#networking

lol

go around with a microwave door

as a shield

That would help at least a little bit

I have an irritating internet filter on my Samsung tab a 10.1, ever since I downloaded Covenant Eyes, (the internet filter) I have been unable to access anything internet related. The app works using a vpn.

Delete the app?

@cunning shoal disconnect from and disable the VPN.

Wont let me

I fixed the issue tho

Apparently there were parental controlls on our router which was messing with the filter

Pros and cons of Ubiquti AP AC Pro vs AP NanoHD

@remote kernel You may find more and quicker help on Ubnt forums or on their community Discord about this 😃

But I'd say from what I saw when I looked for some AP equipment for my home that it's about the effective range and max bandwidth (depending on wifi band compatibility)

And also, it depends on what you prefer to install, an AP on your celling or on a wall. Installation type and placement will change your AP effective range though.

And you can simulate with a map your AP range with their Unifi tool demo : https://demo.ubnt.com/manage/site/office/maps/physical

ugh it takes so long to clone vms on this cluster

@high anchor what if my ceiling is finished, how does wall mounting affect range?

Also if I am only looking to connect fast clients, does it warrant an upgrade to the nano?

Basically, it looks like this :
By mounting on a wall, you will cover less room space where you installed it but it will cover more behind the wall.
By mounting on the ceiling, it will be the opposite.

Ok

Im planning on ceiling mounting all of them

Does anyone here have advice for taking the Network+?

@high anchor Could you help me intepret the picture you posted with the APs?

What do the colors mean? and whats with the range extending outside the diagram?

How can you tell if there are dead zones?

is the green dead zone?

i would say red is where the signal is stronger and green/light blue is where the signal is weak or acceptable

ubnt's management software is insanely good

@lofty musk if you need N+ watch videos on it & test yourself on concepts

otherwise go for CCNA or similar

you'll get more value out of it

@subtle glen thanks that makes sense now

@thick minnow I can test for the N+ for free through my school

if that's the case, go for it

but i wouldn't renew it

So I would like to get all the certs my school offers for free.

Why is that?

unless it's getting you somewhere and you can justify it; there's no point

it's $50/y to keep it

which is kinda insane if you're not working and it's not benefitting you

Ah that's understandable. I understand alot of the concepts now but it's the very specific stuff within Networking I gotta study

like which bits?

also: i've got a bunch of books if you need one

Memorizing ports and what they do specifically. I understand the OSI model already. Very specific stuff like standards and how much dB fiber can lose when run a certain distance

oh

so the stuff that's not important 😃

the "the cert requires that i know this" stuff

Lmao yes

if i had the cash and sufficient will to live, i could prolly bash through a cert or 2 a month

but certs expensive, yo

They really are, If I had more free time I could take the cert in 2-3 weeks from now

But sadly my semester is ending so I gotta work on research papers and such

i've been ready to take LPIC1 for ~2 years now

just never had the cash

Oh wow

I would like to go for that but my Linux skills aren't nearly that good

LPIC1 is pretty easy tbh, just dive into linux and learn stuff

I would work more on Linux but my damn server is so unreliable.

I've troubleshooted it for so many different things I'm completely lost with it.

for now, a few endorsements on LinkedIn will have to do

Should I make one of those?

depends on who you talk to

it's gotten me a good few interviews

But has it nailed you a good job?

it got me a job

I'm not even on that boat

I've had a few interviews but no luck.

i quit after 3 weeks, but that's a different story

Ah ok

What type of books do you have btw?

sec

http://ixi.me.uk/uploads/books.txt

I can just choose what I want?

sure, just pm me

is this all i have to do to give my pc's traffic priority?

@subtle glen that's only needed if WAN bandwidth is a problem. Is it a problem?

i would say yes

How fast is the line

yeah

Yikes yeah that def. Needs it

Hmm I ahevnt played with smart queue or queue before

me either

i don't know if the QoS is working now or if i have to do something else

Screw guests https://linusdrop.tips/PufOZmT.png

xd

better than mine

xd

Guests can't access anything from my main network

same for my gues network, handled by a cheap netgear router. Cause i care a lot about their wifi

HA i just dont have one

I would enable the rate limiting but it disables hardware offload

And I really want that

https://linusdrop.tips/CMGyVRT.png

do you have that UNMS server?

yes

Is that last rule redundant? Since your already blocking 10.0.0.0/8?

That would include the last emtrys ip

it still somehow gets through

Hmm that's weird

Is that for a vlan or port or local router interface?

It shouldn't be getting through

port

Guests get the old crappy router

too lazy to add HFQ so the whole guest network gets to fight over the 20/2

xd

I was thinking of getting like a NUC and putting pfsense into it

And then enabling qos since it wont tank performance

i would go with this

Like the cpus do in edgerouter and stuff

Which nuc

Haha that's massive

it should run pfsense

I was thinking i3 or the i5 model

Basically one that can still have like line speed with qos

CPU needs to be fast

I have line speeds with QoS

I dont even know if that's realistic

On which device?

Just run a USG with DPI

you'll be limited to 100Mbps

xd

That cuts speed too

ya

Ik

CPU limited

That what I'm trying to get over

With QoS I get my speeds

i'd love to use USG or pfsense, but my piece of shit ISP decided it was a good idea to not allow bridge mode on their gateway

My line recently bumped up to 250mbps

Out of nowhere

@swift fractal haha, oof.

AT&T?

yep

AT&T Fiber 1000

speeds and stuff are great

I remembered 😄

wait....

i'm so limited to what i can do

Aww that stinks

you should be able to put the ONT into bridge mode

nope

Hate when they take away control

What is your ONT?

i actually think using a USG there is a bridge mode workaround

I really wouldn't mind enabling qos on edgerouter but they dont do it on a per interface basis

It's either on and offload disabled or

Qos off and hardware offload enabled

No flexibility

all ONT traffic on AT&T is protected with 802.1/X which needs a unique certificate on the gateway

without it, you might as well beg a turkey

you should be able to use your own router with the ONT

hah

i wish

What model is your ONT

my ONT is provided by AT&T

Which is....?

i have no clue

all i know is the fiber runs through the ONT, which plugs into the gateway

I know two people who have AT&T fiber gigabit and they both use their own router

¯_(ツ)_/¯

using your own router is possible

using it in bridge mode is not

then replace it?

put a media converter?

i'm not sure you understand what i'm talking about

bridge mode works on the router and is more than willing to accept it, just not on the modem/gateway as it is locked down (BGW210)

The BGW210 has passthrough mode which is bridge mode

IP passthrough is not bridge mode

lol

It's not real passthrough, but close enough

it sortof is

but not full bridge mode

Yah, closest you can get unfortunately 😦

after looking it up, it is possible to use full bridge mode with a USG and pfsense, it just requires extensive configuration

but wait: if a company puts dark fiber, can i buy one line for my purposes?

probably gonna pick up a USG

pls not the USG 3 port

only thing that's wonky is ipv6 on bridge mode (which idc about)

I thought some of you might be interested in what a Google Fiber ONT looks like. This is not mine but the photos were generously provided by a friend over on the Networking IX discord

@rocky badge mine's iPhotonix.

