#networking

@waxen scroll that cable stripper works with cat6a?

@rocky badge Is it correct to connect to a server like this: https://machine.my.domain.com

if I want the certificate https to not throw an error in web browser?

It can't be like https://machine?

it cant

need FQDN

actually

you need FQDN and it needs to be signed by a well known company

if you self sign it will still error

I see. Just checking because I am rolling out a CA at home

but wanted to make sure I was doing it right when issuing by fqdn

if you roll out a CA and all of your systems were told the trust that CA, it shouldnt error

Yes, it only errors if I dont add the domain part of it

with it, it seems to accept it

Is this good?

encryption isnt my strong point, so IDK... theres a bunch of options that can be enabled and disabled... some of them being less secure

i forgot what the options were called ;/

https://en.wikipedia.org/wiki/Cipher_suite

thats what they're called

im guessing you want TLS1.3

can you put google ads on ur website without applying?

and also is there a problem if i apply and im under 18?

I'm sure you can but you won't make any money, you'll just be giving Google money

dont listen to @clear igloo . known troll

LOL @waxen scroll

Biggest troll of them all right there 😛

Is a shielded patch panel necessary?

They are very expensive

But then again im using Cat6a S/FTP

i cant really tell you any better than the website and spec sheets would

i dont know of anyone in here that has legit outdoor antenna experience

Sup folks?

@thick minnow Get two of these, If you have LOS, no issues at 2KM. Probably give you 1-200mbs
https://www.wagneronline.com.au/ubiquiti-nanostation-m5-5ghz-802-11a-n-mimo-antenna-wifi-wireless-outdoor-cpe-15-km/ubiquiti/data-computer/nsm5-82040/998610/pd/

I use Ubiquity M5 300 and 400 for now cause of the price and availability. Anyways i get full transfer rate of 300/300mbps on distance of 1,4km both setted up at feeding 3dB +20dB and getting perfect signal -52dB also AirMax is always 100%. And because of not so much 5GHz signal beign in the area i got bout -107dB noise. The price is cheaper than Nanostation.

Right now i get free internet from a local coffee/bar place. Still using a VDSL+2 but the modem provided by ISP is trash. So i just use that one to bypass the telephone line to LAN. And i dig out from spare parts a pc that runs PFSense as my powerfull router. With a Core 2 Duo E7500 and 4GB Ram it's a Dell Optiplex (with Wake on Lan). For local wifi i use Ubiquity Lite AP. So by far i get no like problems of internet speed goin low, internet restarting and etc.. Now i'm just waiting when they gonna have here in town Fiber Optics.

hello people, I've seen a lot of people making mentions of a "free" Meraki Cisco switch... do you guys have any clues?

You attend a training for a day or something and they give you a switch with a 1 or 3 year license (I forget)

Hello

I Bought this switch with webpanel recently. Ive had hardtime to get it working.
Ive got it working now but my log spams WAN to 230.0.0.1:6666 is this normal?

My setup is: Modem >> patchpanel >>Pfsense >> switch >> pcs

https://www.google.com/search?q=230.0.0.1%3A6666

sounds like you need to play better games

would you guys go with pfsense or opnsense or...something else? I'm kinda undecided because I'm replacing an old cisco router and the new kids are powerful. I also hear some things about untangle and Sophos utm but those seem more like consumer based. I'm looking for something to replace my setup. (Also I wanted to point out I was asking from a wisp pov. I have to change some secure isp stuff but that's for another day)

well, that's a long text

I was thinking of moving to a pfsense box. The features I was most interested in were the pfblocker that's easy to configure and openvpn, also easy.

the name is familiar and I am familiar with it and meets my needs

I do not do layer 7 inspection

Im having trouble ive already had someone help me to a extent its not my firewall and my isp doesnt block ports it has to be a router/network issue

any help

@little schooner yeah, but opnsense is basically pfsense with a cool new gui..

ooooooof

opensense

Is that a liking or disliking oooooof?🙊

disliking

🤣

I kinda agree but shhhhh

Anyone got suggestions for a server config to run a discord bot for around 40 servers, approx 22k users?

What does it run on now and what's the bottleneck?

What does the bot do? I run a bot on my server and it has about 10k users. It does music and other things. But from what I gathered, one music session uses about 0.5% CPU, so if there is 40 servers you should not run into a CPU bottleneck. As long as you have about 4 cores and a good clock speed you should be fine. No need for expensive server grade stuff. Storage highly depends on what bot you have, I have had my bot running for about a month and only stored 7mb of data, so nothing more then a 120gb hard drive (with redundancy of course) will be needed. The issue is network bandwidth. You receive everything that goes on in each server so if you have a large amount of updates in that server, you will run into a bandwidth issue. Right now I'm using about 400kB to 600kB a second and when playing music, 120kB per server using the music and 1.5mB down per server. So I would recommend a good internet connection. Also, discord API has a tendency to kick your bot off their network now and again. Make sure it auto restarts otherwise your bot will go down without warning. @drowsy wolf

@thick minnow wait for next version of pfsense for gui improvement

I manage a datacentre with unlimited bandwidth, I'm asking just for hardware side but that answers most my questions.

I might just use a Ryzen 2600X, Samsung 970 Pro 1tb m2, 32gb ram should be enough, but I'll use 2 16gb sticks so I can top up if I need to.

The bot is made to hook into our services for my company discord

So in general it'll include CDN upload and viewing of files, github stuffs, links to our facility management panel, but also general purpose stuff like music, VC tools, punishment stuff, etc

We've got an incredibly fast rack of database nodes so I don't need to worry about SQL or Redis but I just want the bot to run reliably

I doubt you'd need anything a tenth as impressive as that.

Naturally it'll depend on how you implement your stuff.

For reference we've got a box handling moderation for 20k users on 9 servers using less than 1GB RAM on NodeJS, with it caching all messages.

All of our software components are custom and we only include what we need so integration should be pretty neat

What language will the bot be written in?

The bot probably discord.js and its easy to implement interactions between bot and software via js anyway

Just don't do anything stupid (i.e slow, blocking stuff) and it will likely be fine on basically anything.

Was the specs I listed overkill?

It's purely because we've got those components spare already half built

So obviously the library doesn't need much of anything - It depends on what you're making it do - But based on what you're saying it does sound like overkill.

I know of a Python bot that scaled to 5k servers on 1GB RAM and a single CPU core, doing moderation stuff and code execution via stored database values.

Actually ran in Virtualbox until it was recently moved to a Docker container.

