another chip or whatever to control them separately

@reef valve I just saw your pic from yesterday with the Unifi. Nice toys you got. I love their equipment. They will literally never break.

Sure hope so:)

Flashing a RPI just now to use it as a openvpn server/unifi controller

https://ipv6excuses.com/

IPv6 is just a fad
XD

I don't want to lose the security provided by NAT bitch what

https://linusdrop.tips/RedParallelGourami
https://linusdrop.tips/UnknownWhisperedArgentinehornedfrog

"My vendor doesn't support it"

IPv6 is a security risk

xddd

Our DDOS mitigation platform can't monitor IPv6

Then that's a shitty DDOS mitigation platform

We'll deploy IPv6 right after we deploy DNSSEC

We don't have a lab to test it

xddd

I'm done What's IPv6?

I love IPv6

https://linusdrop.tips/DisastrousColorlessGermanspitz

My transit provider doesn't support IPv6

transit provider is a link to that form XD

Some people don’t like HE

https://linusdrop.tips/TwinLuxuriousChrysomelid

Also the whole thing where HE and Cogent don’t peer so if you only get one then you miss out some IPv6 routes

Android actually does not support DHCPv6 but everyone should be using stateless auto configuration for IPv6 anyway

Yeah...

https://linusdrop.tips/FavoriteUglyXenops

That's a shitty vendor you have then

Even Cisco supports it

Why rfc6598 when you can IPv6....

Even extreme networks supports it 😛

ewwwwwww

pls no

@clear igloo @fresh copper https://linusdrop.tips/InbornNaturalCorydorascatfish

Lol

My ISP finally got IPv6 a few months ago

Not all devices support it

https://linusdrop.tips/VengefulVengefulLocust

I have to leave IPv6 support enabled in order to have WMI working on server 2016

I'm not getting a public IPv6

If I disable it, no more ps-remoting

I can psremote without v6

Didnt work for me

Hmm

Once I turned it on and added listener on ipv6

It started to work

Very weird

What was more weird is that I connect to them via IPv4 address anyway

And still error without a listener on ipv6 *

https://linusdrop.tips/ExtraneousLuminousNandine

hmm

I should configure IPv6 on my firewall too, been lazy too 😄

Linus should do a video on downloading big games via Mobile data network.
Like with this bundle maybe

I dont think edgerouter supports firewall filtering on interfaces

does it?

There is no need to add it unless you really are accessing ipv6 addresses out on the internet

UBNT stuff is <#

❤

We run a lot of Edgerouter/UniFi stuff with our customers.

@broken cosmos so like a rant video in a way how different providers have different high speed data caps?

So, it is possible to do it though?

Also, you can't filter by DNS names in edgerouter... something that other routers are capable of doing

why not : (

That would of made so many things much easier to block

instead of having blacklists, just use a whitelisted dynamic dns name

to allow in and auto block the rest

the edgerouter struggle

@little schooner The Edgerouter does support firewall on whatever interface you want and can do a lot of quite complicated rules. It's true that id does not support the kind of DNS thing that you want by default but the specific thing that you want is possible via a script. If you go in the cli and type sudo su you get what is very close to a normal linux cli so you could write a script and set it to run periodically.

It's not optimal though

That's why I only use my ERX for my main wan and use a virtualized router for all of my internal routing

One of my projects is mounting a network share on an ERX and then using it to add some virtual memory so that it can handle the full IPv6 tables. It's a bad idea but will be fun to try

@half valley Yea something like that could work

I guess

Guys my brand new router is not responding

I setted it up and then i wanted to add some wifi extenders to have full coverage of 5ghz signal (tp link wifi extender+) i setted it up and then suddenly router stopped sharing both 2.4 and 5ghz wifi

The power light was blinking

We are talking about linksys wrt 1900ac

I cheked the ethernet cable to the router and it was giving signal i tried to unplug it and wait and nothing happened

No @long arrow

I tried that too

It looks like it's stuck in boot up mode

Ok

What a tiny rack

lol weird

lol that is really small

what is the range difference with 2.4 ghz and 5 ghz from the uap ac hd and the LR

?

on the forum they say that the AC HD is more about high density situations. not coverage

i know that but how many hds will i need to cover 3000sqft vs how many LRs i need

The UAP-LR is around 120m of radius btw

i know the range isn't the same as the advertisement. It's like when they advertise a "theoredical speed of.."

i'm just reading the specs

why not ubiquiti stuff?

so you would go cisco or any other brand?

whats the connection speed?

lol

test it with those super fast 100gbps machines

uuuu

LOL

that speed test screen is running in 8k

Guys

Woman

did you just assume my gender

I had an issue with the database on the unifi controller so i fixed it temporarily and messaged ubiquiti about it

I just wanted to share my experience with the "technician"

cause it's fucking hilarious

listen to him @hallow nimbus

Yeah

ofc

The issue i'm having is i couldn't export settings

So i did the mongodb fix thingy

and i couldnt restart the service as /usr/lib/unifi/data/db was owned by root

for some reason

👀

I changed permissions to unifi and it ran

but the guy has no clue what i'm talking about

NO caps ayyylias

XD

ohhh so you are a junuiper boi

thought you were a D'link dude

xD

who is a d'link dude

are you kidding me

@hallow nimbus is

have you actually met anyone in you're life that's a "d'link dude"

whoa

that's a whole new level of being hipster

👀

it's like pinging a website with powershell

that's like

out of this universe

I dont use d link crap lol

I use netgear

YOU SEE

aww you do

Xd

so ubiquiti guy is still gone

still hasn't replied

wolololol

wow no caps huh

feelsnocapsman

oi

someone translate this please

hes gone

owner and group both are unifi means user

what

what

m e a n s u s e r

w h a t

My ISP didn't know what Ubiquiti networks was, well at least network support 😄

nah man i disagree

The AP coverage i got from my setup is out of this world

Meh

Haven't had an issue so far

The issue i have right now is probably a consequence of me running everything as sudo su

why wouldn't i su

but you can sudo su

i have all kinds of brands

The Dlink is the Gateway provided by the ISP

did he find this on google?

as last resource

SSG-20

The one without wireless functionality

He prob did @reef valve

i don't remember, i didnt turn it on in months.

he probably has

this one?

i don't think he has any linux knowledge

at all

guys

it's official

bigger?

he has no fucking clue

XD

omegalul

you are the support center's most feared person. The one that has a super complicated problem they cant solve

XD

the roast to support centers

My RIPE ATLAS probe shipped. Also they are sending three even though I only applied for 1