?

@rocky badge fml https://dooleylabs.com/?🍌=ddheaw.png

My router (10.0.0.1) to the ONT (192.168.1.1), then through the ISP's network (10.80.0.1) to my final destination, which is a public IP inside the ISP's network, yet the most I can do is ping the damned thing. Not sure if it's my fault or an issue on their end, but opening ports on the network ain't easy.

*Which is a good thing, security-wise, but I'm temped to try another application and see if I can remote in that way, like an application on port 25565.
Thing is, the entire community of over 1000 homes appears to share a single IP, which is foreign to me, but understandable.

I have a hp thin client how do I set up RDP on it

👀 Have you Googled it

do you have a set ip on it so it doesnt change

@unreal wedge

It's a static given and assigned from an ISP block, so yeah.

ok then i dont know man i am sorry

Still tracing the issue, but could be an issue on my end. New to this router and all. So much easier in a Linux CLI without any Windows involvement, lol.

ya when i was dong stuff like that i had a vm of linux and i was connecting to a red hat server

that was almost a year ago now

also only time i done stuff like that

I dont work with linux enough to understand using it as a router or switch

Let alone keeping track of what updates break functionality in packages

It's harder to troubleshoot without a comfortable handle on things

just learn it

if you get in to an isp or some serious work you run in to it alot

it come in handy

like getting roms from weird sites

So that open port 25565 thing worked, except it was the RDP port, and I had to do a bit of sorcery to get it to work. Turns out the Windows firewall doesn't like NoMachine, lol.

lol ya windows will do weird stuff like that

NoMachine likes to be extremely unstable in some circumstances, but I'm wondering if the gateway's causing the issue. NoMachine can't detect nor obtain port 4000 from the gateway, even though I have that port set aside specifically for that server's IP address.

@unreal wedge you get a private IP from you ISP?

Yeah I did google it...

That’s why I came here cause google diddnt help

@unreal wedge sharing a single public IP

@zenith ridge btw the technicians were wrong. you NEED a main cable coming from the street to connect the building, there are no individual wires. So i still cannot activate the line

So 1 fiber comes in, and then they connect you, but I still guess they do not put fiber in unless someone is going to use it

they put it today

they hook it up and then if you want,you can activate a line

even if none is gonna use it, they run the fiber to the bulding anyways

Weird, I dont see the point in running fiber if no one is going to use it, here they just put a tube ready to run fiber, if you are going to use it, then they run fiber trough

it's futureproof, maybe not tomorrow, but at some point fiber will become more common like copper lines, so someone will use it.

maybe in 3 years, all the old people in the buildings will die and younger tenants will live here and request fiber

Rather have better speeds tho then a fiber line to the home

the max you can have with copper in this street address is 30 mbps...

ISP use fiber in the name already, and it's still copper cables to the homes and max 400Mbps download

this is FTTH for 1 gbps (or even 10 gbps) placed by a third party company that is not an isp. ISP's then buy it

They just run the cables, and manage them, while any ISP can give you a public IP?

and pays for the line to use it?

they put the fiber/cabinets etc, then the ISP buys slots in the POP (that is a conntainer/eletrical substation that is connected to 1000 homes) and with these slots the different ISP's put some expansion cards that allow them to use the line. The customer then decides the ISP he wants for internet/phone. Then to the nearest cabinet (250 Homes connected) the technician looks for the cable with a label that has your name/surname and connect it to the patch panel of the ISP.

at least, this is what i understood

They put dark fiber and ISP's buy it

I see

That is better how they do it here

but then you are stuck with one ISP

Here we have 2 main ISPs, and some smalles ones that use the network of one of the bigger ones

Both have a line to every house, 1 on copper wire, the other on coaxial (still copper)

so it's stupid, because they should just use the same wire to the house, and cut down costs

here old copper lines were handled by a main ISP (and maybe another company) that runs the cable etc and the isp's buy the slot in the cabinet or line from them. Similar to what they are doing now, except this company is a random digging one that was hired

Yea, but the fact they use 1 wire for every ISP to the house, makes it so much better

and not like it is now, every ISP on their own

i mean what if there are 10 isp's. What do you do? run 10 cables to each home? That is just dumb and expensive

My point exactly

i just hope they finish the job quickly now

😂

waiting till AUG

Auch

maybe they will turn it on on december, as Xmas gift

Maybe new years pressent

2020

😂

pls no, i could cry

@subtle glen would share my fiber with you bro, but I don't have the optics 😦

we can just stretch a cable

thats kind of odd they are selling the fiber to an ISP, thats a lot of cost waisted

Also today i was measuring the conduit diameter to run my fiber to the garage and i also took a broom to clean some cobwebs that were on top of the door frame and this lady that hates me took the dog downstairs and started watching me through the glass. Then someone walked nearby and this lady started to say things like "that kid of the 3rd floor is doing something in the power room, i don't know what is he doing" . Looks like we got our first complain about this project 😃

so far, so good

@chrome hound why?

lol

most networks want to keep ownership of the fiber, if you sell it your network loses value

while we do provide dark fiber, its leased not owned

Well, but if they buy it, it becomes their network

Why don't you and your isp buy a couple of dark fiber lines here and hook me up with dual 10gbps 👀

lol no money to be made in a couple lines, we are more bulk opperation

and we are not technically an ISP, we just provide infrasturter

infrastructure 👀

Does anyone know how much would a 100-150m running of fiber run?

I want to link 2 buildings via fiber

I would head over to FS.com and do a custom fiber cable, you will need some details, but that should give you a cost

Cost = Expensive prob

they have really low prices in my opinion

also, what's that OS2 OM4 OM3 etc?

