#networking

You can find the connector type in the datasheet of the router

I am almost sure it is ts9

What are adapters?

Sma to ts9 but I am not sure so double check....

ok

hi

Hey

its quiet here

Yes, I finally got it so that I only get notifications from this channel and no others

anyone use freepbx for their VOIP solution?

I have to use my ISP provided router

It has a built in VOIP server

BC the NBN (National Broadband Network) is trash

Yet it is faster when you install it

Properly

And this piece of crap is what you need to connect to the bloody internet

you got fibre to the premises or to the node @pulsar thorn

@lethal parrot Those Are FTTN VDSL/G.Fast but output to an Ethernet port like an ONT would.

@pulsar thorn NBN FTTC reverse power unit and modem.

Uh... Sorry. @lethal parrot

Basically they bring fiber up to about four households and each one gets one of these to plug into their old copper line fo power the distribution unit.

Yea

Fibre to the curb

It's pretty hacky. So close yet so far...

Lol yea

Ours works tho

NBN Fixed Wireless here.

3mbps peak speeds.

We pay for NBN100 but our line can only handle 45mbps down and 20mpbs up

Everyone in the area I know gets 100mpbs down and a worryingly slow 0.1mbps up

We pay for 50/20. You know this kind of crap wouldn't fly in any other country, right?

Yea

No way

Turnbull just doesn't care anymore

Not his problem

Turnbull?

He's long gone. We've got ScoMo now.

Turnbull was telecommunications minister when the NBN started up

It was gonna be good

But then he went off

I can assure you that Turnbull isn't worthy of praise in this situation.

No lmao

If we all had fttp at 1gbps everyone would be quite glad

But no

I'm basically stuck in a constant state of frustration trying to use the internet at home.

3mbps sucked a decade ago.

We went from your speeds earlier today to our new speeds

On a D-Link Taipan it's amazing

No shortage of routers here, only bandwidth.

I can get gigabit wifi in the same room.

How

Outside lan or internal?

Very good wifi router (4x4), paired to a Note 9.

Ok

Internal only.

WAN is 3mbps from 4PM onwards.

Ok

When the NBN technician came today he was adamant that our config of using wan on a usually dsl modem wouldn't work

But I suprised him

If it has a WAN port it will work, the DSL modem simply isn't used.

Yea

We did that for a while, but the router sucked and we scrapped it (DGND4000)

The D-Link taipan has a way to use ethernet port 4 as a wan port and that's what we do

I have a mix of Mikrotik routers and modified Telstra gateways.

Modified Telstra routers?

Wdym by modded?

Leveraged software vulnerabilities to gain access to the internal OpenWRT, which I can then do whatever with.

Ok

Tempted to hardware mod a few, but I just have no need for routing performance of any kind.

I managed to get a free modem from Telstra that has mobile and phone backup

Lol

Smart Modem 2?

Yea

NBN kit

It's actually decent

We have one. The wifi is absolutely fantastic.

Mobile backup speeds are trash tho

Rest of it kinda sucks ass, but that's a software problem.

The modem in ours is not providing a stable 6mbps and I believe this to be deliberate.

Haven't messed with that one because 4G backup is valuable to us even with deliberate mediocrity.

Lol

Bar the SIM. I was curious about it and removed it. Don't just do that for fun BTW, they'll lock your SIM if it signs on with the wrong IMEI.

Didn't happen to me

I stuck it in a 3g Telstra mobile card on my laptop

Just had no service

3g? Maybe you got lucky and it didn't even associate.

Yea

Sounds like it.

I can feel your upload speed from here

Omg

I have a sneaking suspicion that the speed limits are enforced by the router, rather than the network.

Hmmmm

It'd be the network

This is Telstra we're talking about.

I doubt it.

True

We don't use a Telstra compatible modem tho

Yet it works fine

Our router gives us the fastest speed it can

Oh that doesn't matter.

That just stops you from using VoIP.

I have an older Telstra gateway hooked up to it via ethernet in my bedroom and that has a connection to the VoIP system somehow

If it can fetch the config from upstream it should retain it.

Yea

You just have to have one plugged in somewhere that acted as an edge device at least once.

Yea

I used to use the ptsn port on it for landline

Before nbn

I came up with an idea the other day too

Tg797n v3?

Tg799Vac

Close.

You got the nicer one.

Since the NBN connection device is just an ADSL modem can't we somehow get the settings from it

And use those settings on our own ADSL modem?

NBN modem isn't just an ADSL modem.

NBN only leverages VDSL2.

Tru

But there should be some way to get into it

Also you can get the settings from it, but doing so involves compromising it.

Direct ethernet from a laptop into its ethernet out?

Or get the IP though a traceroute

No, that won't expose much at all.

Oki

Somehow get a new one and compromise the old one

I can't be super specific for Discord reasons, but it involves a bit of research and experimentation.

Ok

If U want I can DM U my email?

We can talk over that or something

Which one are you trying to get into? The tg799Vac?

The NBN connection box

Oh.

That's a lot more involved.

But I also have an old Craptus NBN capable modem I'd like to get into

So basically it has all management interfaces hidden on both sides from your link.

Ok

Plus meddling with NBN co equipment is super dodgy in a way that messing with ISP routers is not.

Yea

Give up on the NTD.

Alrighty

Someones bound to find something

It'll probably end up on Whirlpool

This explains some stuff you might find interesting.

https://www2.nbnco.com.au/content/dam/nbnco2/2018/documents/sell/wba/SFAA-WBA-Product_Technical_Specification-nbnEthernet_Product_Module_20180328.pdf

Really is a shame full FTTH deployment was too costly in aus

Yea

It wasn't too costly. It was a political sham.

Party A's idea, not Party B. Therefore bad.

Well I'm ignore that side of it, the cost was going to be huge. Personally I'd have like my tax to go to it if I were in aus

Seriously. These people couldn't agree on whether kicking puppies is bad.

Even here in nz it started off as a cluster but it turned out fine

eventually

But that's the ufb

Australia refused to learn from NZ's mistakes.

Yea

points to the if I were in Aus part

Lol

😃

I heard you.

Hey man, Aus started NBN first lol

we learnt from yours

And you fixed yours

We just added more complicated shit onto ours to make it even more confusing

No FTTN replacement until 2040...

ouch!

