#networking

I don't think that's what I need.

you're right

one second

woah woah that's too hard

/s

I bet it's going to be a router and a cloud connection 😛

XD Yup, so simple now 😛

this is a real one i put out there in some office

dont ask

Home office? 😛

its EXACTLY what pol needs

yes

a home office

not mine

I'm done with my diagram for today, I've been working on the stupid thing for like 3+ hours straight.

Seriously though, @thick minnow , you're definitely close with this now :)
Just need to add the hosts and AP and you're good

turn in my diagram, you'll be IT god to your prof

I have to work on my Programming 1 Homework now. Cya layer guys, thanks for the help! 😃

Later

i cant answer why its that way

but trust me, it was the only way

its an anal security team basically

I don't know why it be but it do, mhmmm

i drew this too

relevant to xeon's interests

fucking pol, turn this other one in too

you've got a damn datacenter now for your small biz

xD

@rocky badge this is how the NSA works

this is how you shut server people up when they blame your network

lol

@clear igloo most company too cheap

bonus points if someone can tell me whats happening in the diagram

i... i cant watch... when linus does network changes

I think I understand why networking was so easy for me to learn. I had problems with my own home network that I wanted to solve but it required some knowledge of all the layers and why things are configured as they are. I could quickly apply it to real world at home right after school, which is pretty awesome.

.... now if only Trig math were the same. it's so hard to work with theory and not having a need to use any of the trig math in daily life

I often feel the opposite. I learn the theory really well but it’s hard to wrap my head around concrete examples

@little schooner
I didn't find trig hard, but I use 3d quadratics at work daily.
Networks on the other hand, I love. They calm me down. (When they're configured right)...

@covert ibex I feel like I am doing terrible in it. I have a 78%

But on the bright side, the sections we are covering now have easy identifiable patterns that help me find the correct answer. I just need to do well enough to get the passing grade for the credit and then NO MORE MATH :D

When would it be appropriate to use DHCP server role on windows server vs. letting a router/firewall handle DHCP? Is it when high availability is needed?

Think it's more to do with if you want to authenticate DHCP with AD, as most routers don't accommodate that

And kerebos. Right?...

oh.

I guess so.

It turns out that I was paying too much for my tv/internet bundle, so I decided instead of lowering the monthly cost to upgrade to gigabit fiber for the same price I was already paying. I was wondering if typical devices such as amazon echo dot, ps4, ps3, and smart tv''s will be able to improve (coming from 350 Mb/s down - 24 Mb/s up

So, pi-hole up and running, what else can I set up with these two extra rpi's.

@little schooner practicing also make me learn better

maybe some docker containers @covert ibex :/

Dat xeon

It's for centralized management

It's too annoying to mess with DHCP on multiple devices

You can build redundancy in, but if your local site is offline anyway, DHCP on local device doesn't matter

Believe it or not, DHCP is almost never managed by network people at large companies

It's managed by the people who run the dns servers, usually AD team

Most of the time it's Windows server DHCP. Some of the time it's dhcpd on a Linux box

There's no "authentication with DHCP" that I know of anyway

There is only DHCP trusted ports

It's either 802.1x or nothing. Usually people don't authenticate lan, but they use certs tied to your AD account for wlan so there's no keys to manage

I'll walk back what I said, there are NAC appliances to profile devices if you don't use 802.1x, but I hate those things

@covert ibex Hassio + home assistant

@clear igloo you dont like diagram #2?

Needs more VxLAN and Segment Routing

thats not the point of it tho

The point is always to make it more complex

the point is to tap the links

Ah, that one

Yah, needs more taps 😃

teaching the LTT community how its done

it could be a video

Linus would just drop all the taps

have you used these systems before?

No dedicated taps, no

why do you think the taps have vlan ID's next to them?

To tag the streams

see, you iz smart

you see it when you download the packetz

helps blame the IPS

Haha

IPS is not managed by me, i will blame it all day long

Yah, I don't get to do that in the lab 😦

shits expensive, i dont have it in my lab either... i do have the capture appliance but no taps and i can only span switches i run fiber to... only two spans at a time

RSPAN is difficult with some of the situations i need to test

Yah, RSPAN can be a pain

if i think a VPC is fucking up, i dont want to send an RSPAN through that vpc

😄

Exactly, I prefer SPAN direct to Spirent if at all possible from the problem device

maybe xeon can turn in my diagram

extra credit

pol got scared of it 😦

even though its a perfect office network with datacenter

xD

😛

why the dual port channels?

VRFs.

anal sec team

one VRF needs to leave the building but not allowed to talk to primary vrf

Why not just sub-interface and do per-vrf? Just because they scared?

i think there was a limitation somewhere and i just dont remember

it was a while ago

Ah, makes sense then

ASAs are tricky bastards

oh i remember

no limitation, it was a bandwidth concern

for local<->local communication

there was a few things the two vrfs did share

Just need more links, duh

Yah, bandwidth can be a definite concern

we didnt want a single gig link to basically loop traffic around

i hated this design more than you probably do

so many failure points

complex for NOC to troubleshoot

the company made the decision they wanted ASAs + firepower to filter all traffic between VRFs and etc

they also got hit hard by the clock issue

ordered a ton of ASAs, they were all affected

the second you put a VRF in, 90% of NOC people = RIP

Ooo, I remember that one

o_o

@little schooner firepower can kiss my ass

@waxen scroll Firepower couldn't manage to kiss it's own ass 😛

Can anyone tell me where to find the default webpage html file for apache2

/var/www

Found it already by but thx anyways

Now onto the next annoying thing

SElinux enforcing

selinux disable

It must be on

So somehow i gotta allow 2 more indexes

But i cannot figure out how

Changed the IP addressing scheme for the local subnet to be using a class C Address.