That's such a nice color

It's weird to have nice colors on fiber

Yeah so I got an offer from my ISP, it's 70E per mbps, I think I'll stick with me running a fiber between the buildings.

i got too much MTRJ to LC fiber cables 😦

Linus should explain all the different fibes out there, because I have no clue what you just said 😂
fiber = fiber, you already have SFP, SFP+ and more .. 😂

Yeah but there is single mod fiber and multimod

Or somethink like that

But then you have OM1,2,3,4

Yeah

OM1 and 2 are for 10Mb to 1Gb Multi-Mode fiber while OM3 and OM4 allow for much faster speeds (100Gbps) and at longer distances for Multi-Mode (100m and 150m for OM3 and 4 respectively)
Single Mode fiber allows a single mode of light to transmit through the small core of fiber and can allow for transmission over many kilometers of distance compared to multi-mode fiber which allows multiple modes of light over ~500 meters or less. Single mode is usually more expensive and optics will determine the distance the light to travel, anywhere from 1-2Km up to 100+Km

Well someone at fs.com recommended me for my 120 m run an outdoor reinforced cable, multimode OM2 with 2 fibers.

I'm waiting for a price right now

If you don't need more than gigabit then OM2 is fine

Well I'm only running with SFP modules

So 1.25 max

Yah, so you're good

Now I need to see how I will put it underground

Maybe use the ISP channels

I would be careful with that, if they see a fiber they don't know they could just cut it

^ I've known ISPs to cut their own strands because whoever laid it didn't label it

LOL

why would you cut it anyways xD

because it's their space to use, and if it's not labeled, it's most likely not theirs

but check where it goes first...

maybe it's some ISP backbone and they just cut it

time = money i guess

😂

I'm sure the backbone is labeled

very well

i hope it is

i don't see any labels on this one. I might cut it

Well

that cable

is not even small

I'm sure a private company isn't going to get that underground without someone noticing

some hydraulic scissors can cut that pretty quickly

weeeeell but a small sign on the beach is nothing

on top of that you've got the random road workers/farmers that slam a JCB into the ground and cut both the main and backup cable

like what happened at my college

i wouldn't put my backup cable that close to the other one

you wouldn't

but contractors would

^

did the isp even told them to have a certain distance between them?

not ISP lines

AT&T drug a large trencher out to my house, only to have the guy push a shovel 2" into the ground, push the cable in, and cover it up

sounds about right

the cables were for the college multi-CAN

@clear igloo then this happens

then whoever planned to put the 2 cables should have specified that they wanted them separated. Also contractor's fault for not checking for any utility line nearby

looks

healty

👌

Is it free to use azure ad just for the purpose of easily letting users reset their passwords?

And what does azure ad really provide? Does it work best with office 365?

Looking for best router for many many devices in an apt

Pfsense router

Link

Build one

😄

https://www.pfsense.org/

Ya no

I want a good router

I am using a old dell server as router 😂

With antenas

Who needs wifi when you have good old copper

I need wifi

he's getting angry

get something with 5ghz wifi and from a famous brand

i have a question: how can I switch to IPv6 instead of IPv4 in my home? Do I need to ask to my ISP or something like that?

@edgy pasture ez, get access points, n00b

but
pfsense + APs > WiFi router

@wet carbon if it's about local network, you enable/make a dhcp Ipv6 server

if you want a public ipv6 ask isp

like... in my main router's config?

yeah

SLAAC

hmm, ok. Thanks a lot

Prefix delegation and SLAAC

I mean i was looking at an ac5400

But is the asus one better

Asus and networking

Ik

Whats best brand

For home usage: Ubiquiti or custom pfsense

Ruckus

Something easy to setup

ruckus for home usage

And not a million dollars

Ubiquiti is ez to setup

Less than 400

You can get a setup for less than 400

just get something like this

UAP AC pro is $139

USG is $119

Isnt there a fee

No

US-8 is $99

Run the controller on a VM or docker

I care about power

That would run $357

Doesn't take a lot of power

looks like you don't want anything fancy/complicated. Get some TP link routers

Running a vm is power for me

Will tp link interfere with another tplink router

You can run it in Google cloud for free

I have a tplink for wireless vr

What is tplinks best router

probably the one with 8 antennas, but one with dual band wifi and 2/3 antennas will do the job too

Black friday

Might as well go big

Then go unifi

Not tplink

TPLink isn't great.

So linksky

Is unifi that good

And no monthly fee

Or anything

why would they have a monthly fee

its just network equipment

There's no monthly fee

It only costs the hardware to run it

So what would i need

To replace my router

USG + US-8 + AC Pro, USG is the router, US-8 is an eight port switch, AC Pro is an 802.11ac AP

The AC Pro can cover an apartment

This is going in a closet

In the corner

It will fit anywhere

Will it handle 50 devices

Yes

Even from a corner

And it handles gigabit right

Yes

Wtf is cloud key

Also 150w wtf

The controller

You can run that in a VM

Or docker, or on AWS, or Google cloud

I dont want to set up a vm

I thought this would just go together

It can run on windows and it doesn't need to be on 24/7

Idc

Get a cloud key then if you dont want to run it on vm

Thats fine but no monthly fee right

Right

They arent like Cisco with license fee

All of this seems to have big power draw

What does?

And how do you know?

Who's telling you

Anazon

150W

Ok so what is the total list of things i need

Links would be good

I was looking at linksys 5400

So go for that if you want an all in one unit

The unifi stuff is best for many clients connecting at a time

Like say 40, 60

The consumer stuff is for a few at a time and give highest speed

I have smart home stuff

And i use 3-4 different devices that really use bandwidth but not at same time

So I guess that 5400 should do just fine with a simple network

Only make it complex if you need stuff like vlans and guest network, etc

Otherwise keep it flat as possible

I know this is a bit late to the party but that 150w is available PoE power it can supply, not how much power it will draw if you're not using that

@clear igloo that's right

has anyone used the NIGHTHAWK X6S? got it onsale today for 130 and wondering if it is pretty good or not for a 1200 sq feet house?

@lilac tree decent router.

Light travels at 299,792,458 miles a second and the distance from LMG to my house is 2900 miles. How long does it take for light to travel from one to the other?