I'll probably just install that system in general and then run multiple things on there

It may end up being that I use it to host the bot in a docker container and then shift the admin panel onto there

Actually, how are some websites blocked on the network? Router settings or a dns which blocks certain websites

DNS blocks and usually most common but you can do IP blocks or deep packet inspection as well

Like, ive seen some netowrks where you cant rly access certain webites

All depends on the network, you can filter everything through a proxy as well and block that way too. There isn't a 100% guaranteed way to block everything without doing a whitelist only model

Like, the network i saw had blocked social media

Facebook, instagram, or whatever

most networks that block sites relie on a proxy that has the blacklist (or whitelist) in it to do the job

I mean I can block social media with a couple clicks via DNS blocking, that's easy

and they can set anything based on category of site or specific domains or both

Id like to knwo how to do it

Know*

But, how do you block usage of social medua apps on mobile? Or block them by ip?

even the apps use dns

So, you just block their dns?

I use OpenDNS Umbrella but most home users would usually have a setting in their router to block specific stuff which does about the same thing

yeah, if you block all the domains they use, itll make site and app not avail

Alr, ty

Umbrella gives me more control and insight into the network whereas a typical home router might just have a "block social media" button. I can see the requests being made to every site, potential malware, command and control, etc. requests as well and filter by about 100 different categories and risk levels. There is a home version for $20/year if you want to mess around with some filtering and whatnot for fun, doesn't give the level of detail as the enterprise version but it's still nice

I’m having trouble port forwarding I’m trying to make a server for a game I play called five m I have it open so it is listening to my port I even have a app called listen to test if your router is port forwarding right nothing shows up when I try to port forward it won’t open I’ve talked to my isp they do not block ports any help please

sorry lurick, zscaler is the best

i laughed at that too

seems like a much smarter person than most posters, so i let it slide

@ancient vigil wot how

Lol

Juniper notebook?

Idk how to even use that

Oh

Oh crap its jupiter notebook

Damn u just messed up my mind

😂

Whats that arista thingy? Any os based on linux?

If i had a database id use a linux server

I havent gotten into data science yet

Ah

I though it was pretty much a database server lol

i think this room attracts the smart people in LTT discord

Then why are you here @waxen scroll

😛

My professor is going the poor man's path and replaced Cisco with pfsense

and managed switched with web managed switch

why

cisco for schools is like close to max discount

$4000 routers are all of a sudden $1500

why is professor making decisions instead of their IT team?

🤔

@clear igloo Q?

shrug

@little schooner what do you go to school for

@waxen scroll I am going for networking administration and later on take a loan for something in cloud technology or networking security

@waxen scroll Oh, in our case, his lab is not supported by the IT department. He basically calls all the shots because he is a good grant writer

IT wanted nothing to do with it because it didn't match the school's computer use policy

So they said if you build it and use it with your students, don't come running to us for support

and he loved the idea and converted it to a Linux lab

I didn't know Cisco gave discounts on switches that massive for education environments. But he was looking for switches and when he saw the price tag, anything over a grand was expensive to him

Anyone else using Quad9? Their DNS is pretty kick ass.

Quad9 DNS

More like blob9 DNS

blob was running a DNS server before

managed to get 32GB of DNS query traffic

lol, nice

RIP AWS bill

I'm sure

😂

blobnein dns

Not sure if this is the right place to ask, ask in the right channel

But

I've got a bit of a problem and my solution involves setting up a proxy

Problem: school blocked discord

Solution: make a proxy

However, I want to make the proxy on my RPi at home. I know of a way to make a simple proxy that works on a browser like Firefox

However a system wide proxy is preferred

The client system, aka me, is running mac

Sorry if this is a stupid question

If anyone could help me with allowing PIVPN clients access to my SMB share that's on the same network please @ me.

a system wide proxy is called a vpn

so if its a school computer it likely wont work

for web, you want to self host https://www.jmarshall.com/tools/cgiproxy/

there are many public cgi proxies but many school filters are very good at blocking them since they've been around a while

If a school blocks something, it’s for a reason.

It’s because they don’t want kids shitposting on Discord when they should be learning.

Meh. I used to use TOR at school to access perfectly reasonable stuff they had blocked.

Worked well enough.

Their filters were a bit too overbearing and sometimes stuff required for classes was blocked.

Technical college I went to afterwards blocked TOR, but otherwise basically only blocked NSFW stuff and non-[443,80] traffic, so the filter was frankly more useful than annoying unless I needed SSH.

Mobile broadband and SSTP were more than adequate for that.

kek

the answer is yes

forgot about that dude

@rocky badge did you make your own cloudflare

@pseudo blade depending on how savy you are, you can now do ssh over https which is pretty fun.

It wasn't very smart. Another guy in the class just bound his home SSH daemon to 443 and it worked.

No packet inspection.

that won't work at my college they do dpi and look into the contents

if it looks encrypted it denies it no matter what

they observed the pattern of openvpn

vpn packets are pretty easy are easier to identify then just https

I did not get the chance to try something like sstp

but they've since lifted the openvpn restriction

During a corporate restructure

at least now our wifi is encrypted. before it was public open

shared password on all the walls?

😂

@waxen scroll Cloudflare's login page has been broke af lately.

@thick minnow Wow, thats pretty ignorant. We use discord for co-operation in our class actually. I wouldnt mind if I was just browsing other servers, however this impacted some of our workflow.

I know that most of our gymnasium uses discord, so they might have blocked it due to tons of traffic going to discord or something

@waxen scroll maybe

👀

they blocked it because they can't monitor and filter all of Discord

plus, they can't control your Discord account, they can't limit what servers you're on

plus, COPPA, and Discord can open an opportunity for cyberbullying, data risk, and shit

TL;DR, you don't know better than the network admins.

as long as they leave reddit open, I'll be a happy guy

@unreal wedge
Mpr and dte, dte is to computer, mpr is to network device?

@rocky badge
Dare I say.. tor blocked?

Discord has been open ever since it was released

But yeah, fair point with the data risk and such

However I dont think that was the reason

@covert ibex lol

Ill ask the IT guy about it when I see him, hes a cool guy

I still stand by my original statement @turbid skiff.

You can do whatever you want it’s your life, not mine.

Also the fact that you want to use a proxy to bypass the fact that the school IT network administrators blocked certain resources and stuff from the network already makes me suspicious of you.

Innocent legitimate people generally have no reason to want to use a proxy to access restricted network resources unless you want to do that for nefarious purposes or just to “break the rules”. OR if you live in a country that sensors your internet access(Which I highly doubt that you are.)

Yet I’m the “ignorant” one here, ok.

kek

I stand by this statement as well.

Getting caught bypassing network restrictions is a great way to lose all network access.

Honestly if a school IT guy is worried about a student downloading something like wannacry and not being able to fix it, or have things in place to not be affected by It, I'd be suggesting to him to find a new job.

The key words are getting caught

My HS’s IT coordinator left a plaintext master password on one of their servers in a network share. Should have I been snooping? No. Was it worth it for near unrestricted access? Maybe, but I have no interest in other people’s stuff

Last time I checked that powershell script is still there

As long as you aren’t being an idiot or revolving yourself around snitches, you’ll probably be able to slide under the radar.