Does it look ok so far?

@thick minnow Yup, looks perfect

where did 1.1 go

Should it be /24 instead of /30?

Does the diagram make sense?

the way you have it in the diagram wont work

@clear igloo fix your lies

lol, what lies?

you said that would work

I said the bottom part would work, I saw nothing for the top part

ouch

as a man, you should take responsibility

I did, I take responsibility for what I saw 😛

So I use /24 then for the ISP and the Firewall Public IP?

Yes?

@clear igloo @waxen scroll Thoughts?

ISP and Firewall Public are fine as /30

Firewall private to router needs a /30 too

So the private Firewall IP needs to end in /30?

Can the router private IP stay /24 or does it need to be /30?

The router needs two IP addresses on different subnets. One facing the switch and the other facing the firewall

Well the wired network is using a Class C/24 subnet, does that mean that I can't use /24 from the private router IP to the private Firewall IP?

You could use a /8 between Router <---> Firewall inside if you wanted but you need a different subnet that doesn't overlap with the router interface going to the wired network

So what do I need to change then exactly?

Sorry if I'm dumb about this.

You need to change Firewall Private IP to 192.168.0.1/30, ADD a Router IP (facing the firewall) of 192.168.0.2/30, change the Router IP (facing the wired network) to 192.168.1.1/24

Seems simple enough, I'll do that and send another screenshot so you can confirm that it correct.

The only thing to remember, you're going to need to correct the default gateway IP on the AP to end in 1.1 from 1.2

It does have 1.2

Oh I see.

lmao

So the router will have two IP's one private and one public? The private one will be 192.168.1.1/24 and the public one be 192.168.1.2/30?

almost, the public one that faces the firewall will be 192.168.0.2/30

But should I label it as "Public IP" for the router? Is that correct?

No, it would still be private

So the router will have two IP's that are private?

Yes

That's confusing to me, how would I label that correctly?

Firewall link is what I would call it

Does this make sense/work?

Firewall link (Private IP) is wrong

So is the private Firewall IP itself is wrong?,or is the the Firewall Link IP wrong?

Just the private firewall ip/subnet is wrong, firewall link is right

I just hope my professor will be able to understand it.

Should I have called it External IP?

Nah

What should I call it then?

Just IP?

Inside IP or Private IP would work

Should I also label the router's private IP as "Internal IP"?

Or just private?

I wan't my label's to make sense you know?

If it were me I would just call it To Firewall

???

It's the routers private IP for the /24 subnet?

Oh, the IP facing the wired network?

Yes

Then Internal IP makes sense

ok

Updated IP's

Thoughts?

That works

So double NAT then.

Ok, I think I can figure out the rest.

Also, you're not allowed to use 1.0.0.0/8

I'm not?

In a homework assignment you're allowed to use whatever you want

yeah dooley COME AT ME

🚔 BUCKLE UP @waxen scroll

True, the homework instructions did not specify what IP or subnet's I should be using.

ciscos ASA examples tell you to use 1.1.1.1 for ASA peer links

🏃 💨 🚓 💨 💨

The internet police are here, run @waxen scroll

😛

@waxen scroll Cisco's squatting on Cloudflare then.

cisco was there first

So do I need to change anything or is what I have ok? Look, honestly if it makes sense and it would work in a theoretical network than that is good enough for me.

I just want to finish this stupid project assignment and submit it.

Yah, it works 😃

K done, I’ll handle the addressing for for rest of the components and and then I’ll write up a report and send it in.

Thanks for the help guys.

Let us know how many A+ marks you get 😛

I doubt I’ll get an A+, hopefully a B+ or B- though.

The real challenge will be explaining my network logic in the report.

lol

At this point I just want to submit it and get it over with.

if you submitted my diagram it would have been A+

Alpha Plus

alpha AF

The one with Government connected networks and crap?

lol

No, it would probably have a reverse effect, my professor would probably get salty and have ME teach the rest of class.

lmao

https://www.reddit.com/r/ThatPeelingFeeling/comments/b4m7dg/some_more_datacenter_peeling_we_missed_originally/

@waxen scroll
And the bonuses of running a hassio are....

Does my completed diagram make sense? @waxen scroll

@thick minnow looks great

Ok good, working on my Project Desc now.

@thick minnow That diagram looks good to me

Thank you.

I'll review it one final time tomorrow before I submit it.

Hi, I'm trying to find a good but cheap Router or Access Point. Just to replace the ISP provided Fiber/Router/Access Point because it's vulnerable to get hacked.

@hardy kestrel What's the budget and what exactly do you need?

Under $100 (Good brand)

An Access Point

Our Router/Fiber Modem...thing/Access Point is vulnerable to get hacked (by using it's name and decode the SSID or something)

Ubiquiti edgerouter x

@hardy kestrel https://mikrotik.com/product/hap_ac2 look good?

There's also this - Same chipset and price, but blends in and actually mounts on a wall or roof.

https://mikrotik.com/product/cap_ac

hi guys! looking for server advice. is this the right channel or is there a better one?

Generally it'd go in #public-chat or #tech-support, depending on the nature of the question.