There are internet exchange points and switches that will occur during that transfer

I'm trying to figure out the theoretical fastest time

And it will go through a couple of routers and hops

thats what she said

so I can figure out how much those hops are slowing it down

anyone hear able to help with my r7000 router
the 5ghz band dont reach its full speed
its running tomato

also it depends on the path

The answer is 15.5913978 milliseconds

Assuming a straight line cable

2900 miles is the distance by road

Also, lmg don't host their videos in-house

the point is I just wanted to know what the minimal possible ping from coast to coast would be

The west coast of Oregon to the east coast of Long Island by car is 3273 miles

Light travels 186 miles in one millisecond

17.5967742

In the real world, it's not unreasonable to get 25-30ms coast to coast if it was all within on carrier.

not sure if this is a problem for here, but it's 'networking related'
Ok i wonder if anyone knows a solution to this. Got 2 (1 'server' running Mysql. And 1 'client' ) computers, both running XP SP3 - Embedded (Fully updated to Oct 2018) At the end of the day both systems get turned off. And in the morning both systems get turned on. However the client doesn't want to read the share (removed and added through batch file on client when starting) and load up a settings file to start the program until you manually go to 'my computer->click network share' (No red cross visible on the network share). If the 'server' stays on overnight this problem does not occur and everything works fine.

@stable warren wow that problem with network share almost sounds like the fix they have still yet to release for windows 10. Shares having trouble to reconnect

Not sure if its related

@lilac tree My cousin had one before selling it. X6 should be plenty for a 1,200 sq ft home (depends on construction). His two story house got good coverage.
Though ever since getting UniFi I kind of don't look at all in one routers the same now. lol

Hi guys, I have a question about wifi coverage. Currently I have a dead zone in my basement about 100ft from my router. Could the walls be interfering that much?

Yes

And dont forget floors

Floors are the worst

Walls are bad especially with a bad angle of attack

Does anyone use 802.1x on windows client? I have a question..

@little schooner what is the question

@little schooner we're talking Windows XP embedded here

Hmmm aerohive ap units are freaking awesome

@little schooner I do 😃

?whois

I is 😄

1. So I have 802.1x currently setup for some Windows laptops. The problem I'm experiencing is that, the laptops dont automatically pickup the wireless connection until someone logins to the laptop at least once. I always have to login to the laptop with a domain account in order for the laptop to be able to use machine authentication by itself on boot up.

Is there a way to make it work after a MDT deployment without having me login with a domain account to get it going?

2. And my second question is, I tried to use a cloudflare wildcard cert on a NPS server, but windows says that it does not have enough information to verify its legitimate. Is it true that Cloudflare Origin Certs cant be made so clients can trust them without additional certificate installation onto devices?

I would use letsencrypt but I'd rather have a year or more with one installed cert.

Ah, I've never deployed laptops with MDT and 802.1x before so unfortunately I won't be much help =/

Its okay

And I just wonder why things cant just work xD

Because besides that, its like hands off

Cloudflare Origin certs aren't issued to your domain

it's issued to a name that Cloudflare's reverse proxy trusts

@rocky badge ahh so yes I did misunderstand the usage of it

Do you recommend a cheap provider of wildcard cert? Or is there not such a thing?

google it xd

Man they are costly $40 a year for one site and more for others

just make your own root CA and issue certs

Hmm okay so with that route, I encountered another problem

Iphone says my internal cert is not trusted

How do I make it so it doesnt show that message?

You'd have to get it signed which costs money

Ugh the struggle

Trying to remember how much I paid for my wildcard cert

With a trusted ca cert, it doesnt throw a fit

I like it when devices behave

It's a pain to load in new certs to all my devices

Like chromebook,android, iPhone,

Yah

For websites I'd use the cloudflare route but for stuff like nps

I'd really like to use wildcard

And stuff

Yah, I think I bought a 2 year wildcard for like $100

Was it worth it to you?

I was thinking of using it for openvpn too

Yah, I use it for my VPN and all my internal domain stuff. I mostly got it so I wouldn't have the untrusted stuff pop up 😛

Yeah yeah that's what I want to remove. All that untrusted junk

Hmm

As long as the private key isnt stolen, you can use the wildcard cert without worry, correct?

@little schooner install your root CA on iOS via profiles or MDM

Yah

@rocky badge I did try the profiles method, and it says "Verified" for my internal CA.

However when I then go to log into 802.1x wifi

It says Not trusted, the server of NPS

But it has a cert path from my root CA

Like root ca > nps.domain.net

So I'm confused why iphone still says not trusted when I put it in as a trusted profile

Oh on android it works fine

It trusts it

This is my WiFi cert signed by my root ca

Is that on android?

Yes

I made profiles for parents' and my iPads

@rocky badge with MDM you installed it? Or did you install it manually by clicking into their devices?

Is mdm free for consumer to use?

Apple website doesnt show a price when I looked

So safe to assume it is?

You have to have a MacBook

MDM has to be configured by installing a profile

but then it's from the MacBook

Ohhh

Yeah I dont got one =[

@little schooner Why not Let’s Encrypt Wildcard Certs? https://community.letsencrypt.org/t/wildcard-domain-step-by-step/58250

@fresh copper Hmm, I was trying to do it yesterday with cloudflare but I was unsuccessful

Also would it work for NPS? But then I would need to leave a machine on to automate the script to renew it each time

But then, what if someone takes my domain, does that mean they will be able to validate it in 90 days and steal it?

And with the letsencrypt way, would I need to constantly implement the renewed cert?

I have never used NPS but I suppose it could work. It’s just a normal cert so it should be fine. It does have some issues with Cloudflare so I think you have to do the DNS way which means that you would need to have a script to automatically update it.

I’m not sure what you mean by someone taking your domain? How would they take it?

@fresh copper perhaps it's a false fear, but I read online that there was the possibility of someone renew your domain on your behalf and then taking the certificate and key without you knowing, etc.

And then they start using it on their system

Most hosting providers have a domain lock option so they would have to log into your account, undo the lock, and migrate the domain away, and then renew the cert without you noticing

Acme.sh has a Cloudflare API implementation

And more stuff

Unless you have a non-registered domain and are using something for internal access only

Hmm okay I guess that makes me feel better about it

@rocky badge is that something I could run on, say, a Ubuntu server that doesnt have a web server installed?

Yes

And what does that entail, just download the script, fill in variables and run it?