The most I've ever done was delete the event logs

@ancient vigil
Not as far fetched as you'd think..

@swift fractal
Or, go the complete other direction.
Walk in the IT office, ask to talk with the lead/head IT guy.
Say you're wanting to get a job as a penetration tester, and if they'd allow you, can you do as much havok as you're able to, to test their network.
Emphasize that's your ideal future job, and any experience getting there would be helpful.

Literally got my first job of 4 years like that.

if youre that worried about me getting caught, well...
The IT guy left the password to the teacher wifi on a paper in some classroom where some of my friends copied it. They use it to this day.
During LAN parties that the school organizes all restrictions are lifted, and I mean ALL of them.
We will just have to use discord on mobile in that case. Or use skype if it allows file

And if about the ignorant part: you instantly thought that I'm suspicious when the only thing I wanted to do is have access to discord again. I understand the concern, and it's great that you care, however not everyone is trying to do shitty stuff. I'm in Sweden, so no, nothing is restricted by the state (except for tpb or something? That was a while ago)

Well. thanks for the help in any case. I remember setting up a VPN on my pi when I went to the UAE so I'll try reviving that. Also will ask the IT guy today.

Cheers!

It didnt seem to be any restrictions on the internet on my school

@little schooner yeah, probs what’s gonna happen is I’ll build it now and the upgrade it later. I don’t know how can netgate sell server-like routers when if the person/company has the money to buy they probably have someone to build one better for the money... the tnsr tho. Maybe..? I’m not sure. I’m still intrigued by sophos utm tho. I think it’s more powerful as a router... or untangle... so many options. Shit.

sWEEBen

lol

Also, just as a general FYI:

Any network and computer systems that a person accessed without permission or a written legal agreement is a federal crime where you’ll will get fined and serve jail time.

Cheers!

Think twice before you do.

i hope im asking right here, im trying to host 2 websites on a ubtunu site how can i configure it so that the other website takes other files instead of taking website1's files

anyone how to hook up 3 ethernet devices to a range extender/access point with ethernet port? powerline would not be ideal for me

I think it is a wireless bridge I have to use and a switch but I am not sure how it would be set up

Just use a splitter.

Use a switch

Hubs or anything called a "splitter" is garbage at best

@thick minnow Just connect the ports, most consumer switches are dumb L2 switches so any port can be internet or host connected, doesn't matter

I was talking about an Ethernet Splitter that this dude could plug into this range extender.

It would be cheaper than buying a switch.

Simpler as well.

Can I ask what the correct answer to this is

Cuase Im 100% sure that there isnt a limit

@solid lotus All of those are wrong

Most switches have 48 ports today.

Modular chassis can have 512 or more

The answer for that question is 24.

But if you HAD to pick, the most common configs for fixed switches are 24 or 48

I brough it up with my lecturer and he said this

we got a bunch of NERDS in here

That question is from netacad i see

tell ur prof im CCNA certified and agree with lurick

🤔

even tho lurick wont help me with my vpc problem

lol 😛

I’m common sense certified, pick 24.

Well time to get my lecturer in trouble

Wooo

And netacad is owned by cisco

Cisco uses old questions fix netacad cisco

you know what they say.... if you cant do it professionally, TEACH

🔥

@waxen scroll lol, oof

Or you know, just google all the answers to your question.

@solid lotus Tell them to look up the catalyst 9400 switches, 9300-48P as examples of why the question is technically wrong.

I understand what the question was trying to go for but it still fails 😛

Netacad is not good their network is unstable cisco needs to fix their stuff around netacad

Most of these professors just reuse the same old tests. They don’t care about correcting the mistakes, they’re not the ones who created the tests.

Netacad is based on 2008 hardware at least the slides are from 2008

That would explain why.

Yeah and owned by cisco to make it worse

lol, all the tests have been updated dozens of times since 2008. Makes no sense why they are still using old material, unless the school/teacher bought it in 2008 and hasn't renewed

I never seen a question like that on test

it's likely they changed it to fit the class

Yah, I'm thinking that's possible too

my professor did that all the time. I saw typos here and there

They change the tests yes but not everything

he would change it up to stop brain dumps

and just recognizing the questions

to stop that

I just know it's from the netacad site that cisco ownes but most schools use it

Hes famously a dipshit so I wouldnt worry about it

Just be glad you’re not taking these tests on Blackboard.

I have my midterm exam today for my programming class on BB.

netacad has the questions updated from time to time

I think i even have had that question it's to spot who knows a bit

It's in one of the first chapters of ccna1 or ccna2 don't exactly remember

it’s John CCNA!

I love killing conversations.

Netacad is decent but i hate that they were unstable sometimes

It's a nice play on words polski

Do they call you drag because you DRAG the conversation on and on?

kek

@carmine moss hmm unstable where?

In Belgium mostly on tuesday

Havent been on in a while so can be fixed

when i did netacad we didnt even do any of the modules on the website

we took the final test at the end lol

that was rough because you know how cisco is when they test... the wording is weird or they'll bring up stuff you didnt know was going to be on it

The chapter exams and the final test were the only thing i needed to do there. The final exam was not needed but recomended pretty important tho

Packet tracer is nice tho now that they fixed a login bug.

you should use VIRL

Need to use packet tracer for my school

my teacher assigned various labs netacad offered for most chapters. I really did read each module carefully

netacad basically has everything you need to pass ccna

@clear igloo how would it be set up? 3 ethernet devices to switch then ethernet to the range extender?

@thick minnow Yup

Can I pick up any 5 port gigabit network switch and be good to go? or is there a specific model/brand to get?

Yup, just a 5 port gigabit switch is all you need, no specific model/brand

Ah, found one for £12. Now to find a good range extender. I probably only need a small one (like 750Mbps) since im using ethernet anyway

can someone help me with hosting 2 websites on one apache2 server

Why are you trying to host two websites?

That's easy. Virtualhosts. I host like a dozen.

https://www.youtube.com/watch?v=HIdb8fU18oI

i like how hes putting more editing in these

anyone have experience with powerline adapters

?

yes, but you should really just ask the question instead of asking the question back at people

You'll get more replies doing the former

Anyone online

Just ask your question...

The joy of chatrooms - People don't have to be online now to answer later.

Just throw questions out and check back later.

Anyone here a guru in pfsense?

Well taking the notes from the above conversation, I'll just ask.

I have a pfsense firewall with multiple gateways (WAN, a few OVPN Servers), and I am trying to get the hosts that are passing through the VPN gateways to use are certain DNS server. I can manually specify what DNS servers are used per host in the static DHCP table, but I am trying to configure it automatically?