That said, we deal with servers too.

i might be able to answer you riddles too

i wanted to hear your opinion on intel vs amd in the server space. my company is looking at purchasing new servers which have to support a bunch of virtual machines. we are looking at an offer of two hp proliant dl360 gen 9 servers with two intel xeon scalable 8core cpus at a price point of about 6 or 7k€. i had a look at the amd version of the server and the price for the base model was 1.6k with 32G ram and 24 cores whereas the price of the intel base model with 12C and 32G ram was already 3.2k€. the other features where more or less the same as far as i could see. this looks to good to be true tbh and i wanted to ask if someone has experience with epyc servers and how they compare to intel

btw i m talkingn about the HPE ProLiant DL360 Gen10 5118 vs the HPE ProLiant DL325 Gen10 7401P both single processor units. the offer we received was 2x8C

Ah. You said Gen 9 originally.

yeah the offer we got was a gen9

i was comparing the servers on hpes webstore

gen 9 is already selling on ebay for cheap

ok good call looks like they offered us an older variant to save cost on our side

the offer we got was far from the base model btw

these days, smaller companies like gigabyte are making such crazy things for appealing prices, especially with amd ...

i wanted to compare the price of the intel and the amd variant. i suppose the extras on both will cost roughly the same

(we are kind of sponsored by hp. dunno if they would give us the servers for free but worth a try. thanks for the tip though)

What kind of work are the VMs doing?

they have to handle the infrastructure of the building. no big number crunching intended. we have a windows server for our cctv system, one for our ad connect. a few linux machines for domain controllers, internal gitlab, dhcp server, dns server and so on. we are also intending to introduce a smb share for our members later on. i was thinking of expanding the servers with a fiberchannel enclosure when that time comes

What's the limitations on your current hypervisors, if present?

Is CPU presently a concern?

so maybe have a dual socket version for redundancy ?

I don't think using a modern AMD processor would negatively impact your workload, based on your descriptions.

we are using esxi. by the time we buy the servers we will most probably buy the enterprise version. we are currently running on free

Dual sockets don't offer redundancy in this scenario.

the test system we are currently using is an old gen7 and it doesent break a sweat. however the system is not yet under any considerable load

How many cameras, approx. users?

cameras: about 25-50 (not my department)
users: depends. we think about transfering our identity store from auth0 to ad because of serveral sso reasons. at that time we would have to look at improving our hosting method for that service too but that lies in the future. and i have someone on hand who is experienced with that kind of stuff

locally about 25-300 depends on the day. the ad is also used for wpa-e and 802.1X auth

the cisco ise is btw also a vm on there

tbh i've no experience with esxi on epyc, i'm not aware of any flaws or other driver issues with these processors :/

Assuming all other elements are identical bar price and processor, I can't see a reason not to go for the AMD system. Just make sure you've got enough IO for your cameras and users.

i want to connect the servers with at least 20G to our network which is probably more than enough ^^

Is your plan to split the work between the two servers or for redundancy?

that's what i wanted to ask :/

yes it is

Sorry, which?

yep i'm splitting the workload on two servers

and each one gets 20G

Because if the savings allow for an additional server for failover that might be wise, based on how much stuff's going on.

• if this for a whole building, you cant imagine everyone being forced to stop what they were doing ...

yeah i want at least two identical servers. if the savings allow for a third that would be nice but i srsly doubt that

Absolutely. Imagine that one of the servers goes up in flames a month after deployment.

e.g If an app on one relied on a DB on the other, you've lost the capabilities of both.

the initial offer had two servers in it and i would never go for just one

that would be srsly irresponsible

I'm suggesting that you plan around failure and maintain capacity to tolerate it.

It sounds like these servers will basically run your business.

definitely. as said i would love tripple redundancy but i doubt i would get the budget for that. we have however a 1G connection to the nearest hosting center which i will try to use as emergency solution

Oh - And budget in backups and backup testing if they aren't in there already.

yep they basicly do. our employees use onedrive (dont ask) which would work without the servers but as soon as we migrate the dhcp onto there we are basically screwed if things go south

i will. any suggestions on good backup services?

Nah. You can run a DHCP server for a network of that size on basically anything.

good backup services How much data?

yeah but the wifi auth is dependent on the cisco ise wich runs on the servers and the active directory which also runs on the servers

we would have to reactivate the internal dhcp of the cisco appliances and revert back to a preshared key environment and deactivate 802.1X auth

also as soon as we integrate cisco dna fabric i dont want to think about what we would have to do to get networking back without the servers

Not desirable, but that's why you plan around ensuring that it shouldn't ever be necessary.

yep

So how much data did you need to back up?

how much data: at the moment about 500GB but that will increase drastically as soon as we offer cloud access for our members

How much are you planning for?

10-15GB for each member wich would mean 3TB at the moment. I dont know how much we would be talking about when we actually launch that service. 50TB maybe

Reckon much of it would be duplicated between different users?

We'll assume not and that 3TB would be the amount you'd need to save.

Thinking about your users, would much of it change after uploading?

If you backed up daily would more than 100GB change for all users?

probably

i dont think so

i really doubt that someone would be able to change more then 100GB of cad files in one day

that would be srsly impressive

also we are partnered with autodesk which means much of our cad files lie in the autodesk clould anyway

but does your entire pool of users change more than 100gb /day ?

^

How far back do you need backups to go?

And how fast do you need everything to be recovered?

probably not. if we observe a severe increase in traffic after lauching the service we will adjust but at the moment we are not looking at anything serverly demanding

what are the best practices in your experience?

It's really dependent on the company's needs and the value of your data.

It's possible you'd need to discuss that with others in your company to come to a decision.

in france, legal stuff must be kept 5years, but production data can be erased every week and replaced with newer data but if you are treating patented tech, thi shoud last as long as the patent is available ...

as rapid as our internal data changes i think two to three months should be enough. if the user data takes a few hours to recover it wouldnt be a big deal, the company data should be back in two to three hours max

as meagus said, it maybe a wise decision to ask your boss for that kind of stuff

i definitely will

Moving 3TB of data from the internet on a gigabit connection would take nearly 7 hours.