Jesus

2040, damnnnnn

No seriously. That's the country-wide plan.

Thats not gonna go down well

I knew it would come, just not that late

It'll take 10 years or so to do it

BC that's the NBN way

😉

Here for a long time if you were on a shared driveway that was a total death setence to getting UFB

1 person say no and nobody could get it

Thats stupid

Very, took a law/regulation change to fix that

If you don't choose to change to NBN here you just get cut off

18 months or else.

now internet is an essential service like power/water/gas and cannot be denied

Yea

only took 3-4 years to get that legal status changed

Lol

I drop by the Ookla speed test country results each month and die a little more.

proper/useful legislation change is like the Olympics, only happens every 4 years

|| we have worse internet than Kazakhstan prove me wrong ||

https://www.speedtest.net/global-index

Kazakhstan has faster uploads.

55th heh

Yea

We're 70/80-something'th on uploads.

I like how your average mobile down speed is faster

Yes. Much so.

Lmg are lucky when it comes to the important sites like Google and Facebook

3mbps to my house, 40mbps mobile just on my phone.

Ahem 10gbps

Thats trash

I used to rely on mobile data

I want to rig up a pair of yagis for faster speeds.

Thats why my whole family had shared 218gb of mobile data a month

10 Gbps, rookie numbers 😛

Pffft

Work has 100mbps and that's nearly unheard of where I live.

What does the DET get

They block speed tests for us school students

Wildly varies.

The TAFE I went to had a 50mbps fiber link from our building.

That's alright

Not certain what the core speeds were.

Work has 6 10Gbps connections with a couple of other backups ones. The PoPs can actually do 100Gbps on those links but we need to upgrade our routers

My uni has 21gbps.

It all comes from Redfern via VPNs at any DET building or something

Uni's have great internet, I work at one here

SSTP works on DET networks.

Det networks were safe before byod

I know from experience. Just finished Adv. Dip networking, our dept has relaxed security, but access to both networks.

DET?

Nsw department of education

Department of Education and Training

Yea

Schools and stuff

Good, I wasn't brain blanking then

AARNET's where the cool toys are tbh.

So I guess a bit like our N4L or REANNZ network

From my school up in northern Sydney I can get into cctv at a school on the other side of the state

Via the shitty Job of the it staff

Seems so.

Mhm

I went to a catholic primary school as a kid and could access printers in another state.

Catholic schools can do that?

Jesus

Their IT security sucked.

I used to be on a fixed wireless 100Mbps link and got a custom setup. They didn't do the setup correctly and private IPs were allowed out past the edge and I was reconfiguring my network, their private range was the same as mine and I got auto logged in to there Mikrotik router with admin perms

Oof. Default creds on a Mikrotik.

Nice work

100% mistake even on my end

Thats what the DET does too

At least you could fix it yourself...

I know the logins to every phone system at every nsw public and high school

100% their mistake, this is trivial to guard against.

Thanks to googe

Problem was it has all the creds and full names of all connected customers, IPs etc

was super not ok

Mikrotiks are great for the price but nothing's encrypted.

I did check for QoS settings though 😃

Lol

Put yourself first priority

weren't any though

If they were there that'd be great

Welp I better sleep

Gotta install a wifi router at school tmrw

For my own server

I'd probably be checking link contention so I knew where problems originated from.

Goodnight fellas

@strange silo Ever heard of RoMON?

That's where it gets scary with default creds.

Never used it, haven't really used many Mikrotiks

L2 management, but it'll hop as many routers as are present regardless of L3 configurations of said MT routers.

So you can access every Mikrotik.

Well I mean nice. but....

It is actually really nice when used appropriately.

I configure these at work.

• configure each router one by one with secrets="","mysecret" - this will make all routers still send unprotected frames, but they all will be ready to accept frames protected with secret "mysecret".

• configure each router one by one with secrets="mysecret","" - this will make all routers use secret "mysecret", but also still accept unprotected frames (from routers that have not yet been changed)

RIP x2

Yeah...

User traffic should be completely isolated from management networks.

Wonder what the thought process was behind that

Management network, nahhh just fire it everywhere

Their hardware is cheap, but their software is stagnating...

So basically many years ago they ran into a bunch of problems in V6 and promised to fix all of them in V7.

Kinda funny cos I actually just brought two hEXs to replace ERLite-3s

V7 eventually became this magical unicorn of a release that fixes everything... And like unicorns failed to exist.

hEX is good, I have one personally.

ERLite IPsec performance is horrific

Sooo bad

You'll be fine for home use, the big features that are missing aren't relevant to even most SMEs.

I got the hEXs cos they could do VPLS

Things to note is that the hardware accelerated IPsec is good, but the SSTP implementation is single-threaded.

16MB flash sucks too.

But then if I do actually use them I'd have to take out my Fortigate 60D on my end

IDK why they refuse to add more, packages can only be installed to the internal flash.

Only feature I need is virtual wire between my house and my friends place where my other server is

Ah.

ERLite-3 on his end died

Should be able to sit that behind your fortigate. What's handling NAT?

The fortigate or a device in front?

hmm I hadn't actually thought about doing it that way

omfg like duh

thanks lol

fortigate, PPPoE to ONT

Hm. IPsec with NAT-T.

IPsec works fine, I just wanted a better way that has wire speed potential. The hEXs are actually all setup to work as drop in repalcements

As in... to the hEX.

VPLS over GRE does wirespeed, not encrypted but it's lab only traffic

Eh, fair enough if that's fine for your use case.

It's not, I should really encrypt that GRE tunnel lol

but then I drop 50% speed

1Gbps connection fyi

Handle crypto on a local device that's faster.

If necessary.

Really like the idea of the hEX behind the fortigate though

Failing that... CHR or just on pure Linux on x86-64.

Eh, it's a start.

otherwise IPsec between fortigate and hEX

forgo vpls

and just have a spare hEX if one dies

MT say it'll do 470mbps IPsec via hardware crypto.

yea it's really good

just you know, not full connection speed (like I actually need it haha)

Here's an idea. How beefy is their Fortigate?

3Gbps ipsec

Could use both hEX's and route through them equal-cost. Split the IPsec load between them. Two connections to their Fortigate

Sorry, wrong model. 1Gbps 512 byte

Well it's my fortigate, but also my hEXs but eh not important

What say? That should get you close to gigabit if everything lines up.