If I run a DNS leak test here: https://ipleak.net/ I always get my ISP, regardless of what I have configured above, it seems like it's doing nothing?

Any pointers is appreciated, thanks

hi, i will in a near future try to build a NAS. Is there a website where i can learn how to do it ? 🤔

@median ore
"Building a NAS"

do i just serach that on google or you have website ?

Google.

Plenty of sites, and YouTube Vids.

step 1 grab old PC
step2 install XPENOLOGY
step3 configure
step4 enjoy

@thick minnow
What's the issue?

@sturdy mirage can i use other OS like a linux distro for example ?

@median ore viens en mp 😃

Hiya! Update on the guy that wanted a proxy:

Talked with the IT lad, he was confused when I asked why they blocked discord. Apparently it was a mistake and it's been fixed now.

Hey I want to get 10 gig unmanaged RJ45 switch, does someone of you know a goog and not to expensive one?

*good

mikrotik got some of these

@austere scroll You are trying to set a custom dns server when clients connect? think you can use a push entry in the openvpn server side config

push "dhcp-option DNS your.dns.ip.here"

which is the best: SQLAlchemy, MySQL, or Postgres?

I'm reading Chapter 6 of my CompTIA Network + Course online through uCertify.

Routing IP Packets.

Basic Routing Figure's.

D11 AOB

What's that?

@covert ibex basically i got new internet that can do 100mbps but my powerline adapters cant even do 20mbps when they're rated for 500 theoretically. I already resynced them and one of them is directly plugged into my laptop thru ethernet. Im pretty sure my ethernet cables are cat 5e so that shouldn't be an issue right?

was built in 2002 so they wiring can

cant be that shitty

What is the throughput that you're getting?

Only reason im running powerline is for my laptop. I get 5g wifi in my room at 90mbs and my phone gets 60 but i dont wanna deal with lag

Have you done a speedtest on your local network?

is lag on wifi an issue still?

with 5ghz bands?

@thick minnow yeah

advertised 100, 10

i get 70-90 on my laptop in my room

with 8 upload

When you say lag, you mean latency right? What is your average ping in MS?

8-15

ms

im just worried about gaming

because my wifi signal is at 2/4 or 3/4

That's not bad, what type of hardware are you using for your home network? DSL, Cable Modem, Ethernet?

isp provided router/ switchj

it does 5ghz and wireless AC

Who is your provider?

fido/rogers

i just switched from bell

the bell router didnt have 5ghz wifi

im just worried since im on the other side of the house i dont want issues when i need a constant stream of internet

for gaming

so far, netfilx and shit has been fine

its just the signal strength that im worried about, regardless if the speeds I get are really good

Hmm, well the best thing to do for gaming would be wired Ethernet connection, however since it seems like you want to use WiFI, you'll probably need to make sure that your wireless AP is situated in the best possible location in your house.

Generally more towards the center of the house.

which is why i was trying to get my powerline to work properly

So you have even converge.

i cant run a 50ft long cable

my room is over the garage so i get screwed even harder

but my router is now in my living room, which makes me gettting signal without a secondary router possible

Remember, whenever you use WiFI your speeds are almost always going to be slower then a wired connection.

I know the basics of networking, my only issue is my powerline adapters

they

If you have solid objects, walls, and a large distance to where you are, that will also effect the speed/signal strength you get.

Does your laptop have an Ethernet port on it?

yup, ive been trying to run a powerline adaptor directly to it

What do you mean by powerline adapter?

If I were you, I'd just buy a range extender and hook that up to your Gateway/Router with an ethernet cable and have that range extender extend the signal from the Gateway/Router and act as it's own AP that your devices can connect to wirelessly.

You could also buy more then one WRE and have them installed in various locations around your residence, and have them all cover your house.

Just some food for thought for you.

That or just hook up your laptop to your Gateway/Router via a wired 802.11 Ethernet connection.

@thick minnow Powerline adapters are only useful and reliable if you are connecting them to the same circuit

if it has to go through the circuit breaker you can pretty much say bye bye to good speed

@little schooner what are the chances it does if 1 is in the living room and ones is in my bed room?

can that explain why im only getting 20/100

its been right beside my breaker for 2 years with no packet loss or anything

but my old internet was 30 down 10up and it did 20 so

is it maxed out by my wiring and i haven't noticed?

my house was built in 2002 which is why i doubt its that

Cat 5e cables can supply 100mbs correct?

Cat5e is 1000Mbps

Cat5 is 100Mbps over long distances, you might squeeze gigabit out of a very short run

yeah so im at a loss

its either wiring in my house or idek

i just ran both of them in the living room with one connected directly to my router and my laptop

i only got 45mbps

its gotta be my wiring

It's possible there is interference in the wiring or something isn't properly grounded causing issues

With powerline there isn't a guarantee unfortunately and while some of the top of the line new stuff might handle connection hops between circuits much better than those of old it's still a crap shoot as to how well it will work in most instances

if i still get 70- 90 mbps of speed across my house out of the advertised 100 i get should i be concerned with lag and latency over 5ghz wifi?

thats my only concern

my ping is still only 7ms

so far its been fine

Depending on the connection into the home, it could vary, but if you're getting 7ms over wifi then I wouldn't worry at all

but i havent played any mm games

okay, thanks!

Just don’t use the microwave with powerline.

A laser printer also trips the outlet too i noticed

or it just may be my houses wiring

Last time I checked, my WiFi adds almost no latency

Compared to cable

same here. it's good wifi

Like 1 ms or something maybe

sounds bout right

I think I get 2ms

good enough

But it's so small I can't accurately say exactly how much it adds

Because most just measure in ms and not less smaller measurements

Can be 2 too for me, but I don't quite remember, it was 0-2 ms somewhere

Asus WiFi card

I think

I have the Intel 9260 adapter

what are the basics of networking

i dont think you know the real basics of networking

xD

1s and 0s, how mac address tables are populated

how @clear igloo's company cant do port channels right

oh I know how Mac tables are populated I did a process description on that last week

but only for switches though

not talking to you, i trust that you do

oh

my professor loved the paper though

Big Ching

the paper?

yeah it was technical document

I had to write about that

I used the graphics from Cisco net academy for images

cited as such

luckily it was easy to write

but this was the same class my professor cried in front of us

I'm making a spine and leaf network lab tomorrow

Got some Nexus 9k and 100G line cards

100g Nexus 9k Meanwhile we had 1941's with obsolete firmware.

@solid lotus Wow that is one of the worst network test questions I've seen.

Yep that appears to be a completely bs question. If I saw that on a test I would be extremely confused, since 48 port Cisco switches are extremely common in the workplace

I'm guessing your test is VERY outdated

How’s it going my networking friends?