And that's assuming you have the connection basically to yourself.

the user data would be cohosted in a data center so if our servers cannot handle something or their data is not the newest version the other ones take over. at least in theory. as said we have more current problems

So you have planned failover to that DC.

so thats something i want the servers to be ready for but not something i will plan every detail of yet

yes i have. not yet but by the time we switch to it as primary id source

btw i have to go in a few mins

I would encourage getting your disaster recovery stuff planned while you get your capacity planning sorted.

They kinda fit into each other and there's nothing like leaving DR until it's too late.

yep i know. look like it would be a good idea to make a roadmap for the next few months to also get the data hosting sorted to be able to fit that into our recovery plan

I also have to leave, but please keep that in mind.

i will. backup strategy is one of my biggest points at the moment anyway

by and thx for the help

backup strategy is so costly wish it was more affordable

I can't just spend double the money on exact systems

I want my servers to have an 10.0.0.1 IP, but still want to be able to access them via my normal network, is tis possible? 😃

Probably though I am slightly confused by what you mean. It would be doable with some static routes

Well I have a server, but I would like to ave server IP's to be in the /8 subnet, not the /24 one of the default network

Yea, that's possible. Just need to add an interface route to that /8 on your router and then an interface route to the /24 on the server. Not all routers support interface routes if they are consumer ones so you might have to also assign the server an ip from the /24 and then static route the /8 to it.

How should I do that? lol

Like, I currently run proxmox

and on proxmox I have a container

which I'd like to have in the /8

but when I set a static ip (10.0.0.1) then I don't have internet access

It's kind of hard to describe how to do it because it's different depending on the exact setup. Is there any reason why you want them in that other subnet rather than the existing one

I think it's cleaner to me, to have servers with a different subnet and IP-range, so normal devices are 192.168.x.x, and servers are then 10.0.0.x

Now I solve this by setting up static IP's for the servers (the MAIN servers) with 192.168.x.2xx and the CT's with 192.168.x.1xx

But that's kinda meh

It is possible but requires a bit of routing. I can't exactly explain what to do because most consumer routers are very different and may not even be able to do this. You basically just have to add an interface route on the router for the /8 and an interface route for the /24 on the server. On Linux it is easy to do sudo ip route add 192.168.0.0/24 dev eth0 or whatever the prefix and interface are

Does anyone know what could cause File Explorer to hang if it's unable to reach a file server's mapped drive? Is it normal behavior to wait like 15-20 seconds (when fileserver is down) before file explorer begins to be usable again?

if you're actively trying to hit the down mapped drive, ive seen it happen

@waxen scroll is there no clear cause to why it happens in real environment and not the VM one? in the VM environment, it immediately returns control to me saying the share is unavailable

I can't believe I still haven't solved this issue yet it's been more than a year and a half

dunno. wireshark it. i assume its TCP connection delay doing it. so why is the VM giving up in seconds when it should be waiting like 30

believe its 3 TCP failures before it gives up

maybe the VM is getting some kind of signal

like nothing exists on this port, or this IP

I'll have to do that because the VM does the behavior I want

@thick minnow
Double check the second router has DHCP and DNS blank.
Other option is to set the PS4 as a DMZ on the modem/router if it has the ability to.

https://github.com/jankais3r/DNoiSe

@unreal wedge hey that's pretty cool

well hes 1 for 2

lol

@waxen scroll you need to lookup Comcast.

Fucking US ISPs are legally allowed to sell your data.

@thick minnow did you try reboot both devices after making the changes?

make sure they have latest firmware

Also, try evading the filter again.

let me ask you this then. what are you accomplishing? at the end of the day you're getting served ads, it can either be completely irrelevant or it can be somewhat relevant. if you are trying to hide your activity, putting noise in it does no good, they still have the log

wait what

@waxen scroll that's what you think

its just a waste of bandwidth and resources

that's cute

that wasnt a filter evasion, i type it that way

not my fault the filter doesnt account for it

It's filter evasion.

its not.

@thick minnow I'm not sure if firewall rules are blocking certain outgoing ports too

Lemme grab momo.

I know some combo routers do that

even in bridge mode which is weird

I'm not sure what it could be since setting up PPPoE correctly would just make it work like it was

still one NAT

I suggest plugging eth cable into modem with a laptop

to see if you can discover and login to it

right. Might be some bridge mode trickery or something

what router did you get?

oh okay. yeah that wouldn't be blocking outgoing ports

hmm hmmm....

ps4 doesn't have static IP and info right?

can the ps4 at least ping an ip

like 8.8.8.8

make sure the details are correct. maybe try another dns server too, like 1.1.1.1

@unreal wedge
Typeerror: "List indices must be integers, not str"

@covert ibex what

You're probably running under the wrong version of Python.

Dies apparently at the first "for a in parsed_all_queries"
Put in an issue on the page.
Might as well talk with the dev.

is dooley the dev?

Don't think so.
Sorted it out with the dev.

Dang Dev Dooley

You talking mad shit for someone within Dooley Distance.

kek.

So in networking lab today, I had to group up with a few people and we had to Telnet into and see the running configuration of an older Cisco Layer 3 switch.

In the lab room there were four switches that were connected together, and the task was to basically have the switches to be able to communicate with each other.

Mind you we also had to setup a VLAN and route it so it could to communicate to the other switches that had their own VLAN’s.