Likely can't, due to ONTs not allowing that

Two tunnels?

Would have to do funky setup to get both hEXs working at one end

NAT traversal.

For IPsec.

I've got two /29 so 😃

That makes it easier.

Really though I don't NEED 1Gbps

Eh. Do what's necessary, beyond that's up to you.

Hmm rechecking the sped sheet

IPsec VPN Throughput (512 byte) 1 1 Gbps
Gateway-to-Gateway IPsec VPN Tunnels 200

looks like S2S is actually only 200Mbps

wonder why

That's the Fortigate.

yep

How many CPU cores?

Likely a threading issue.

all special hardware offload engines

Powered by SPU SoC2

Combines a RISC-based CPU with
Fortinet’s proprietary SPU content and
network processors for unmatched
performance

blah blah

That's pretty normal TBH. Solution is more tunnels and aggregating them.

hardware wise they do rock compared to the competitors at same price point though

Or a modern x86-64 machine with AES-NI

Brute force your way to success...

Hmm I'm expecting that 200Mbps to be a global max though

If it's gigabit IPsec, 200mbps per connection, aggregating them should resolve the issue.

Likely not designed to be used that way, but oh well.

Client to Gateway IPsec is 500 Mbps

Oh, is this a license thing?

the different speed specs seems totally random heh

nope

Good.

Problem with the Fortigate IPsec is a never got L2 tunnel working between it and the ERLite, could only do a L3 setup

Cross-vendor stuff can be strange at times.

hEXs did that super easily

cos later on, if I get round to it, I'll be replicating all my storage across the link and want to do stretched VLANs to do simple failovers

Stretch all the VLANs!

shhh

😃

Do all the VxLAN >D

dream would be some vxlan capable hardware

lol JINX!

😄

Mikrotiks will create L2 tunnels over L3 ones.

I've had to do that before.

Yep, that's the VPLS setup I've got

In the most super hack way but lets just ignore that

I loath placing important network stuff on to my servers though, otherwise I would use open vSwitch and VXLAN

huh VMware NSX has been added to VMUG EVALExperience

could just use that

@clear igloo You ever used NSX?

I have not, I've used NSO 😄

Never really dealt with too much VMware orchestration tools as I don't really have any engagements that take me down that path

oof my school uses vCenter 6.5

Yikes

Mine uses vcenter 6.0

No sign of html5 at ALL

The plug in requirement is so nasty that it should be illegal

And the plug in doesn't even install correctly

upgrade to 6.5 or 6.7 then, html console on those is much faster than the flash version that's just a right pain now with all the default blocking of it

also you dont actually need the plugin, I don't use it. Just DOMAIN\ + password

not needed anymore though

I use 6.7

I like it

https://gfycat.com/IndolentCornyDuckbillcat

@strange silo problem is, software vendor says they do not support anything newer than vcenter 6.0 because their software uses apis specific to that version or something

We do have license to upgrade but then we risk no longer receiving their support that we pay yearly for

that's what they described to us

Anyone any good at cross-compiling C++ for Windows x86 on macOS?

@little schooner What kind of software, like most stuff doesn't care what version of ESXi and vCenter you have apart from the VM hardware version itself which you can set/leave alone. Other than that only other things would be actual vCenter plugins or automation tools

Does any 1 know why my wifi is so slow?

Yes

Could be Layer 0 😄

No power will make your wifi very slow 😛

Layer 0: someone set the permittivity and permissivity of empty space to 0 making all radio transmissions impossible. And also electricity and a huge number of other things that basically break the entire universe

Can I get an appraisal on this pair of servers? I don’t know much about HP servers or those processors.

HP DL380P Gen8 (qty 2)
Intel E5-2620 CPU (2 Processors)
128GB RAM
Redundant power supplies
Each server will take 8 drives

Storage drives (non-configured to any chassis)
12x 300GB 15K SAS
6x 900GB 10K SAS

Maybe $300 to $500 but the RAM could up that price a bit

Any idea what power consumption might be on them

I would say maybe 200 to 300 watts under heavy load as a guess

That’s about what I want on power consumption so that’s good. I’m just waiting to here back how much my friend wants (got them from a client that upgraded).

Thanks for the help everyone

That’s perfect. Mine won’t be very busy though it will be good to have the power to actually support more than one VM.

Main thing is that it is much more powerful than my Xserve without taking too much more power. I will also have two so besides the one I put in my colo to replace my Xserve, I can finally have a homelab

It’s -12 outside now (which is rare)

But yea

I heard back from my friend and he will give me both servers for $1500.

https://blob.linusdrop.tips/t1E6SScRgWUg.png

Looks like windows

Yea but 128GB ram and all those SAS disks

Its only 300 @ancient vigil

😂

why the fuck isn't this automatically ticked https://blob.linusdrop.tips/jGtFZjjIMai0.png

Yeah, but they're low-clock processors from 2012 and the RAM won't work with any CPU worth spending the additional money to upgrade to. @fresh copper

I'd be asking myself if having that amount of RAM for your homelab would really matter based on the load you're expecting, and whether a cheaper, more specialised configuration would work just as well.

@fresh copper We have a lot of DL380P Gen8s, great servers. Those 15K RPM disks are really only worth the caddys to put your own disks in to them i.e. SSDs, they fail a lot.

Also for $1500, hell no

Even with getting two of them?

Because it’s that much for both, not each

@strange silo

They should be asking $300 to $500 USD

each

The $1500 is CAD

Like you can get one for $325 with 2x E5-2690

So it’s about $1150 in USD

Well that is better, more comes down to do you want to spend that much then

@strange silo 325$ for 2x E5-2690?
Where and would it be worth to swap my 2x E5-2665 for those? They perform well but older games struggle with single core performance

het dudes, i got many mtrj fiber cables, do you know anything to do with those or should i just give them away ?

@sturdy mirage
https://www.reddit.com/r/homelabsales/

noice 😃

@zenith ridge Nah you'll want E5-2667v2 or E5-2687Wv2, anything else for your workload wouldn't be worth the money nor gain you anything

Also that was for full server without ram not just the CPUs

Thats a good deal then, What if I buy a full system, for that price, swap those cpu's with mine, and sell a fully working system again? or use it as a test machines

Also for v2 cpu's, my motherboard supports those, with a bios update, so no clue how easy that will be

What's the best option for bootdrive of a server? USB, SSD of HDD? Of course the config fille will have a backup.