Confusing... I'm hosting a Minecraft server on Google cloud, it binds to one ip but hosts on a different 🤔 🤔

So far using mcsrvstat it shows that it's working, haven't been able to test on the actual game

Hosting on Google Cloud?

I’ve never heard of that before. Is this something new?

Or I should say, a newer service by Google?

Well the VM instance through Google cloud, found it out from Nemes

I assume this is a paid service?

They give you $300 free credit so I decided to mess with it

cloud.google.com

Free credit means what exactly in this sense? Is it like Windows 10 where they want early beta testers to use it for free for a while?

Well, not anymore on the Windows 10 stuff.

But you get my point.

🤷 all I know is when you sign up you get $300 for doing whatever you want

As a trial

Keyword: Trial.

You lose the credit after you use it all or after 12 months

Hmm. IDK man, I’ve never in my life as of yet hosted anything on a cloud hosting service.

It's similar to AWS I think

Im sure they’re better people on here that can help you, blob uses AWS I’m pretty sure.

I’m used to hosting a Minecraft server the traditional old fashion way, from my home network. lol

Haha

Even that has become more difficult now since almost all ISP routers have DHCP on them, so if you want a static public IP for your Minecraft server you’d basically be upgraded to your ISPs business class for clients.

You’d pay more as well.

Here in england everything has one ip nothing ever changes (not a networking nerd, so don't know terms for stuff) even though I have a dhcp option on my router 🤷

It’s been a long time since I hosted anything so don’t take whatever I say to heart.

I have almost zero experience in networking so you'll probably know better than I do

I’m not a Networking Nerd yet either. I’m taking a networking class in college this semester.

Ah nice

So far so good, I have my midterm coming up on the 18th.

It’s going to cover chapters 1-5 of the CompTIA Network + N10-007 Course.

Don’t worry man, you’ll be fine just ask blob when he gets online he can help you probably.

I’m pretty sure it’s ok to tag him and he’ll get back to you.

Okay, i think it works either way

Just a bit confused that this happened

Do I just have to change that routing to bridge option to put the modem in bridge mode or there is something else I need to do? Already tried to put bridge in that field and internet stops working

@subtle glen I don't think it can be a bridge if PPP is required.

If PPP wasn't required, I'm sure it would of worked fine

but when you select bridge you are prompted to this

all the other options disappear

yeah, because PPP needs to route the request to remote server

a bridge simply connects two dissimilar medium networks together

it has the effect of also being a switch, and forwards the requests to other devices down the line too

ie perhaps your own personal router could listen for the PPP request and you set it up there

@subtle glen

i'm a little bit lost. So how do you bridge a router then?

By doing what you showed in your screenshot. You turned the router into a bridge.

Therefore, it could no longer do PPP to connect to your isp for internet access

people do this if they want to use a separate router usually one that has more functionality

so i have to set this PPP thing on the edgerouter? (the router in cascade with the isp one)

@subtle glen yes. So the bridge would forward any responses to the EdgeRouter

and EdgeRouter will be your real router that forwards traffic out

PPPoe and PPP are 2 separated things?

PPPoE is for ethernet and the other is dsl/dial up/serial connections if I recall correctly

I've never actually set up PPPoE except in a Cisco lab so

there might be some info I am missing

wait hold on, so if i put in here the credentials that are in the ISP modem (the one censored) and copy the MTU and PPPoe ID it should work, right?

and also select the interface connected to the modem (in my case eth0)

in theory yes. copy everything exactly, even if it has vlan id

I'm not sure if PPPoE ID is the same as Vlan ID for the interface

highlight the ! icon to see if it explains what that is for

@clear igloo at first I was worried that GUI spine and leaf would put us engineers out of jobs in favor of application people

Then I met ACI

No way app people are going to understand it. GUI won't help

can't find the PPPoe ID tho

@subtle glen it was in your screenshot

I dont know if it means vlan id

you have to highlight the help icon to see what it says

it just says that PPPoe must be between 0 and 5

the one that says 0 ?

no it's not that. so perhaps it's just a random number of your choice

between 1-5 like connection profiles

PPPoE1, PPPoE2, etc

did it work out? @subtle glen

i'll try it later or tomorrow cause everyone got back from work and they are all using internet :/

wait, what about that PPPoe Passthrough feature you can see in the first picture

Well that option isn't available when you turn that router into a bridge, so it wouldn't make a difference for EdgeRouter being able to connect via PPPoE

oh ok. I'll try to config the pppoe in a bit, thanks for the help

no problem

It kinda works, I just have some dns issues now

problem solved, everything works and finally i am not double natted 😄

awesome glad it works

kick that old router to the curb

Cisco TAC has used WebEx to take over my desktop

🙏

@waxen scroll Double check at random 😛

🙌

click*

They're typing scary shit

haha

show version? 😛

Trigger dbus ipv4

Elam asic flanker instance 0

welcome back lz btw

I missed you

awww

missed you too xD

@little schooner still have to use it to convert the SFP to ethernet xD

@clear igloo the command output said TRIGGERED

haha, did you scream that at TAC?

No, but I accidentally coughed real loud into the phone

👹

lol

does anyone know the right way for what account to setup for email alerting? like, should it be a public email or an internal email address, etc?

I think I'm just going to stay in here for a while

I am not sure what account should be used by a service to email me when there is a problem

It can be either as long as the smtp server is set up correctly

@cursive valve what if the public email account gets blocked from sending messages to other email addresses for alerting?

or it shouldn't do that?

I mean that would rarely happen. I know many people who just use Gmail mail servers

@cursive valve personal or the business one?

I've honestly used both buddy

alright

How often do you plan on setting alerts for.

only when there is a hardware failure that idrac can detect

or temperature rises beyond thresholds

Yeah then they wouldn't be blocked unless your email is configured to block non internal/non whitelisted domains you should be fine

OMG linus has pfsense 10G @clear igloo

#oldnews 😛

meanwhile i have Cisco ASR 9912 10GB internet

multiple.

lol, if only ISR 9000 existed 😛

that one router would take up his whole rack

ASR

😂

he SHOULD put his servers in a colo

fucking dumb having all that locally

Now that he's got ample speed to do so, definitely makes sense

those servers go out, he fucked

I think he's mentioned that have some offsite backups

@waxen scroll Remember, on the ASR/CSR it's admin reload all, not just "reload" :P
I accidentally shoveled 1.5 million IPv4 and another 1 million IPv6 routes into the network and hosed it good and forgot to reload all on the one box with dual sups under test. Spent a good bit scratching my head on why tunnels weren't coming up >.>

wouldnt know i dont reload them

i have an asr 9001 in my lab i can reload

@rocky badge LOOK AT IT

👌

Ewww, that's SO last gen!