If you use DNS or registrar auth it doesn't need web/outside access

Yes I think I'm doing the DNS way

I have cloudflare DNS for.my.domain

https://github.com/Neilpang/acme.sh/wiki/How-to-issue-a-cert

If you're using cloudflare it uses their API

Oh cool

Alright I'll give that a whirl

Ty

https://mangolassi.it/topic/16704/using-acme-sh-to-generate-wildcard-certificate-with-nginx-and-cloudflare/2

Try this

It says nginx but it's just configuring nginx manually at the end

I think that if someone manages to renew your domain for you then you have larger issues than a certificate. Even if you used a different certificate, they could still get a let’s encrypt one regardless

It’s not much of an issue these days though

wire p0rn

but that optical cable looks a little streched

I think I made the biggest mistake when creating my windows domain

I used .local at the end and only used primary suffix

example.local e.g.

that causes split horizon dns issues

ugh I just realize all of this now

ooooof

.local

ik its actually cause a particular issue with my unifi controller too

its adding .local.local

.n003

Never use .local

and causes docker to fail to start it

:(

and you wanna know what the worst part of all this is?

I use ad.ryois.me and lan.ryois.me

I think I will be using ad.example.net this time

but the worst part of all this is my CA is also based off this .local domain

which means I have to revoke all my certificates

and reissue them all again

since a domain rename operation wouldn't work either. I did not publish crl correctly to more than one place.

arrrrrrrrrrrrgh

the struggle

Your CA can issue to a different domain??

It's not hard lel

No, because it will be very messy

oof

because I will be using new CRL feature

I just make clients enroll and get their own certificate

that i didnt pay attention to before

https://ryois-cert.ad.ryois.me/certsrv

i read in docs that CRL cannot be updated for issued certificates

meaning I have to do it all again

https://linusdrop.tips/FJs7i68.png

Oof rip

I was considering this

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2003/cc738208(v=ws.10)

Just redo it

It's easier

yeah i was just gonna say

but wait

how to transfer user objects over?

or thats also a redo?

Uhhhhhh

Redo

https://linusdrop.tips/QcmyC09.png

@rocky badge basically if this does not have the proper URLs that you want certificates to check for revoation on the windows clients, or even a intermediate CA, all certificates have to be reissued

I only had ldap on it

who owns that link XD

oof

mine was automatic

and since ldap is works with domain name

yikes that means a rename is in order

and that cant even be done

so yes, by scratch

I did mine automatic too but I now decided that it was time to get off .local

since encountering the numerous problems on ubuntu and some name resolution like mdns

its against rfc to use .local since mdns uses that

I was getting lots of dns problems with it

At least I actually read the documentation this time so I can make it right. Waiting for the Server 2019 isos to drop for imagine though

@little schooner spammy

I just noticed that, I'll try to keep my sentences together. sorry

@little schooner I don't think 2019 ISOs will ever drop XD

we are getting closer. Today they connected it

👀

@subtle glen not bad looks neat

i know, right? for me they could even have left the cable dangling from the ceiling. i just want fiber at this point

i was like renewing the scouts internet and i was like what does this option do and i turned it on

and it like disabled the scouts wifi -_-

and could take 5 mins to a few hours to come back on

https://www.humblebundle.com/books/cybersecurity-packt-books?hmb_source=humble_home&hmb_medium=product_tile&hmb_campaign=mosaic_section_1_layout_index_2_layout_type_threes_tile_index_2

Does Fujitsu Messhu support a wired backbone?

ubnt unify does, it will use cable if present, if not it will connect to an existing AP

It does not connect to multiple AP at the same time tough

I'll buy a set and return it if it doesn't XD

But at work it is helping me out, we have an office, and floor 2, the cable doesn't work, so the 2 AP there, connect to an AP lower or above floor 2, and connect to each other with the cable on the floor, so at that floor only 1 is connected to another floor for an uplink to the network

Till I get to fixing that cable to that floor

what set are you using?

UniFi AP-AC-Pro

and then

If you enable this, it will connect to another AP if it still has power and there is no connection to the network, it will also share its connection to the wire, so you can connect a switch and other AP trough the AP with a wireless uplink

Unless you need more complex meshing this would be a good option

I picked a set of Fujitsu messhu up and it works great and it even supports a wired backbone and AP mode

BTW it does support a wired backbone

Anyone able to give me a bit of help?

👀

If you have a question, just ask rather than to ask if someone will try to answer the question or not :)

(as long as you aren't asking about someone to help in PM)

This is from another post I made with no replies ;-;
"This is mainly for people in the UK and more importantly using Sky Fiber or Sky Q. The internet speed at my current house using our standard box is 37 Down 8 Up most of the time. In our new house we are maxing at 28 Down only a few up (4 max so far). Would getting a new router help with this? I know sky used to lock out third party routers but apparently their contracts have changed? Just wondering if anyone has experience with this."

sky = shit

dont evan try it

if you want speed go for virgin media

Well I have no choice hence my question.

ye we use to have sky fiber and the speeds we would get was 8-10mbps down and 0.5mbps up on a fiber conection
sky said like was fine and thats te fastest speeds in the area but others in the area had alot faster speeds

Well that isn't what I am talking about now. I just wanna know if getting a better router could improve speeds a bit and if it would work. Given their old policies.

you can get a better router

but you carnt replace the sky one

Unless you got issues with it now, I'd just stick with it

How do you get that speed on fiber? I get more on coax. I am not in UK tho

I would think as long as your current router is gig capable your not going to get much better performance, it sounds like the fiber provider is the bottle neck in your case

@lean pollen fiber here is basically a marketing gimmick for fttc, then victorian copper to the house

👀

I do not understand what just happened

@thick minnow if you have FTTC, you don't have real fiber, and companies here wouldn't market it as fiber either.

i know that, you know that, but Ms McGlinshie down the road doesn't

it's allowed to be called fiber here because there's fiber in the chain

Anyone know what "folding" on a server means?

depends on what you mean

it could be literally just folding@lunar warrenme stuff

I was given an extra computer and I'm looking into setting it ups as a server or a linux machine or some other sandbox for projects but I read forums saying that you can do "folding". Don't know what that means

https://foldingathome.org/

OHHH

I've heard of that

Didn't know it was called folding

Basically a massive network of donated computers

Internet supercomputer

it's called distributed computing

but tbh, the only way it's worth it is if you don't pay for the power bill

But if FTTC is what he has that gives him that speed, and ISP is saying fiber, it's lying and none of the ISPs here would do that

it's not lying here because there's fiber

Tbh my university has 100mbps up/down internet as well as no power bills so

if there's no bills, go for it

but other than that, you'd be better off using it as a lab

Gigabit is granted to certain computers. Our office is within the IT department so we get gigabit hehahaha

lol

My coax might be FTTC, I don't know, but no one calls it fiber

there was guy a while back that used an entire uni network to fold

As it should

where are you Mihle?

cause in the UK they're allowed to call it fiber even if the "final mile" was copper

Norway

I don't know what the actual laws are, just what ISPs are doing

there's instances where you might have FTTC, but you get <1mbps down because your copper line from the cabinet to your house is shit

or from like the 20s or some shit

I have 120/15 btw

yeah, our regulations on internet is antiquated at best

superfast can be anything over 50mbps irrc

hyper is over 100?

or something

Slowest option my ISP have is 60/10

slowest option for BT (the folk that own basically all the lines) is 10

for £32/m

....