We didn’t get to finish lab project entirely yet today, however next week hopefully the class as a whole will finish it.

wat

you got this bro

thats a 2min job

i hated group labs

lol

when my part was done i cant just leave

everyone else got to finish

@waxen scroll You're supposed to help the others finish 😛

nope

thats why groups were formed

my group finishes in like 5min, the rest have to finish theirs

does no good if they arent left to figure it out

part of working IT is to learn how to think

Agreed. You gotta stress them brain cells sometimes 😃

you pay me $100k cause i can go to google and get the answer in seconds, but others get paid $40k cause it takes them all day to google

They also pay you because you sound confident when you say it

i know a guy, and it still pisses me off today, who can google a topic for 10min and then talk in person like hes known for years

you'd think he'd been deploying that config for years

Yah, I've met a couple people like that. They absorb everything so quickly

and when i start getting stumped, you know its fucked

even with google

thanks lurick and TAC

XD

I haven't really worked in the field for $ yet, just interned or volunteered, so I don't know what to expect.

It's a mixed bag

I highly suggest global company

Over 30,000 users

I'm not about small medium business

Eek

at a small biz you'll be the network admin alright

90% AD

😄

@clear igloo thots?

@little schooner theres many tiers of network person at a large company

strive to be #1 ok? 😍

Network Tech 1 > Network Tech 2 > Network Tech 3 > Network Implementer 1 > Network Implementer 2 > Network Implementer 3 > Network Engineer 1 > Network Engineer 2 > Network Engineer 3 > Network Architect

2's can be senior but 3's are senior

for me i went Tech2>Tech3>Eng1>Eng2 in 5 years

working on architect

i do get to make some architect decisions but not everything

then within those ranks you have silos

For engineering: 10 people do route/switch for remote sites, 5 people do route/switch for datacenter, 10 people do wifi, 2-3 people do load balancers, 20 people do IT security of some sort

sometimes its even further siloed in the silo

of the 10 for remote site, 3 do WAN only and 7 do LAN only

your first reaction is "thats LAME, i want to touch everything and get experience!"

hold on there tiger, no you dont

its a disaster when you work for a company just small enough where the team is large but you wear all network hats

complete nightmare

its better to fall into a silo you enjoy and can focus on than it is to do it 30% of the time and have a bunch of crap to admin and fix that you dont care for

i prefer big picture stuff... WAN, datacenter, whatever

i hate small picture, like the LAN at a small local site

@waxen scroll
I'd say I'm tech 1, but there isn't anybody else here that knows what a switch is, so your call. :P

so those are mostly pay bands

the title is network tech

im just calling out they usually do 3 pay bands

Ok... 75k aud..
Or would you rather USD for comparison?

75 is likely a NT3

nm its a 2

i did the conversion

lol

Well, there you go.
Shame I'm qualified as a fitter and turner. :P

network tech is above help desk but they do the break/fix from escalated tickets

I've never had to deal with that side of things.

The ticket side anyway.

grats

i hate tickets xD

I've heard most people do.

luckily i havent had to do tickets in a while

if you make it to net engineer its no tickets at all unless a major outage

I was thinking of trying to get a job at a major telecom as a onsite tech..

i hear you pretty much have to

they make you start at the bottom

@thick minnow grade = ?

@waxen scroll gonna be a great day when the bot drops that tactical nuke.

i am a tier 1 and tier 2 tech

Hey

I have a question

Im just a teen experimenting with shit

And i want to get into WISP (wireless internet service provider)

And I was wondering: how do you limit mbps to a client?

the question I would have first, how do you get a connection to the internet

from a ISP?

Im not selling internet so it is fine with my isp

the objective is to only learn

so ye

you can't resell a normal ISP connection

im not selling anything

You can't share a normal ISP connection

wat

(im really dumb at this topic so please dont judge me XD)

Well if you just want to learn, unifi can actually limit per user bandwith, and most likely will be the cheapest option with a decent amount of features

oOooO thanks

Mikrotik also has some cheap options, and can be more powerfull I think, but I haven't used that one yet, though it looks interesting

ill go with Ubiquiti since im a bit more used to their interface

Also do you know how to create a vlan?

https://help.ubnt.com/hc/en-us/articles/204911354-UniFi-How-to-Set-Traffic-Bandwidth-Limits

Thanka

*thanks

vlans aren't really hard to set up with unifi, just google it, it should speak for itself

with TrendNet

and just play around with it, you can always reset the device if you lock yourself out

Thanks @zenith ridge :))\

No problem 😉

Mikrotiks are god-tier for WISP stuff.

@waxen scroll Grade for what?

diagram

As of now, it has not been graded yet by my professor.

However in class yesterday, quite a few of the other students didn’t even complete or start the project yet.

I was the only one stupid enough to worry about finishing it ahead of time.

I’m just glad I am done with it, because now I have to read the next chapter in the course about WANs.

does it make sense to have a ethernet uplink for all these other connections?

they have Sfp to ethernet

Why wouldn't you have an uplink?

@clear igloo why

@waxen scroll well that single cable can easily be bottlenecked if they were all downloading from a file server or something

but I guess this lab has no such thing so it's a non issue that it's just one cable doing the uplink

Needs... More... Zip ties..

Patch panel would help a lot as well

Or colored single cable management.

Pick a color, buy a box of them. Good for knowing "reds go to port X, greens to go port y"

you know whats better than that?

zip tie labels

one on each end

this university has a lot of cable organization to do then

also it doesn't make sense how they have this switch in the cabinet that anyone can simply unplug

the cabinet is unlocked for some reason

so defeating the purpose of securing it inside

that one uplink cable, if I were to remove it, would take out two labs worth of computers. each lab has about 14 or so PCs, based on the hostname (i guess)

rip Mac lab

I imagine the other room has a cabinet but I haven't been there. I would say this building is very old because the newer ones have it completely hidden

If this University can afford 14 Mac computers for a single computer lab, I think they can afford to have the IT guy do some cable management and implement better network redundancy.