XD

lmao

smh Lurick

btw TAC gave up and used a bullshit excuse to close the ticket

haha, "customer didn't respond after three attempts"?

no, the blamed the firewall and said it looks like the firewall isnt sending the packet

smh

then i called him out on the fact that the active side has BGP up with the firewall and the other side was down

so theres a route

he went "well im not an expert you should open a ticket with the BGP team"

dafuq -.-

No, he's supposed to transfer your ticket

no, i wouldnt want that anyway

its bullshit

Did Oracle ever come back with an answer?

no, but i did get the client to reproduce it with a tcpdump

sure as shit same behavior

no lost packets

so again its on oracle

I say @rocky badge get's hired and figures this out from inside Oracle

so i told my manager im done with this shit

Oracle

im going to get the SVI up with a /29 in lab, test all the failovers one more time

and then thats going to be the accepted solution going forward

If it works fine and dandy then that's one way to deblob the blobs

how the hell did you get a 9001

they are like 10k

i work at a fortune 100

what is that?

is there a way to restrict which email domains an account can send mail to?

im hopefully getting some server and networking equipment from a school

in a Gmail account?

no idea how old or how new it is

just gonna hope its good

@tawny seal its a company that makes a shitton of money. it has 300,000 employees. 9000 locations

im one of the network engineers

oh damn okay

@tawny seal we have 4 ASR 9912s as well

much cooler than 9001

holy dang

@clear igloo linus video taught me about SFP+ today

xD

Im working on hopefully getting CCENT at some point then CCNa

I am for sure going into networking though for a job tho

what cert level do you think im on for cisco?

CCIE?

CCNP

CCNA.

ah okay

see? you can do anything with the right focus

dont need CCIE to work CCIE network

true

😄

not sure imma get CCNP or renew CCNA

yeah I hope to get CCNA

@clear igloo what are you

lurick gets free certs

sooooo

i dont wanna pay $300 per exam

i havent had a company yet who was willing to pay for certs

I might

im working on all Microsoft Office certs RN

and my teacher has free ones for microsoft technology associate

I have Word Powerpoint and Excel

but im going to be getting Word Word Expert Excel Excel Expert Outlook Access Powerpoint and MTA

and theres another class that has some networking certs and some others but Im not in that class yet so i dont know the certs

network+, CCENT, CCNA are the only entry level ones i know

yeah same

ill have to wait and see which certs are free in that class

What's a cert I don't have time for tests lol

I want to go for the server 2016 exam, I think it would be easy but I would like to use the Microsoft course book to learn it. I think my teacher can let me borrow his teacher edition one

it's expensive on Amazon

They used to have free videos what happened to those?

@cursive valve dunno

Microsoft learning on YouTube

Had those playing in background so if there was something new and useful ( seldomly) I could pay attention really quick to learn

https://www.youtube.com/user/microsoftlearning/videos

still exists just not used much it seems

Microsoft visual academy is what I was using but apparently they are shutting it down

https://mva.microsoft.com

yeah I used that before at school

It was nice and free

free? hmm the one i used was paid bys chool

It was free tho

You were paying the school to give you free information bud

hey I'm extremely new to networking, is it possible that I can take this 100ft ethernet cable that I have lying around (cat5e), cut off the ends, and crimp on some new ones, cutting the cable according to size?

awe @cursive valve they only have 3 courses in the server section

Yes you can @faint valley

ok, thanks

Just get some Ethernet tips and make sure ya put the wires in the right order and you're good to go @faint valley

yep

thanks a lot

@little schooner they used to have courses for every exam

Probably want you to pay now

i was paying the school nothing...

it wasnt free information it was a certification

Sup my networking folks?

Just a speed test on my local home network.

Thicc

The screenshot reminds me of how latency heavy ethernet copper cable tech is

Yeah, but it's not like I can exactly use fiber optic on my home network.

This is a Ethernet LAN test.

I finished setting up hardware alerts for some production Dell servers for my professor. Now he can know when things go down because unfortunately the money he got couldn't afford to build redundancy into the plan

The email alerts will have to do in the meantime

Can someone help me? So I changed the wifi network password in my router settings, but the devices previously connected to it, seem to not disconnect after wifi network password change. I forgot the network on the phones, and tried to reconnect, but they dont conenct with the new password, but with the old one. After a few minutes it seems to automatically disconnect and you jeed to reenter the new password. After a few time, again, it prompts you fir he old password. Any idea?

@stoic tendon Is there a seperate 5Ghz and 2.4Ghz network and each with their own password?

No

Only one 2.4ghz network

@clear igloo

Can someone tell me what the cheapest 5 port switch is that's gigabit

TP-Link or similar usually, hard to know without country, stores, etc.

UK, preferably amazon

https://www.amazon.co.uk/NETGEAR-GS305-100UKS-Gigabit-Ethernet-Wallmount/dp/B00TV4A96Q

im looking for non slim cat6e cables but i dont seem to find them

anyone got a suggestion?

@pine panther You need Cat6a or Cat5e

cat 6e

There is no Cat6e, it's either Cat6, Cat6a, or Cat5e. Cat6e is a non-official standard

Category 6e
CAT6e is an augmented specification designed to double transmission frequency to 600 MHz. There is no standard for CAT6e that is recognized by TIA like there is for the CAT5e. The 600Mhz rated CAT6e is ICC’s premium offering of CAT6 like most of the bulk cable manufacturers. In addition, CAT6e cable with grounded foil shielding can reach full 10-Gigabit Ethernet speeds without sacrificing the maximum cable length of 100 meters.

@clear igloo

Yes I know about Cat6e, it's non-existent and you should go for Cat6a if you want proper 10Gb cable support

sorry what the fuck

first there is no cat7e

6e*

now there is

interesting

https://www.amazon.co.uk/dp/B000067SML/ref=cm_sw_r_cp_apa_i_xtpJCbCSZ2ZQQ is this good cabling?

I know about it because it's an unratified standard. It exists only in the sense that it's marketing bull. If you want official standard cable then Cat6e does not exist in that sense

As in is it good quality

@thick minnow No. "based on a copper-coated aluminum core"

@clear igloo send me link for a good cat6e cable

so far i found this

https://www.amazon.com/Networking-Ethernet-Patch-Cable-Router/dp/B00W0IMDZU/ref=sr_1_5?ie=UTF8&qid=1550692490&sr=8-5&keywords=cat6+50ft

^^ its cat6 tho

Well for one it's CCA cable which isn't worth its weight in crap

i dont want slim shit cables

https://www.amazon.com/Monoprice-Cat6A-Ethernet-Patch-Cable/dp/B077H49WN6

id pay for that 90$ bro

its too much

So you don't want crap but aren't willing to pay for non-CCA cable?

its the shipping

lol

30$ s not much

but shipping

costs like 50$

What country are you in?

croatia

How is shipping from Amazon.de? Or are you limited to the US amazon site?

idk ill check for it on amazon.de

roughly 35.8€

its way cheaper than from america

dude wtf there is no white or gray color theres only orange and black

i dont want that can u find another one xd

😦 That's dumb. Grey or white should be standard

exactly

my whole house is white

come on life

Can you recommend me some @clear igloo ?