60/10 is 40 € here or something if I can't remember wrong

And 120/15 was 50 €

Or was it 45 and 55, can't remember

But because lot of the people in the street have get, we get it cheaper, but don't know how much cheaper

Not the best, but seem better than UK

this maybe seem more right, does anyone know how to connect phpMyAdmin to mysql?

Could not connect to the database Database :SQLSTATE[HY000] [2054] Server sent charset unknown to the client.

I only have 1000/1000 D:

Where do you live @real hamlet

I need that connection

lol

the indians

to get rid of t-series

:)

wtf is this

Has anyone seen patch notes for RHEL 8 Alpha ?

They did one hell of a job for OS

From 64 TB to 4 PB of RAM, Python 2 is being depracted soon, KDE is removed, virt-manager is depracted for favor of Web UI, YUM pkg manager got some updates and tweaks...

Illinois @hallow nimbus

@rocky badge If I use acme.sh to generate the wildcard certificate, does that mean I have to replace the certificate on devices manually that can't run the script on a schedule? I think I forgot to ask you that specific.

yes

So, the certificate can't be left there once its expires

you have to put in the renewed one

Yea

yup

the painful part of using LE

man that's going to be hard to do with cameras and windows servers

ugh

On Windows Server you can automate PowerShell

Hmm, i'd just need to know what registry it sets when picking certificate for NPS

i think...

It’s usually possible to script something though. Sometimes you can make a script on a different server that sshes in and does the thing if there is no cron. If it’s a web form then usually those can be automated too but it’s a bit annoying

Thanks for the clarification

I am still in the process of moving my entire domain onto something that ends with .net, a domain I own. Something like ad.company.net

I use visio and all to make it pretty and clear. I feel very prepared to do it once server 2019 lands. Then I can put all these troubles behind me. Microsoft is definitely taking too long to release the ISO, even if its the eval.

Has anyone here setup an OpenVPN server?

Me 😄

mine has a web GUI 😉

Send me that

@rocky badge

I could really use that

port 3389 hmm, isn't that rdp port?

ye

@hallow nimbus pritunl

@hallow nimbus what openvpn server is that running on? Is it it's own OS?

@rocky badge how did you setup yours?

my router has a built in vpn server lol

@little schooner it was an AWS AMI

Wondering if i can use synology NAS + raid array to use as NAS, HTPC, and also run virtual servers off it?

@thick minnow virtual servers being web servers or actual vms?

If you spec that synology nas large enough yes

Hello, i have old QNAP Nas and xpenology nas (synology whatever). I would like to move all files from my old nas to the custom one. How would i do that? FTP Connection and move all or swap HDD and then just copy over?

Does the UBNT USG support a gigabit wan connection or would it be a bottleneck to my fast internet?

@pale sphinx You're kind of stuck using the ethernet connection for those NASes (You can't just remove the drives and copy data from them, NAS has to be the one running the drives)
@unkempt ferry It does do gigabit, but enabling IDS would cripple the speed.

How much would it cripple? Is IDS needed? Do consumer routers have it?

@unkempt ferry IDS is a nice feature but you don’t need it. I’m not sure how much it would cripple but it could be a lot. You might find a consumer router that claims to have it but non truly do, it’s just not a feature that consumers usually need.

Hi i could use some help from someone who knows a fair bit about network diagrams, i'm taking a college course on networking, and my final project involves making a business, then mapping out a physical and logical diagram for the business, my problem is i'm really lost on how to structure it properly, and i'm not 100% sure how to label everything, Hoping someone could explain some of this stuff to me

@wooden hare There are usually a ton of network diagrams on r/homelab (https://www.reddit.com/r/homelab/). Just search for diagram and you can see a lot of them.
That reminds me that I have some diagrams that I have to make myself.

@fresh copper I finished making a diagram of my active directory structure. I really like how it came out. I also did a ip address spreadsheet since it was about time for me to document which ip belongs to which machine

Ipam would of been nice but I like to let edgerouter handle dhcp since my network isnt that big for an ipam

I use static mapped dhcp so devices still get dns server and other info from dhcp but always get the same IP

that sounds like a well made network

nice

@unkempt ferry Sorry, it's IPS I'm thinking of, not IDS. No, you don't need it, but it's a cool feature.
It cripples the USG to 150 Mb/s and USG Pro-4 to 400 Mb/s if i remember correctly.
Only the flagship USG XG can do 1Gb/s with IDS....but that's super overkill for home use.

IDS has no impact on speeds. IPS does for the USG stuff.

@rocky badge @hallow nimbus You said that you have OpenVPN, can you help me with it?

Erm sure but i am not at home atm 😂 😂

Right, well I'm trying to set it up but... not quite sure about it

I used a simple scrip so i just needed to enter the srttings and done

😂

https://github.com/Nyr/openvpn-install/find/master?q=

well the idea is I want to use it with Windows Server AD and auto client deploy

@hallow nimbus hey that's a nice script

Pritunl sets it up for you

😉

https://linusdrop.tips/MpEoPEr.png

@fresh copper the static assignment gave me trouble with a couple of virtual machines due to their mac addresses randomly changing. Also for some reason, domain controllers really dont like dhcp address and causes the entire domain to be randomly unavailable. Might just be my environment, it is a .local for now until I redo :[

@rocky badge neat. I've saved both of them in case I want to redo it

@rocky badge how do you cable manage wires that are different lengths?