I have an unraid server (Don't think they allow anything else then USB) for over 2 years now. It's fine depening on what OS you are running I suppose.

I'll be running freenas

Freenas, I think they even have an option at installation to use 2 USB sticks for backup

Oh nice. That's also an option

https://blog.briancmoses.com/2016/04/mirroring-the-freenas-usb-boot-device.html

Thanks!

does anyone know how i can lower my ping in games

What is ur ping atm?

What you can do is move closer to the game server

Or buy faster internet(Fiber in this case)

who does even change house just to play with lower ping

also my ping increased with the fiber connection lol

I decided to get those servers I was talking about. Sadly they are in the 4x1G rather than the 2x10G config but they do have an extra 4 port nic each for a total of 8 ports each

@fresh copper Those NIC cards are removable FYI, look up the part number for the 10G and then get some on ebay and do the swap

Oh good. I needed 10G in one of them

The one I am keeping at home, not so much

You can of course use a PCIe NIC but the internal NIC card is nicer

I take out the 10G when we decommission our servers, RIP anyone that buys them used lol

Yea. I think the 10G internal one is 10GBase-T so I will have to get one of those things that lets me plug that into SFP+

Nope SFP+, we are talking about DL380 Gen8 correct?

Yea. It was very unclear on the spec sheet but that’s good. The plan was to use DAC cables to my 10G switch that I need to buy

Oh interesting it has both Base-T and SFP+ FlexLOM option

HP FlexFabric 10Gb 2-port 526FLR-SFP+ FIO Adapter 684219-B21
HP Ethernet 10Gb 2-port 530FLR-SFP+ FIO Adapter 684210-B21
HP FlexFabric 10Gb 2-port 534FLR-SFP+ FIO Adapter 700752-B21
HP FlexFabric 10Gb 2-port 554FLR-SFP+ FIO Adapter 684213-B21
HP FlexFabric 10Gb 2-port 556FLR-SFP+ FIO Adapter 732456-B21
HP Ethernet 10Gb 2-port 560FLR-SFP+ FIO Adapter 684218-B21
HP Ethernet 10Gb 2-port 570FLR-SFP+ FIO Adapter 717492-B21
HP Ethernet 10Gb 2-port 571FLR-SFP+ FIO Adapter 728993-B21

are the SFP+ P/N

That’s interesting, I’ll be going for SFP+
I was looking at the Mikrotik CRS305 switch (4 SFP+, 1 1000Base-T) but the local distributor is out of stock on those until March so I may get a CRS309 which has 8 SFP+ ports and is rackmount though it is more expensive. I don’t know what I’ll do with half those ports. Maybe ask my rackmate to give me a port on his 10G switch rather than on his 1G.

Is there are difference between those part numbers?

Different OEM NIC so different feature support and slight performance differences

like some will be Connectx-2 and some will be Connectx-3 and then different sub models of those etc

HP Ethernet 10Gb 2-port 571FLR-SFP+ Adapter (Solarflare SFN5862F)

That makes sense

How does i get better speeds without buying a better dataplan?
When speedtesting the router downstairs i have around 25MB/s (tested on phone) but my pc only 6MB/s. (Tested on PC)
My pc is upstairs and connected to the router with a walladapter thing.

Goshdarnit

How do you call the thing that can measure how much watt a device pulls from the wall?

Kill-A-Watt?

It gave me some results so yes, that was it! 😄

Any sort of requirements on the collapsed core or are you just asking if it's good/bad/etc?

👀

I mean it's cost savings and simplicity over a 3 tier model and allows for greater host mobility

I just ordered an edge router X. It comes Tuesday! im so excited

Awesome! The ERX is really cool. I've had a few issues where it decides to have random downtime, I have a feeling it's due to cooling so I would make sure it has ventilation. Remember to turn on hardware offloading

It's been forever since I did subnetting and netmasks,
If my home network was 192.168.114.1 → 192.168.114.254 that be 192.168.114.0/24 if I remember right.
But what I am trying to figure out how to represent my actual network.
Which for some reason by default in the router is 192.168.114.100 → 192.168.114.249

While your subnet may be a /24, your DHCP server in the router is only using 100 - 249. There's a place to adjust that. If it has a "max users" option somewhere, or a DHCP section, look to set it, or change the max users to around 250, which would force it to open the full pool.

I could change it. But I figured I would ask about the default instead of expanding it.

oh, I found a range to CIDR tool.
It says to use
192.168.114.100/30, 192.168.114.104/29, 192.168.114.112/28, 192.168.114.128/26, 192.168.114.192/27, 192.168.114.224/28, 192.168.114.240/29, 192.168.114.248/31

What's going on with your router is what Dooley said. The actual subnet is a /24 but the DHCP server is not handing out all of the addresses in case you wanted to have some statically assigned

@unkempt crest it’s a great peace of tech, though I personally like the UniFi gear a little more

Australia's fibre internet is shit

We had a hail storm

And our fibre internet cut out

And it's all underground

Like how???

Permafrost

👀

It hailed for like 10s

And then BAM

Only in ausieland

Mhm

Only in the country where the Titanic II owner lives

😂

@ancient vigil Can I pick another option. Can't say, not enough information aka cop out 😃

@ancient vigil Ok so that's very similar to the way we do it, or seems like it. We don't stack our TOR switches though, or distribution. The only place where we have stacks in campus network on edge cabs, everything back from that is not stacked. We do that for resiliency and maintenance reasons. Stacking is great but when it goes wrong, which is does more than it should, you end up wishing you didn't stack because you would have been saved if it wasn't.

Oh, misread that then 🙂

Sounds exactly what we have then, bar the Aux.

Oh and we're full BGP, but that's more a side thing to what you're asking

HPE FF 7904 + HPE 5900 if you're interested, all EOL this year and getting replaced

@strange silo Replaced with some Nexus 9316-DD and 9336 or 9364 perhaps? 😛

@clear igloo Huawei

Forbidden! lol

Well that's the vendor chosen for the network replacement and the only thing left is the DC networking

They are great at "HPE can do this" or "Cisco can do this" then custom software release soon after with that feature lol

lol

Our network arch seems to like their products, though none of us would have picked them given the actual choice

That sounds about right, got that one person who really loves company X and that's the way the network goes

Sticking with HPE was our choice, RFPs heavily weighted on purchase cost sucks sooooooo much

Nope, his pick was also HPE

100% procurement/finance pick

Wow

bastards

Our network arch is (was) on the HPE product design board, every year he goes to that meeting and some of his input made it in to products

he's not on that anymore....