Yah, searching now

2m and blue or green

https://www.amazon.co.uk/Duronic-15m-CAT6a-Ethernet-Shielded/dp/B00FSAL592
How is shipping there?

This item does not ship to Croatia.

fuck no. blue should be the standard

red for alarm cable

i also need 2 smaller ones like 1 meter

to connect router to tv modem and other little things

slaps Lurick

@pine panther https://www.amazon.de/Duronic-CAT6a-15m-Ethernet-Netzwerkkabel/dp/B00FSAL592

@waxen scroll Don't @ me bro! 😛

i didnt @ you

u wot!

@clear igloo doesnt ship

https://www.pro-ping.hr/webshop/ can u find one here

i could then buy em from there from my local thing

i found these 2 so far

https://www.pro-ping.hr/webshop/Kosarica/

Best I can find on that site:
https://www.pro-ping.hr/webshop/Mrezni-kabeli-i-konektori/Masterlan-patch-kabel-UTP-Cat6-15m,-sivi/

yeah

thought so

i was thinking about getting those

when they acitvate fibre in my area

Even if you do 10Gbit, Cat6 will do it at up to ~55m

is good

@clear igloo found any?

@thick minnow https://www.amazon.com/Monoprice-Cat6A-Ethernet-Patch-Cable/dp/B077H58WY2?th=1

Oof kinda expensive, I need 2

Also not prime :/

The green 10ft cable is half the price of the 7ft version, o.O

I need something native to. UK, so its prime

@thick minnow Ah, whoops

I misread your original link, those will work just fine. I thought it said they WERE Copper clad aluminium but reading again (carefully) they mention they are NOT CCA whereas other people do use CCA

https://www.amazon.co.uk/dp/B000067SML is perfect 😃

Okay

👌

So uh what's the difference?

It's the same one you linked earlier, so no difference 😛

or do you mean between pure copper and CCA cable?

Yea

CCA is prone to breaking very easily and known for shoddy quality in general

Ah, will order this then

I've also never owned a switch before, anything i should be prepared for?

Nope, it's very plug and play

Okay

I've also got a question, in the UK I'm on the ISP Virgin Media with the superhub 3, and I get horrible WiFi speeds, should I get a better router?

I get like 50mbps when I get a solid 200mbps through ethernet

Even next to the router I still get 50mbps

Sounds like a wireless issue for sure, you could get a dedicated AP if you want to keep things simple. Something like a Ubiquiti AC or something

But I don't want access point since coverage is good

See how your AP is configured. See what channel it’s broadcasting on, as well as other information like what bands it’s supports and frequency it transmits on.

Sometimes tinkering with those may help older/newer devices get a little better WiFi speeds from the AP.

What standard is it using?

What do you mean? It's using both 2.4ghz and 5ghz on the same network

So, you’re using dual band. That’s good. But what WiFi standards does your AP device support?

802.11AC? b/g/n?

I’d recommend maybe not using a mixed type for the 2.4GHz try maybe using 802.11n and see how that works.

As for the 5Ghz, you should be fine.

Okay

many

fuck

So apparently these are the ports open on my desktop pc.

Thoughts?

Those are definitely ports

😛

@thick minnow Unless those are open and exposed to the external world then I wouldn't worry

No I'm pretty sure they're not open to the public internet.

I just did a Fing scan on my local home network.

What exactly are ports 445 and 139 for?

read the desc.

I did, I kind of have an idea of what those ports are used for but I've never really understood what it's for.

I'd assume you guys know?

445 is for file sharing like when you copy files between shares on machines

Huh, interesting.

yes and 139 is the alt way of doing it if not support with the other device

my cameras use 139 to transfer the info

Well, we all learn new stuff everyday.

https://youtu.be/GxE395bCANM?list=PLG49S3nxzAnmpdmX7RoTOyuNJQAb-r-gd

Very good video by Professor Messer.

Sorry if I'm not supposed to share links.

The one thing that was nice about classful networking is that you never needed to specify the subnet mask (and one did not even exist at that time) because There was a specific class A, B, C, D, E space so if you had any arbitrary IP, you would know what class it was and what network it was in. They were not even called subnets, they were just called networks. Like AMPRnet got network 44. Subnets came around when those with class A networks wanted to be able to split up their network into multiple zones for their own internal networks which they called subnetworks or subnets.
Until CIDR came around, subnet masks did not even have to be contiguous. There is no reason to do this but if you wanted too, you could have two networks that operate in what seems to be the same space but one of them only uses IPs that end in odd numbers and one only uses those with the even numbers. There is no reason to do this at all but it is still possible.

Ah ok.

Did you type that all out or ?...

Yes

I don't have my classful networking copypasta on me right now

i mean, the little knowledge i have, surely you would just use VLSM? or is this to do with routing aswell as allocating ips?

@clear igloo whats ur asn

@waxen scroll I have no ASN 😦

@clear igloo i use 88888888

I use 666666

jk

rude

Don't you mean: Macar00d?

jk

@thick minnow @rocky badge https://www.youtube.com/watch?v=MlW7T0SUH0E

@waxen scroll Why not express your ASN in ASN Dot format?

@clear igloo cause i can do what i want

@waxen scroll Like a boss

dot at me bro

dont blame me that your operating systems take 88888888

dont like it? re engineer it

@clear igloo one of my coworkers said something naughty

he intends to upgrade the ASR9k software

i dont think weve done it before

88888888 is a valid 4-byte ASN, not sure why I wouldn't like it 😛

Upgrade it all 😄

@thick minnow i was CLOSE to putting dual stacking in a major pharma company before i quit there

one engineer blocked me

Big OOF.

OOOOOFFFF

he wasnt wrong that theres no business case

but we had time to do it

Just do NAT46 on all the things 😄

ping 127.0.0.1

Here is my copypasta
"Classful" networking is rarely useful other than for understanding How We Got Here.
Class A,B,C represent the position of the first 0 bit in the address and a corresponding natural netmask. A=1st bit (/8), B=2nd bit (10xxxxxx, /16), and C=3rd bit (110xxxxx, /24).
In RFC1918, a single A (10.0.0.0/8), 16 Bs (172.16.0.0/12), and 256 Cs (192.168.0.0/16) were set aside for private networks. Yes, 192.168.0.0/16 is 256 class Cs, not a single class B because it is within the class C space (the bits start with 110)
IP address classes are no longer relevant, beyond understanding how things were done in the past. Address classes haven't been used for assignment or routing purposes for over 20 years, but the term lives on because it keeps getting undeserved new life in networking classes and training materials.
Classfull address assignment/routing was horribly inefficient for two main reasons, both of which were corrected by a combination of CIDR and VLSM:
Assigning IP networks on byte boundaries (/8, /16, /24) was not granular enough. Even if you needed 257 hosts, you would need an entire class B though you could get two class Cs but routing would be harder because there was no way to specify subnet mask. Even worse, if you only needed 25 hosts, you would have no choice but to get an entire class C waisting over 90% of the space.