IMO.

nahhh

universitys usually blow all their budget on macs then go "oops" later

i worked for a university once, network engineering

never again

the two industries i dont wanna work in again are education, hosting/datacenter

at some point ill work for a trading firm and im sure that will get added to the list after a few months

😛

sounds like xeon wants to work at university

I think I can take a picture of the Mac lab. omg you should the library though. They have dedicated Mac only sections and windows sections

like I've never seen so many expensive macs in my life in one place. The all in one units

I think it's just this building though because the updated ones have them all tidy and secured. Building is from 1918 I believe

dont work at university 😍

heh

now if we were talking about college, it was the typical Dell optiplex 780s

Only the graphics department got macs

uni is different with the $

theres no reason to have macs for graphics or video

you can make a small argument for audio, but not much

stupid that they keep buying them

They used this thunderbolt to fiber dongle for the network connections.

probably doing big file editing over network

I'm pretty sure it was 10gbps

@waxen scroll This was the parts list for the new workstations we're trying to get for a new networking security lab at a college I volunteer at

waaaaayyy back in the day all of the apps were mac exclusive. they arent anymore.

those specs are respectable for lab computers

I'm hoping they approve it

we're still waiting for answer

it came to be like... $1370

There are discounts it will drop more but we aren't aware of those yet

you should be aware of them

thats what the vendor does before they send the quote

I used an iMac a few times in my life before. I absolutely hated the Magic Mouse.

It was like legitimately a pain to use.

My hands would get cramps.

Just wait until those iMac systems break down, have fun sending them back to apple for repairs. Lol

@waxen scroll hmm I guess because I used the website configurator, it shows only the regular price for everyone. My professor called Dell and then talked with them about the order (maybe mentioning that our school uses Dell as a vendor for buying computer equipment, etc). That part of the discussion I guess business handles

my professor did submit the order to the dept responsible for buying it. But he said he gave up money management because he did not want legal trouble

otherwise, the money were using, most of it is grant money he netted for the school

I'm just a volunteer there lol

When i have fiber going to my router and that has a 1 Gbit connection. Can ethernet push that speed?
(i have the router in a different room and i want to have an ethernet cable going from that room to my room and connect to my pc. Just wondering if that cable will be able to push 1Gbit)

You mean you have gigabit internet? Yes, gigabit ethernet can handle the full traffic of gigabit internet.

yeey thanks a bunch. yeah i meant gigabit

As long as it's Cate 5E or a higher standard.

Don't confuse it with Cat 5, you will only be able to handle 100 mbit/s

The electrician who will install it said something about cathegory 6 ethernet cable

@hardy lantern Cat 5E can handle 1gbps. CAT6 handles 10gbps over short distance. CAT6A handles 10gbps over the traditional length limit of ethernet cable.

which is about 100meters

then there is also cat7

🤷 ill let my electrician do the job ahha im too stupid for all this

fiber is just another way of internet its good for incredible long distances

but most people just use rj45 ethernet

fiber is really only used in data centers and some businesses

I use it for my home lab

Breaks in the the street box of his ISP and runs his own fiber line

lmao

Yeah my electrician told me i shouldnt have fiber from my switch to my pc since my pc doesnt have an input for a fiber cable. And that the ethernet cable could push 1gig uup and down already

I tip my fedora to you good gentilesir

@hardy lantern I think he also forget to mention that fiber has very low latency compared to ethernet, but for home use, the benefit makes no sense for the extra cost.

latency means ping right? (but i already get 1-2ms)

@hardy lantern that low of ping is usually to your local network

ping is higher for farther targets

wdym?

fiber could make that low of a ping possible over longer distances

there is more overhead with ethernet that would increase latency times

light travels faster than electrical signals

Ping is a tool for measuring latency, often built into games for testing latency to servers. Your ping to a close by server is very low, like the 1-2ms you see, but, regardless of what connection you have, it would probably be over 100ms to cross an ocean like America to Europe or the other direction.

one way a war could start would simply be to attack the underwater cables that connect the countries

but it would be pretty easy to know who did that

hasnt russia been accused multiple times to have their nuclear subs close to those cables?

Over WI-FI, makes me happy

@spice ledge for some reason my devices could never transfer that fast

what device are you using?

perhaps it's because I'm not on the same vlan when I do my speed tests

idk I run fiber in my house and the cost is not that bad to manage, and I get pretty good ms to speed test servers 50 miles away from me https://www.speedtest.net/result/d/4755b07c-306f-42f3-9f04-f7a3ee9b5853.png

omg yes that's the latency fiber benefits from

iPhone 6s with a UBNT nano HD AP

yes yes yes

oh the Nano HD?

ahh mine are the uap ac

Just a moment

the Nanos are much faster yeah

I mean sure the 10gb switch was 8g but you don't need a 48 port switch, you can easly get away with a small mikrotik

https://unifi-nanohd.ui.com/

@chrome hound I agree

and lets be clear here I got the switch for free so my cost to entry is pretty awesome for 10gb to my desktop

Ya my gear not 10g but it’s for my house, really don’t need 10g

I used to say that lol

but man I will never go back tosub 10gb internet, I am not coming close to 10gb traffic, but I have to say not having any bottle necks on my side of the traffic is nice and I never have lag issues related to the kids netflix and what not

Also I was doing a WI-FI test pear to pear in my networ

I never have lag issues either but I got the good cox ISP that actually works right

I am fiber all the way to the peering points

P.S. internet speed is only 100d 20u

but latency is still only “<1ms”

If Ethernet is a layer 2 concept, why does Xeon call copper "Ethernet" and fiber "fiber"?