That's pretty cool still

Query real fast. If you were planning to install whole house ethernet, would you rather have one jack in the room or more than one? I was thinking along the line of 2 jacks in each room.

Multiple, always

More than one, running two is the same as running one

I've been lucky to hang out with a few of the higher ups on the data center side of things who do the product design and implementation stuff. Got a book written by one of them 😃

I was contemplating running 2 to a room and then run 2 extra to each room for expansion, but that would possible be too much,

I think 4 per room could be overkill

4 to some rooms, like a family room, makes sense

You don't have to patch them but having them there is thousand times better if you later need them and they aren't there

I agree like running 4 to the family room, but I was thinking my room doesn’t need four lol. Hell at one point I thought about SFP+ install in my room

I ran the cabling and patched my parents place when they built it, sucky job but never be in the position that you'll regret not having run more than one cable at the time where it's no harder to

Leadeater, I just worry for how the how design is here. Since the floors are tile (no crawl space or basement) and having to deal with Stucko

Every wall outlet is a dual, most rooms got a single dual but main living rooms got a dual on every wall

Oh so existing house, sucks to be you 😃

Yeah,

I’m literally tempted on just having a electrician run wires for me.

In those instances I heavily lean on wireless as much as I can

And put in a nicer system like Ubnt or better

One of my plans was going to be installing Unifi In Wall APs

Spent a day putting up 3 APs in an old cottage/house, double height ceiling. Annoying and hard job, fully extended ladders so aren't as stable feeling as I'd like lol

I know that pain, I have a 15ft Ceiling with a Nest Protect Lol

My friend was like, half day job. Nooooope

The way my house was designed to be honest is annoying as hell. Literally one part of my rooms ceiling is 8ft. The other half is 10ft

In any case for any drops where it's just as easy to do 2 cables as 1 I'd do 2

Doing another one, in a different location not so much

These are the APs I’m lookin at, https://inwall-hd.ui.com

Not actually seen or used those, I like the idea but I'd like to see it in action

Which was why I got the urge to do whole house ethernet, plus it would look good (I think) as a selling point down the line to be wired for ethernet.

I like the idea as well, which is why I was considering them, because the router I have now, it’s starting to show it’s age.

Got a price for them?

$179

I remember they had a pack set if I recall

I found the proper pack, but I guess they changed the sku

Edit: it was because the original ones I was looking at have 2 ports not 4

https://store.ui.com/products/inwall-ap

Not too much more than a UAP AC Pro

Yea there is an older model that is cheaper

I would happily pay for the older model for the 5 for the rooms

Tbh,

It's like half the price

Especially if most of the rooms will only need 2 ports

On the really low end there is this one

https://www.gowifi.co.nz/indoora/uap-iw-5.html

Main thing I liked about that model was that it's a normal wall outlet style

But it's got sucky wireless speeds

Yeah

@clear igloo He was more on the external customer design team, meeting with the actual HPE design and development team but it was a proper engagement thing where you could present your ideas or needs and they would look at them and decide if they would go in to further consideration

I’m still trying to figure exactly what I wanna do, especially since I’m considering a Plex addition,

Plus it was a free trip over seas, free food and accommodation so yea, wooooo!!

@strange silo Ah, that makes sense, sounds fun too 😃

Should have seen Huawei's reaction though when they found out we were buying all the network modules from fs.com and not from them at their stupid inflated price

XD

Their switches are insanely cheap, nothing else though

Kinda like printers lol

Yah, that's how they get you 😛

It's like:
400G switch?
$100
400G optic?
$50k

or buy two switches, get 1 optic free XD

I’ll take the Bogo lol

@strange silo I guess you can say, I should start the network upgrades soon lol

Which one of these is my fiber connection? VDSL?

I'd say Eth.

The fiber goes to an SFP module before entering the modem, not tru a media converter

still eth?

Wouldn't be DSL in my book.

you are probably right, ill try that

Notice most of those are only labels. Pay attention to this part https://dooleylabs.com/stjct-.png

Asynchronous Transfer Mode
Packet Transfer Mode

I'm assuming ETH would be the one that's active.

i could try to shut all of them down except for the ethernet one and see if i still have internet

Is NETGEAR the cheapest candidate for a 4 port requirement 10g switch?

That also has all the ports as ethernet

i have google fiber witht he fiber box and multiple gaming pcs. kinda like permeant lan

how do i improve from the google box

like is ubiquiti a soild option idk

i feel like currently when i stream games and someone is on the wifi it lags the wifi

Kinda spammy there bud

sorry

where should i put this

I meant all of that could fit in a single message.

lmao kk

If you’re ok with SFP+ then there is the awesome mikrotik one

Dooley, you should show him a screenshot of what it looks like. I makes way more sense when you see it

Double check me on my network idea. I plan to use an edge router X for all of the routing in my house. Then since I have alot of IOT devices and just regular devices in my house I plan to run my Night
Hawk X9 in AP mode for all 5G devices and then anther Cheapo netgear router also in ap mode to run all of the IoT.

Night Hawk X6*

That sounds like a plan. You might be able to get the Night Hawk to send out a separate SSID for your IoT stuff if you want to go that route but it’s probably better to keep it on another router so you can use a separate band

Thats Kinda the setup I have currently until I get the ERX I have the X6 Running 2 5G SSIDs for regular devices and then the 2.4 band is dedicated to IoT. The Reason I want to split onto two Separate AP's is because the X6 is currently running 25 Devices and a moderate load and It has issues.

I made my old laptop into a server

then windows made me reset the pc

then i had to reinstall it

the laptop does not work

😂

😂

Hi, I'm thinking about a steam cache server. Do I need a top of the line pc

Not at all

So I could use my old AMD APU with some random RAM

As long your nic is 1G and not 10/100

Alright, thanks!

anyone on good with networking?

A lot of us are including myself. What is your question?

well i seen a newbie that needed some help didnt want to leave them hanging for 24hrs

Okay, and the question is?