uhhhhh

I don't

I got so many different ethernet wires that it's hard to bundle them correctly

Oh xD

Idk why I didnt buy like a cable comb or something

http://www.speedtest.net/my-result/d/4bf5fd0f-62e0-4236-9009-ca311b4620a5

holy crap if you use there built in web app it will store the results

or not built in, but app based

http://www.speedtest.net/result/d/df00d3fc-20d5-494d-b3f2-0781b727dc56.png

wow they have the host data wrong

http://www.speedtest.net/result/d/8dc69464-baa5-4472-a8e4-36e9c5d81427.png

Not even 10Gbps 😦

I assume that's data center server speed?
Pretty good actually 😛

lol like you are ever going to get 10gb on a speed test server that has a 10gb connection

Haha, yah

http://www.speedtest.net/result/d/4bf5fd0f-62e0-4236-9009-ca311b4620a5.png

so funny thing

because of how they setup client isolation, the download leg is not being routed out, but the upload leg is

I haven't figured out how to setup mac routes for local mac traffic on both sides

but I think I am happy with my setup for 10gb routing YEA!!!!

http://www.speedtest.net/result/d/519d1bf6-7832-4c86-9e79-09f609ecd4c3.png

@chrome hound super nice. Wish I had comparable upload speed because it's like impossible to cloud backup when my upload is like 5 mbps up

I could upload my base images to the cloud if I had good uploads

what if I take the whole fiber coil 👀

Then you can make big money

Or I could use it for my project

Or that

@chrome hound it used to be that the speedtest ids were very small and sequential so you could increase/decrease by one and see someone else’s speedtest results

I think that is a new thing

the guid ident

@gritty owl Ok thank you. So for home use, a USG without IPS is safe if I do plan to host a game server and a vpn server?

Yeah, plenty safe for that

Ok cool

How about a website then?

Yeah, that depends more on your server than the router to be honest (and making sure you have DDNS domain name)

Ok thanks!

Yeah, I installed a unifi setup for a client of ours that we did a house expansion for because one home wifi router was too small.
It's been working great to this day with a USG and two AC-Pros.

But they already do 10Gbit copper to all the editors iirc

10gbit copper has some draw backs, even DAC cables have there issues, after switching to MM fiber, I won't ever do coper if I don't have to

Totally agree, fiber allows for much more flexibility but since they already have the copper run I can only see some limited use cases for a compact 10Gbit switch for LMG in particular

true, and to be honest my home use of 10g fiber is really over kill, but I love it 😄

Fiber ftw 😛

I mean I am over kill all the way, there is no real home use case for a NetApp or the 3 dell servers or the Supermicro buuttt 😄

Got a couple UCS C-Series, R620s, and various other things so I'm in a similar boat 😄

haha

@thick minnow That looks awesome! I am going to look into that

So question. I created a VPN with Windows PPTP and for some reason, I can't connect to it. How can i tell if my ISP is blocking ports

That’s a good question that I would be interested in as well. I know most ISPs block SMTP and other mail related ports but I would be interested on others

my isp only blocks smb ports lol

So I went on canyouseeme to see if the port was open and it wasn't. I forwarded it on my router but it doesn't show. Is this because of my ISP?

Just tried it with 3389 for RDP and it works fine. I think it might be something isn't configured correctly for my VPN on 1723. Does anyone have an experience with the built in VPN hosting in Windows? Thanks!

So my router is in DND

@blissful marlin I had pptp on my windows server, not the best setup but still

🤷🏻‍♂️

yeah this was a netgear tho

lol

You managed to make it work ?

pinhole reset

PPTP is a poor choice for a VPN for security reasons and has been deimplemented on an increasing number of devices. What's the use case? @unkempt ferry

@pseudo blade I'm planning to use it as a way to bypass my school's firewalls.

It is unlikely that PPTP is allowed through your school's firewalls regardless.

Honest suggestion: Try SSTP instead.

@pseudo blade What would be a better choice? I want a VPN that doesn't require addition software on the client.

SSTP is natively supported on Windows 7 or later.

Ok how can I host a server for it? Can I use a machine running windows?

You'll need Mikrotik RouterOS or Windows Server on the far end for your VPN server.

So Windows Server supports hosting a SSTP server without addition software?

Yes.

If you're a student, you can likely get a copy of Server 2016 free via Microsoft Imagine.

You'll need a dedicated computer or a hypervisor to put it on.

Ok so I have a Dell R710

Should I virtualize it or just run a copy of windows server directly?

I'd virtualise.

Also whats the difference between the 2 version of Windows Server

I'm currently using VMWare. Should I use windows as a hypervisor?

Datacenter is licensed for unlimited guest VMs if you install it on the bare metal and use Hyper-V from it.

Standard is licensed for 2.

This is just Windows Server guest VMs.

Both support unlimited anything else VMs or BYO license Windows VMs.

Basically pay once for datacenter and run all the Server VMs for free (bar CAL cost, but not relevant to you as a student).

Problem is that using Server 2016 as your hypervisor blows 2GB RAM right off the bat.

If that is a nonissue versus the benefits, go for it.

Well I got 64GB rn so I think it should be fine. My school has Microsoft Imagine so I can get Datacenter for free

Eh, I'd say try Hyper-V then.

So install on baremetal then optionally install RRAS on it or on a Server 2016 guest VM you'll be licensed for an infinite number of.

Ok cool.

I am still waiting for Server 2019 ISOs. I cant believe they are taking this long to get a trial version out that supposedly has 10-day rearm limit

10 days?

Surely not. They are already deep enough in shit as it is.

On reddit I saw something like that in comments

For the old trial link

Might have been prerelease.

Previews are typically set up to die on official release.

@little schooner They have the official ISO on MSDN so it shouldn't be much longer

This link https://www.reddit.com/r/homelab/comments/a1wqsw/windows_server_2019_trial_update/

@clear igloo I sure hope so. I want to redo my domain so badly.

Hmm, I hope Microsoft Imagine gets 2019 server so I can ring up my college buddies to give me free codes again (and use my college account as well)

I'd like a free code for windows 10 edu

Man if only they let us buy copies

Discounted copies

😂

Windows 10 Pro for Workstation. If only that were free.

@little schooner Why do you want a EDU copy?

I've got Windows 10 Enterprise with a tool to activate it.

@unkempt ferry no piracy

@unkempt ferry it's basically enterprise version but available on onthehub for students to buy for $19.99

Some colleges offer it for sale

I license all my stuff so

Legit is way to go

Activation tool = 100% virus. Even MS Toolkit. It's an undetected rootkit made and "leaked" by MS as an internal testing activator. MS has internal accounts, KMS servers, etc.