🤔

I guess im used to seeing ethernet used a lot with copper xD

thats layer 1 difference I am aware

I have to admit though its been a while since I've read networking stuff since my certification studies

some of the things i cant remember

luckily I can still maintain it with the subset of gear i have at home

Most fiber solutions still use Ethernet though some don’t

Ethernet is actually two thing, the Layer 1 standard, and the Layer 2 frame

Both the copper and fiber (and some other crazy stuff) are in the Layer 1 standard but you can use the Layer 2 frame type in other Layer 1s though not as common unless you count a tunnel like TEoGRE (GRETAP) as the Layer 1 which carries the Layer 2 Ethernet Frame

Correction: The Layer 2 frame is the Ethernet II frame. We don’t use Ethernet I anymore though they are somewhat compatible

I think this is supposed to go here, I copied my message in #public-chat:
Question, I was at the IT of my school and I was asking if they had space in their server room. They said it is unlikely I can place a server for a school project there because of 2 things:

1. Interference because of same services in same network
2. Their servers are in the same subnet and have sensitive data.

Is there a way that they could isolate my server from accessing other servers in the subnet but still be able to access the internet? My school uses cisco for networking and windows server for dhcp

@ me

@modern forge ask if you can make a vlan in the subnet for your server?

I will need to ask the IT of my school tomorrow about that

Let me google

@modern forge A simple VACL would do the trick to isolate a host from accessing other hosts but the fact that they make it sound like none of the servers are properly protected to begin with makes me worry =/

they do

Nerd.

Servers have own subnet, school pcs have own subnet, and all personal stuff like phones and laptops have own subnet

I read it wrong which made it seem like they had sensitive and unprotected data on the servers, whoops 😃

But if I put my own server in the server room it will be in the same subnet as the other servers

Why do you need it to be in their server room to begin with?

Bc I don't have really anywhere else to put a server

And there it'll be able to run 24/7

at my home not, bc my parents won't allow it

I will ask them tomorrow if they can do that (vlan/vacl)

Just wanted to know if it was possible
(Dooley, pls don't be mad if you see this)

It's not as easy as just plug the server in and it's got internet and you can access it from the internet. Your server has to be properly secured and locked down, the network needs to block any traffic to/from that server from accessing anything else on the network, you need to prove that all your apps on the server are up to date and not vulnerable and they would have to punch a hole, or multiple holes in the firewall to allow access to a server from the internet and serve content on it which can be a huge no-no in just about any environment unless proper justification is given and access it maintained

All of that can be done but it takes time and proper management of everything to ensure it's all safe

Yeah, I understand. If I get permission of the IT I'll of course make sure if it's all safe. Like if it's on my home network I don't necessary care, but like at a school it's pretty important. And I know the IT of my school pretty well and the person I was talking to today also said if I need help I can ask them.

It’s possible that if you just needed the services to be accessed from inside the school and not the internet that it could be put on the same VLAN/subnet as the client computers. Even without port forwarding, you could access the server through VPNs that can traverse NAT like ZeroTier

Yah, if its a local need then that's easier to deal with access but if you need internet access then I would say you just need to be even more security conscious since if you mess up and leave a critical service vulnerable then things can go south fast. Not to say "OMG H4x0rz" but common services need to be locked down and secured at a minimum because there are bots out there scanning and if they find a nice open service they'll quickly try to attack it. There are caveats behind all that but just one more thing to keep in mind 😃

Yea. If it was me, as someone who knows about networking, I would ask for just standard internet access, no need for a public IP or port forwarding, then I would access through my ZeroTier mesh, either by exposing ports on one of my VPSs or directly connecting from my phone/laptop.

In the realm of networking anything is possible with the right equipment, like with my UniFi gear I can make every port on my switch have a different vlan very easily.

Fiber Ethernet vs Copper Ethernet is very similar

But DOCSIS is really bad

Light works via the electromagnetic force and copper uses electricity which works via electric fields which work via the electromagnetic force. So the latency is all the quality of cable and protocol. Even GPON is slower than Ethernet but not as bad as DCOSIS or DSL. I have no idea what Xeon is talking about there.

@fresh copper I guess what I was trying to say is, instead of having to buy expensive sfp modules for a home network that is already using docsis and not FTTH internet, having an internal fiber network wouldn't reduce latency because of the isp connection

also local network latencies are already low as it is no more than 1 or 2ms for all local targets in a home

that was I was trying to get at. there would be no benefit because you need to further make additional changes at a higher cost vs. just buying copper ethernet copper that is basically universal in availability on all sorts of motherboards and devices

thats a fire hazard

remove that top bin at minimum

There would be no benefit to having an internal fiber network even if it was FTTH

more like 0.3ms

ICMP is a bullshit test

xD

Network monitor software for monitoring internet connection, uptime and downtime, and around 7 pc's?

Don't want to go full ham into something like nagios but do need something.

@covert ibex You'd need to run that on the router or central networking gear where everything connects to for it to be effective, or have a dedicated pfSense box capable of running said software. I use the built-in bandwidth monitoring that comes with AdvancedTomato firmware on my R7000 router. Ubiquiti Networks gear also has great management built into its' firmware too, if you're into their ecosystem.