I have a secondary router (dd-wrt) which i want to connect with my primary router using a wireless bridge
the primary router is the dhcp server but that means I can no longer access the secondary router
My question was if there was any bypass

but they are still in newbie chat

So they want to access the 2nd router?

idk thats all i got

Yeah, the easy way to go about it is to unplug the second router, plug a PC to it, set it up, then plug it back to the primary router.
2nd router is going to forward the router setup page to the primary one since it's the gateway (At least if person disabled the DHCP on 2nd router)

2nd router is going to forward the router setup page to the primary one since it's the gateway Uhh, no?

No. That won't happen at all.

I'm not sure if DHCP is disabled on the 2nd one or not. I can't tell if person is trying to use it as a wireless access point or not.

You'd statically assign it an IP on your main network for management, disable DHCP then run a cable from a LAN port on the first router to a LAN port on the second one, ignoring the slave's WAN port entirely (connect nothing)

If you don't assign it an IP for management it will be inaccessible. If it conflicts with the IP for the first router you'll encounter all kinds of weird network unpleasantness.

Yo boyos. Anyone have experience with SolarWinds Network Performance Monitor, Splunk, or Acronis Backup?

Looking to implement them for a network refresh to make the network as intelligent and autonomous as possible with a lot of useful visual data generated from the analytics features.

NPM is pretty nice but compared to something like PRTG I'm not sure if the price is worth it

Been a while since I messed with Splunk directly but it's very powerful

I mean it's DoD money so I'm not worried about the cost.

We're getting a lot funneled into our shop since it's kinda important and the network is basically on its last legs using hardware from like 08.

I'm basically trying to develop an infrastructure that could be put forth as a model for other shops to use.

But the feature set of NPM is pretty compelling.

Depending on the hardware, if it offers SSX and other streaming stats then I would look at something that can take advantage of those features

Here's a fun one for you guys... I'm trying to find an outdoor case that will fit this and a USB device.
Needs about 4CM clearance if I'm using a USB extension cable but if possible 8CM to fit the whole thing sans cable would be preferable.
Dimensions are 105*150mm. Only using one of the ethernet ports, but I do need to get two cables out for a pair of Yagis.
https://i.mt.lv/cdn/rb_files/M33G-171219112521.pdf

I'm based in Australia if it helps.

(Ping me if you respond, I am in a lot of servers and asked in several of them.)

pls help. I am the only one on the internet and I have a ping of around 1000. This is the first time that this has happened, and I keep getting kicked from rainbow six. Normally I have a ping of around 18. The longer that I play Rainbow Six, the higher that my ping gets. I contacted my isp, and they said that my ping to places like google has nothing to do with them, as my ping to comporium, which is our isp, was only 18 ms.

My ping to any disc vc is over 700

Your ping to Google has everything to do with them. Call the retentions department and say you'd like to cancel because their service is shit and they don't care enough to fix it.

If you get a ping of 18 to them but over 100 (or really like 50) to google, then something is very wrong and it is their fault and they can control it, especially to large services like google. I would be interested to see a traceroute to google to see where the slowdown happens.

It's definitely a routing issue on their end because Google's fine.

If your ping to them is good it likely means they are cheaping out on peering.

And they are trying to screw you over by pretending that a ping between you and them means anything if you can go no further without garbage performance.

Guys i just had an idea for satalite internet

Satellite internet does exist. In the US, Dish and Century Link and the main satellite internet providers.

I've always wondered if moonbounce based internet could ever work. I'm sure it would require a custom solution but you might be able to squeeze a few kbps out of it

@mossy holly Elon's already working on modernizing it. Seems very interested in Aussie.

moonbounce Latency. Also the moon isn't always where you'd want it to be.

So let's build a death star exactly across from the moon.

I meant like a satalite internet service specifically for gamers

@unreal wedge

a few kbps there are many issues with a moonbounce based system.

I think the main issue with satellite internet for gamers would be the latency. Maybe if the game server was hosted on the satellite somehow.

@mossy holly that's a dumpster fire.

Congrats on the edgerouter X

Small router is small.

This seem fine for a home ipxe setup to be virtually virus/Ransomware proof?..

@stoic tendon
@rocky badge

Ha ha, no.

@unreal wedge
Explanation?

Any idiot can download ransomeware, so the router needs to serve as a firewall, each PC need decent AV, like Malwarebytes, and I'm not sure why there's a firewall at left if there's already supposed to be one in place on each device.

Well the idea is, server can't see internet.
Computers can see server only through ipxe.
Computers can see internet.

If theirs an issue, or one of the firewalls pick up a port not authorized, it sends a reset to the pc causing it, booting over network again, "fixing" the issue.

Sounds clever until broadcasts happen...

But seriously, no.

So VLAN the server?

What's your router of choice?

Let's start there.

Idea was get the topology right, then find more specific things to achieve it.

What do you have now?

And what's your budget?

Two firewalls servers, an ipxe server I set up for an internet café until they decided to upgrade.

Budget is...$800

What internet speeds do you get?

Internet speeds at home are 50mbps down, 40mbps up.

"aus internet"

What are these servers?

50/40 in Australia? That's kinda weird.

Why do you need a physical firewall server when you can do this on the machine itself? https://blog.cloudflare.com/how-to-drop-10-million-packets/

I'd just get an ISR-style router and do everything on that.

50mbps is super easy even with filtering.

I have a Mikrotik hEX that sounds like it'd be perfect, but maybe you can reuse some parts you already have.

Two ipcop servers.
I'd rather have them not managed on the pc's.

@covert ibex Security in depth - do it on the PCs and the router/firewalls.

Also can we have some specs for any of your stuff?

Firewalls are irrc, HP ProLiant DL380 G5

Old and power-wasting.

How many users?

And ipxe server is just a pc I scrubbed together for the soul purpose of using ipxe on it.

@pseudo blade
Ranges from just me, to 40+ people lans I host.

Easier to get everybody booting off ipxe and playing the same games that way.

@unreal wedge
Saving that page..

@unreal wedge I might've found a bug; the background is transparent and I have discord in darkmode xd

Sorry, got pulled away.

So all 40-odd people need iPXE?

That all works fine. :P

If not I'd just VLAN all of them off and drop traffic to your personal subnet.

In your place I'd be looking to ditch the proliants for cheaper, smaller systems for energy bill-related reasons.