Yeah so I was hoping to buy a copy from university. They have to renew their imagine sub for the school though

I just never use Windows; problem solved

If I were to never use windows for my day to day things, then it has to be redhat or fedora since I like stability in the OS that lasts a long time.

I'd say 1809 are very stable builds now.

I wouldn't. Debian's also very stable, along with 99% of all Linux OSs.

Debian gave me trouble three times with VMware workstation

Also, even when it was on supported config, kernel changes broke software and vmware again

Now I dont even use it on linux anymore since windows never ever had that problem

You need to update the kernel headers and compile the VM module on each kernel update, which usually is automatic, otherwise you can run a single command to fix it.

Dynamic Kernel Module Support 

No I have a tool that my dad’s college uses

It’s legit

And it’s used to activate all the computers in the school

It’s not piracy

@unreal wedge I wonder why that command was non-existent, even on stack exchange when other people were having a similar problem. They only talked about rebuilding VMNET driver from source code and removing a check from the source file.

Huh so I'll give that command a try should it prop itself up again

@unkempt ferry a tool that does slmgr /kms and /ato?

Or a sketchy tool from internet

It’s a KMS batch file that my dad gave me

But you have to VPN into the university

@unkempt ferry totally fine and legit. No harm there.

@little schooner it's a weird one.

Yep

My storage spaces virtual disk is held up for some reason. Its pinned at 100% and it won't unmount. It doesn't get worse than this and this problem happens way too frequently

Hello everybody

Hi

Hai

Hello

Hai

Hai

ciao

ciao

C-C-C-Combo breaker!
😄

CCCC ircuit breaker

I remember that from Cisco class.

I never had cisco class

10gbps switch?

I need to make some network diagrams

Of my own network and of the EVIX network

I’ll probably write an auto-generating one in python

It was a nice tool to build out subnet mappings and port assignments. I always through it was not necessary until all of my security cameras went down because they had the same IP as the networking gear.

https://pigs.pictures/Pu2ge3n.png

@green gazelle I need to do the port mapping, that's the only thing I'm missing from my diagram

Yes it makes troubleshooting network easier once documented

Is there a sysprep equivalent for Ubuntu?

besides it removing ssh keys?

https://arstechnica.com/civis/viewtopic.php?f=16&t=1110936 - well this thread explains that the only major things needed to change is hostname and IP address. The use of kickstart i guess is a scripted install of a linux installation, possibly where you could input all the install commands so each VM is new

ok so i have a question

anyone here have experience merging 2 separate types of internet lanes together?

in my case it would be 4.5g + vdsl2+

i need to merge them

without dealing with extreme ping in games or speed drops for uploading media and streaming and so on

@plush peak I don’t really recommend doing that in my professional opinion. But in the art of doing things the wrong way, there are two solutions. The naïve way would be to use a basic load balancing router or even install something like OpenWRT on to your existing one and have it do that. This may work in your situation but any given connection will only be able to use one of them at a time. This works best with multiple users rather than just one. The other option is to use a service that helps combine them such that you can use both together even on the same connection. Linus actually covers both in this video from a while back: https://youtu.be/tqbnjgbtDl0

There is also the third option where you get an ASN and IP space and find ISPs that will do bgp sessions with you but that’s complex and expensive so don’t do that.

seemingly for me the best way that wont cause any issues is setup a dual pc setup sooner rather than alter have the stream and uploading pc on the high speed connection and the gaming one on the low latency connection

instead of bonding them

since im seeing too many possible issues due to isps not supporting this in the first place

im in turkey btw

@plush peak do you need to merge them for one pc.. or to combine bandwidth for an office for example?

I used to have two adsl lines and 3g connection that you could 'bond' by just the router allocating the bandwidth for the office but not to form one super fast connection. worked great for my rural office though with about 10pc's connected, as 1 line was not close to being fast enough

and you didnt need any isp support

i mean at the beginning i might need to "bond" them but figured out i can just plug both into pc and set obs to use that high speed connection and find out a way for my google drive sync to use the secondary high speed connection aswell

a friend of mine said i can set priorities so programs default to primary network unless they internally ask to connect through the other ip

this is all for my editing streaming uploading and work

rn its all on one pc

but soon maybe in a month or two i should have a secondary setup which would get rid of alot of issues including the need to deal with any issues that software end connection allocation might bring along

Try just getting a dual WAN router.. then in the router you can set to auto loadbalance the connections, or you can specifically assign wans for certain packets - i.e keep all gaming packets to one line and other stuff on the second line

no isp config needed

the above seems to work better though this way i dont have to spend a ton on load balancing hardware

yea dual wan routers are really cheap these days though

really easy to setup and your pc doesnt need to always be on/awake

will always share your connection how you like

things like torrents can actually use all the connections on one pc to get a mega download speed boost too which is cool for your 'legal' lunux distro's 😂

https://mikrotik.com/product/RB960PGS-PB#fndtn-downloads

If it says it supports Mode B devices, can it also be used to power PoE 802.3af at Mode A?

http://www.speedtest.net/result/7857379696.png
I finally got my speed up from 10s of mbps on my coloed server. This is not too bad for this not actually being a very close testing server (that's what happens when the IP you are using from your friend is a Canadian IP)

Still faster than 99% of Canada but lower than what I am supposed to get

I get about 500mbps from a iperf3 to the colo provider

@little schooner That determines what wires are powered and ground, so no, definitely not.

Unfortunately, you'd need some other box or cable to handle conversion if you need to convert mode B to mode A. Only Mikrotik I'm aware of they added support for both to is the CRS328-24P-4S+RM...

None of you here can believe it, but my workplace offers me 10 gigabit networking,

I can believe it. Not even that expensive.

https://mikrotik.com/product/crs317_1g_16s_rm

Here its just 1000 euros per month for 10gigabit

Not that much

$400 USD for 16 ports.

Oh, you mean your internet.

Not just local network speed.

Yes

To speedtest.com we get 10gigabit

What's the business case?

They pay the monthly fee for me

@pseudo blade yeah so I had to buy a splitter for one of my devices. Do you think this one supports both af modes? TrendNet TPE-104GS

http://www.trendnet.com/products/product-detail?prod=110_TPE-104GS @pseudo blade

It doesn't say anywhere I looked which mode it is (if only one). I'd guess it works, but could not guarantee. I suggest contacting them if you're uncertain.

@little schooner

@pseudo blade hmm okay I'll have to submit a ticket it seems