Classfull routing was starting to bloat routing tables, both inside of and between networks. If a network had a little over 8,000 IPv4 addresses under its control, in the pre-CIDR days, that meant that they or their upstream provider would need to announce routes for 32 individual class Cs assuming that they had no class Bs or As. They had to do this even if the networks were next to each other.
It's fun (and informative about a netgeek's skill)
when they call, say, 72.234.7.0/24 a Class C and you
can say no it's not. Then you see if they can say why.
Take everything you've ever heard about classful networking, throw it
away, and outside of trivia games never think about it again. Network
address classes haven't been a valid part of TCP/IP for more than two
decades now.
I seldom see people actually talking about class {A,B,C,D,E} networks as such. It's almost always a reference to the size ~> netmask ~> prefix of a network.
You can safely say that 72.234.7.0/24 is a Class C /sized/ network. While it happens to be in the (former) Class A IP /range/. But it is most decidedly /not/ a Class A /network/.

thats not a copy pasta, you just spent 20min typing that by hand

its OC

XD

I copied it from a number of emails

current job illegally uses 11.0.0.0

yoloooooooo

That's class A though right?

What do you mean by "illegally"?

If you want to read the entire conversation on NANOG about classes here is the thread https://mailman.nanog.org/pipermail/nanog/2018-December/098363.html

they're not ours, and we use them

I thought it was interesting what someone said in the last email
When I first started working with Cisco products (around 1999) I came upon a router doing NAT for internet access that used a discontiguous mask to determine which address to PAT the hosts against as they were doing some creative load balancing. It worked really well, no matter what part of the 'block' the DHCP server gave inside addresses out to. I was stumped for the longest time trying to figure out what this did.

we dont advertise it publicly, its being used for a large network in ~SPACE~

we had many shit admins when ipv4 was becoming a thing

so shit like this happens

What do you mean not yours? It's a privately assignable IP address that any origination can use internally on their networks?

11.0.0.0/8 is not private. 10.0.0.0/8 is

we had some moron manager go DURRRR each distribution center needs a /8

Oh I see.

and they stole public IPs

Also, I know you moved on but can I say that I will kill anyone who tries to use AS-DOT notation on me

Sorry I'm dumb.

@fresh copper 😄

@waxen scroll Hope they never need to access a site that resolves to those address spaces 😛

Good Resource: http://www.vlsm-calc.net/

@waxen scroll be AT&T and use 1.0.0.1 internally

@clear igloo its almost all cleaned up now except the 11.x

Why would it be illegal still

In AS-DOT, my ASN is 3.5705 which confuses me greatly

public address space for local stuff

It would just effect internal traffic right?

im just calling it illegal to be dramatic, its still not right

The internet police will get you for it 😛

if i advertise it publically i would get in heaps of trouble

No Ajit Pi will.

lmao

Lol

I remembered when someone said they used 1.0.0.1 for their router, 1.0.0.2 for their AP, etc

their DHCP range was 1.1.0.1-254

Uhm...

Oh yikes

So like, I assume that

is bad?

yes

I assume their stuff didn't work right

it's not private range

and shit with those IPs can be broken

What should his DHCP IP have been?

10.0.0.0 – 10.255.255.255
172.16.0.0 – 172.31.255.255
192.168.0.0 – 192.168.255.255 are the common private ranges

Yup.

fd00::/8 is private link local IPv6

100.64.0.0/10 is CG-NAT

169.254.0.0/16 is used when a device can't get a DHCP lease

i use 192.168.10.0 as the base for all of my home networks

xD

if i site to site vpn to a normie with a 1.0 it doesnt conflict

I kind of get most of this stuff, I haven't touched up on CG-NAT or DHCP stuff yet.(I know the basics for how it works.)

I use 192.168.0.0/24 for main LAN
172.16.0.1/24 for Guest VLAN
and 172.17.0.1/24 for IoT VLAN

Like I said, I'm new-ish to Networking so spare me. lol

CG-NAT is carrier grade NAT. Most cellular ISPs use CG-NAT for IPV4

@clear igloo used to be a group of us who peered across openvpn, ran ospf, bla bla bla

some home ISPs use CG-NAT

That's smart, you separate your VLAN's based on function.

For example why should HVAC VLAN talk to Guest VLAN???

Not good.

https://pcmr.rocks/3134b5877a.png

Looks alright to me.

VIRL nerd :p

I see eth1-3 is disconnected. Are those interfaces not in use Blob?

yes

Or just down?

Oh ok.

https://pcmr.rocks/3dac188520.png

What software are you using?

AWS?

This is EdgeOS

for EdgeMAX on our EdgeRouters

Ok.

So it's like a software that you run on a computer?

it runs on the router

Oh so you just SSH into it?

rip caps

edgerouter~~~

telnet, SSH, webgui, UNMS

My networking situation is just the isps router

I assume you're using your web interface for it Blob aka 443 or 80? Perhaps 8080 or 8081?

443

Smart.

See I'm learning...

stuff

this app thinks my iPad is the gateway

But I know why lmao

Fing is an interesting app.

I like it.

it sees the bonjour service and mDNS from the router, so then automatically assumes

lmao

So it this a scan of your IOT Network?

yes

@rocky badge SkynetIOT buddies 😄

@clear igloo yeeee

t

@waxen scroll With the sane setup 😛

Is this something in your home network that you have set up? Or is this a separate VLAN that you created for guests at your corporate environment?

this is at home

mines home

My networking professor said that sometimes it may may be a good idea to separate your streaming devices and your regular devices based on function and also by creating a separate VLANs for them.

He said sometimes it can improve network performance and redundancy?

all of my IoT stuff goes on my IoT VLAN

it improves security and shit

https://pcmr.rocks/7c32ac6836.png

Performance, maybe, if you setup QoS properly. Redundancy, not unless you dual home (connect to two separate switches) everything

It makes sense, why should your Amazon Alex(On VLAN IOT) be talking to your wireless devices on VLAN(X)?

in the real world its QoS on nothing and use fat pipes with /22 for LAN access

😛

not joking.

lurick. im not joking.

it can work.

My professor said also it's a good idea to use ACLs.

i hate ACLs, use a firewall.

^

Sure, 6x 100Gb uplinks and 48x25Gb ports and you don't really need QoS