I had an ML350 G5 and an ML370 G5.

Power draw isn't an issue.
Really lucky with work to have it paid through their account.

Fair fair. Just plan for a lot of heat.

My spair bedroom or "server" room has its own Aircon. :P

Theirs a bed too if people like the sound of fans spinning...

How many NICs in them?

PC's, firewalls or ipxe server?

Any and all. Figure out what you can ditch.

Less hardware = better security.

Smaller attack surface, less complexity.

Ipxe has 2, firewalls have two each, and pc's have one each.

Do you have at least one switch with VLAN trunking support?

No, but I have a few routers with DMZ.

🤔

@lavish warren

What are you trying to achieve my friend?

Read up a bit..

So you want your Computers segregated from your server network and only specific traffic to pin hole through to servers? The diagram you posted above is that the physical topology?

Id go a low end Fortigate with av licensing. Segregate your DMZ and Trusted zone by VLANs. By a cheap $200 switch that can do VLANs.

That way you only have a small device / switch running (not an entire server)

What speed do you need to route between your server / computer network?

That pic right there is just for DMZ reference.
But yeah, ideally, only the local network can see the ipxe server.
Speeds only need to be gigabit. Nothing crazy.
Theirs another file server but that's not an issue, and isn't effected by any of this.

Right right, Is it like some sort of guest network? are there any BYOD on the PC network?

Typically it's personal.
But occasionally it's 40+ byod.

How do the 40 PCs connect?

All wifi?

Some switches.

Got any model numbers?

They're left overs from when I use to work at a school. Pretty basic, no internal config.

Hm.

Just useful 48port gigabit switches.

Those routers with DMZ support you mentioned, those consumer routers? Cos if they are the DMZ feature on those isn't actually DMZ, not properly anyway

@covert ibex that setup can be useful for virus attacks, but as dooley said, people can download ransomware. Idk y u pinged me tho, I'm one on the worst ppl for tech here lol

@stoic tendon Good enough to get asked though 😃

Eh

The idea was, because they're network booted OS's, if it gets hit from Ransomware, just reboot and it's fixed

If you would say what ive said at tech support you would be terrified @strange silo

Sythe, sry but i dont know what to say this far, imma lurk the chat so at least i can learn sth

Okie.

Incoming paragraph.

Controversial opinion but..... only idiots actually get ransomeware, like one of the best if not most effective protection methods is to know what you're doing and be safe. Honestly works extremely well.

People in my country, use deepfreeze on cafès, so every restart would clean the pc, but they dont know how easy it can be exploited

Depends on circumstance I guess

I never actually like deepfreeze, sounded better than it actually was

Yeah

Safe mode exists

You can kill it from task manager on safe mode

network shares and other non protected network resources exist too

like deepfreeze doesn't help at all with those

Yea, couldnt you just send an autorun, or a bat in a network share?

backups / folder permissions

well I also mean if you do get ransomed and a network share gets encrypted rebooting the deepfreeze computer doesn't undo the damage

backups

Computers in cafes in here are crap, so you cannit even use backups

well of course but that's why deepfreeze is not as good as advertised

or pay the decryption fee

lol

lol

l0l

I've seen in two instances large companies paid the decrypt fee

I've seen one pay it too.

1 K or whatever the bit coin price was was like a small price to pay for the loss in work etc so they did it

I love how internet cafes in here have such an unprotected network

everything we have gets hourly snapshots so the worst that can happen is an hour of lost changes

Replica's 🤔

I never knew there was a networking channel, might as well be a little active here, cuz um bad at networking

that doesn't help, you just replicated the dun fcked

hahaha

You said you take snapshots every hour which is generally known as replica's.

but yea, if you have something that supports snapshots you have replication most likely as well

well if you mount the snap I'd call it that

Lead, wanted in #public-chat

But, where do you save those snaps? I guess they are decent when it comes to the file size

If it's for mod reasons I don't actually do that fyi

Oh..

Well, the more you know.

Who's doing what? I can like band-aid if I have to

Whos doing what

Wolverine was trolling asking for handouts, and Spidey posted a bad pic.
But, peeps are complaining about mods now so... Ehh

@covert ibex fromhow i undestand your network(not rly sure about what im saying now), but there are viruses which can operate witgout interenet, suh as memz(as far as im concerned) si no actual packet will be sent to any port so the pc wouldnt restart. Im saying again that this is my opinion, and my opinions arent the best to rely on.

I'm not trying to say this is 100% foolproof.
I'm just trying to make it as safe as reasonably possible with a little leway for user error.

Oh

Anyway, i tried

Think of it like trying to build a network that's relatively safe from people who "think" they know about computers, until something goes wrong.

If you don't have a vlan capable switch you can just use two dedicated lan nics in the firewall and create rules for traffic flow between the subnets

O

then switches off each port is tied to that subnet and firewall zone

In my place you can leave your home network open, and nothing would happen, because in here ppl that know a little about computers are pretty rare

😂

those people are the worst lol

Which ppl?

people who know little about computers..... but just enough to break them/full them with viruses and crap

Eh

Im a nice person so i dont rly virus attack anyone

Even tho they are completely unprotected

years ago back when IE and toolbar extensions were the big thing someone asked me to fix their laptop, it had 8! toolbars

Waht

Oh yeah

half the damn window was toolbars

Ive seen stuff like that on my cousins pc

He had like 6 extensions

Useless

Ones

My boss routinely disables windows services because he thinks somebody is monitoring his pc..

Some stupid furst webpage and non pg notifications came up every minute

well it's not 'untrue'

On his pc

It's not connected to the internet..

DHCP snooping, arp inspection, UTM

Wait what

How the hell can ypu lonitor when not connected to internet

He took a hammer to the router last year.. still thinks it's working..

Wait what

40lb hammer..

Im mindblown by the dumbness sometimes, not to offense, but thats the truth

Trust me.. all I can do is agree with him, fix it, and get ready to fix it the next week.

https://tenor.com/view/hopeless-disappointed-ryan-reynolds-facepalm-embarrassed-gif-5436796

18kg*

You got me when ypu said get ready to fix it next week

Does he, hammer his router every week?

😂

time for decoy router?

l0l

No, deletes windows files, disables services.. random crap. Take your pick.

deletes system32

Company hasn't had an internet connection since he hammered the router.

Woah

I just hotspot to do emails.

the world is also flat too right?

My "IT" teacher has remote connections enabled

I don't ask... Best not to delve down his rabbit hole.

My school IT teacher AT SCHOOL IN CLASS on a projector got credit card scammed while we all watched it happen.

Ahahahah

that takes skill

If i see one of those scammy site replicas, ill try my best to make a python bot to send random stuff

That was year 9 IT.
Soon after, I was working there.
4 years with an ex Microsoft dev.
Most I've ever learned.

Well im not in the age to have a job

Soo all ive learned is by myself

And I have my own goals

Win lotto and never have to work?

That's mine

Isn't that everybody's goal?

Lol

Actually, I'd still work.
Not as many days, and not as hard. But I'd still work.

Well i dont care about jobs, i just want to expand my knowledge on tech

Dream of working at LMG.

Impossible

Lesson 1, you can't know everything

I live in EU

I said dream damn it..

I kniw i cannot know everything

I said expand

Lesson 2. Don't stop trying.

And not know anything

doesn't stop me from trying 😃

I never stop trying

I'm trying to practife python currently

Also if you're interested in IT then LMG isn't actually the place to go work

Well, ideally you'd be there learning about configuring servers, and switches and stuff...

That would be the won lotto job and just need to kill time path

lol, please do not make your server room like linus'

And because they change tech fairly often, you'd see new equipment fairly often.

Nonsense. Learn IT with LMG. IT involves axle grinders, dremels and glue.

lol

l0l

you forgot excessive rgb

Naturally.

You forgot dropping stuff.

and DIY pfsense servers with broken cpu sockets

Hard.

RGB ethernet cables when?

And broken CPU's.

I'm just waiting for when that Eaton UPS breaks down. lol

Make the cables drop packets randomly.

lol

"We water cooled our UPS"

Just use iptables to drop your packets.

No no no no no

Mineral oil UPS?

@pseudo blade
Add those magnet clips on the ethernet cables. Just.. use stronger magnets.

lol

@strange silo
Mineral oil server rack.

Mineral oil UPS - Imagine replacing the batteries.

haha

Just change the oil filter.

Oh. Durr.
RGB server rack.

sythe, thats probs expected

mineral oil server rack?

oef

Would be a brave sole to put your hands in to 5 year old stagnant mineral oil with a 500V battery string

this isn't conductive right?

Just give Linus thermochromic tattoos and make him RGB.

i guess

I'd do it.

For giggles. And YT views.

what if linus is lurking?

@strange silo I guess you'd find out when something shorts explosively.

Or lethally.

You might not the the business next door will when the wall blows down

Give linus wireless RGB implants. Only the true hardcore wear their RGB sync patterns..

Just gives you that wake up call you needed

You work in a DC @strange silo ?

@toxic quartz yea

Which one?

Can I come work for you, with my current pay?..

@stoic tendon He wouldn't get offended to much, he knows what he does is jank

l0l

whats a DC

datacenter

oh

@toxic quartz Can't say but it's one of the big Uni's in NZ

Oh, not even that far.

Ok, nice 😃

i work in DC to

i am aming for learning python, and then ill freelance to get a better pc,im bored of this core 2 duo

I need to find somewhere better to work than where I do now.

@stoic tendon windows or linux?

windows, cant swith to linux, because of school projects

I'm still job hunting. haha.

@stoic tendon What software?

whats software for what

School projects?

for school porjects i use ms office

Pure python is a bit sluggish, compared to other languages, but it gets the job done.

Use Google Apps.

im not aiming for pure python @long totem, modules exist

Never looked back since I ditched Office because I lost a document one too many times.

Wordperfect 1995

Could learn python for networking if you like it

python for networking no no no no no

Frontend? Sure.

If you use modules that are written in python they're slower compared to modules that use other languages, like scipy.

@strange silo what kind of work you do in DC?

Actual networking? Noooooo.

What about firewalling?

@pseudo blade , google apps cannot do the job ms office does, the look of a projects is rly important, and google apps cant give that stylish look

You'd want to use a better language for actual networking for sure

Nothing can replace word art in MS Office. muhaha

stylish It works.

with python? i would do a few discord bots, or maybe a simple website

with htm and css in it

Discord bots suck in Python.

@toxic quartz Systems engineer, lots of different stuff but mainly storage/backups/virtualization/hardware monitoring and installation/security and patching etc etc

Take it from someone who built one.

the rewrite has now full use for the api

But it's too locking.

you know serverius? @strange silo

The GIL is painful.

well, i learnt python cuz its good to start, idk what to do with it now

Know of, like name only and what they do

ill practice python a bit, and i guess ill just freelance

Golang looks nice so far.

whats golang?

I am support engineer, most of my work is maintaning server, little Sales little network

I need to check out Golang

https://golang.org/

Programming language.

but, for what can it be used?

It makes concurrency easier.

RoR isn't bad...

Faster than Python, really easy to compile for anything.

I have compiled Golang software for home routers before.

idk like to build some discord bots, lol

It can do that.

are there decent docs for it?

if you want to lean

visit codeacadamy

I go do and do things and learn from that.

kng furu, their lessons are way too slow

you want to learn fast?

I just iterate until it's fast enough.

i like learning fast

but, ill stick with python for now

You'd like ruby on rails..

I think coding in an actual editor is better my opinion vs website (like codeacademy) , each to their own though.

ahh the good old fast vs properly dilemma

VS Code is nice for Python.

what does vs code do?

It's an editor.

IDE. Makes debugging easy.

oh, i thought it was a module lol

i use pycharm

Highlights stuff. Tells you before you run your code if it will break.

So it's like.. visual studio... For python?..

At least for syntax errors.

I love VS Code 👌

I prefer emacs.

idk which project is good for python

Yes, but was less bloated than Visual Studio itself.

use it for HTML, CSS, JS (angular), PHP

notepad++ 😛

Ironic, it being an Electron app.

ew

Notepad++ is painful for Python.

@strange silo
+1

Doesn't indent easily.

banned for trolling

lol

"runs and hides*

pycharm isnt bad for python

I use Pycharm

if you use VSCode, and you open a .py, it will show this https://blob.linusdrop.tips/bb71d0bc9a.png

I hated Atom. Never played with Pycharm.

I use atom for random file editing

pycharm has some nice features

it supports anaconda virtual envs