Opnsense vs. Pfsense vs. Untangle. does it matter which one to use?

pfsense has a NAT that won't turn off easily

Pfsense has weird firewall issues where it sometimes ignores rules and blocks traffic anyway, sometime for non-existant rules. It also dislikes too many interfaces, especially too many IPSec interfaces. Opnsense has fewer plugins than Pfsense but does have a ZeroTier plugin which Pfsense does not. It also is pretty much unable to make IPSec connections though it works on occasion. Never used Untangle so I can’t comment

randomly I have been seeing video descriptions that mention them, that why I bring it up. they show under suggestions for some reason after watching gamer nexus and linuses channel

@ornate jungle
The router/modem that the network uses is a Huawei ar129.
And I have 0% faith in it whatsoever.

might as well leave the house keys on the front door mat too

It's also wan connected to the phone network they use.

Puzzled me today.. DSL line went down, it didn't wireless backup, it just rebooted itself.
Somebody was using a phone the whole time. I thought it would have dropped the connection, but nope.

And couldn't get an internet connection back for another 20 mins.

Yeah.... I have no idea how your particular DSL line works - normally I'd say put your modem in bridge mode and replace it with a semi-competent device, but you'll want to contact your ISP for help with this.

doesnt dsl use the concept of filters too for voice and data?

Usually, yes - DSL ISPs provide line filters to ... filter ... out data from voice signal, since normally your POTS is still analogue.

Question: I have a 150 150 internet from my ISP and with my phone wireless near the router I get 163 and 173 but when I run a test on my pc it gets 150 but when downloading anything anywhere it downloads at 22mbps

150mbit != 18.75mbyte - check the units of whatever you're downloading from - a megabit does not equal a megabyte.

??

@thick minnow where are you seeing the download speed from

task manager?

task manager will report it right for you

Speedtest.net

strange since speed test also shows speed in mbps

Speedtest.net usually reports in megabits - where are you seeing the 22 number? Steam?

Yes..

oh steam...

they do show MBps

don't they?

Mbps != MBps -- notice the capitalization - it absolutely matters

yes that's correct speed

Whats the difference between MBps and Mbps

https://www.quora.com/What-is-the-difference-between-Mbps-and-MBps

Mm

Ty

184 Mbps is great if you're paying for 150 mbps, and works out to 23 MBps so it makes sense if you see downloads top out at that speed. You'll want to check the units that the program reporting the download speed of 22-23 MBps is using - megabits or megabytes.

Would upgrading to 300mbps be worth it?

Depends on whether you need that speed or not, and whether your WiFi & WiFi devices can handle it. Bear in mind that speeds can never be guaranteed with WiFi, unless you install your WiFi AP / router / modem in a clean laboratory test environment.

@thick minnow if you can get 150 /150 synchronous I'd say you have a very great connection at 150

that's pretty fast

Indeed,

I wish I could get there

new isp is in town I want to get rid of Comcast

What speeds do you have.?

they are still building the lines though

We upgraded from 150 to 300 only because the discount I receive makes it worth it, but honestly, I'd rather have a symmetrical connection rather than the currently asymmetrical DOCSIS 3.0 cable connect we have now. I cannot wait for DOCSIS 3.1 full duplex.

I have 150/8

Well it’s only 20 bucks more a month to upgrade.

To 300 300

and the bill is 110

ish

I’m paying 95 CAD for unlimited data and 150/150

anything is better than Comcast

I want to get rid of them

115 CAD for unlimited data and 300/300

Telus, or another DSL ISP in Canadia land?

Telus

Shaw sucked.

Nice, see we technically can't even get faster than about 90mbps where I live, despite Telus sales reps claiming they have fibre in our area. LOL nope

Your in canada?

I assume then

Yes, fellow western Canadian here. To be fair, all ISPs suck... a little... in their own way. It's actually not Telus service that prevents me from using them, it's their call centres all being overseas. I refuse to deal with that. Period. Fullstop.
And it has nothing to do with culture, or race, or any of that - myself, the customer, should never have to ask to be transferred to a Canadian call centre because 1) I want to support Canadian wages and 2) I genuinely cannot understand the person on the other end of the phone (and they can't understand me.)

Mhm.

I straight up no longer help my neighbors with their services since they switched to Telus, again, not because I don't love helping the neighborhood in exchange for baked goods or IT client cash moolah, but because I will not under any circumstances call Telus for them. I'll go power cycle & factory reset their equipment, but then I'm done. Full stop. At least with Shaw I know almost all the call centres are in Nanaimo, Vancouver, or Winnipeg.
That being said, I really wish we had more competition and lobbying from the CRTC to regulate pricing for the minimum Internet package, similarly to how we have a minimum $25 TV package that all providers MUST offer by law. Speeds might only be 30mbps down & 3mbps up, but at least those on a tight budget know what they can afford to pay over say a 5 year period.

Do you have other options than Telus or Shaw in your area Soctt?

Yes, but they aren’t very popular company’s and their plans suck compared to shaw and telus.

I’m likely going to go play some VR. See you!

Thanks for the information!

I have pretty nice wifi
nearly 500mbps down and often over 400mbps up

@ornate jungle @little schooner I know I'm being a super-pedant, but the term for having different upload and download speeds is asymmetrical, not asynchronous. The latter has an entirely different meaning.

it's official. the fastest internet speed in a private person home sector (non-company)

only in sweden

9 gigabit/down
8.5 gigabit/ up

Bad idea to have two piholes running?

@unreal wedge
Ok, so the only thing that's annoying me, is I don't know if dnoise is running on my pi or not.

Like, my best guess that it is, is running pstree gives me a line:
Cron-cron-sh-sh-python-4*[{python}]

And that's just a guess.
(Running it passthroughed another script to make sure other services have started and pi-hole creates a log file so I definitely know FTL started and stayed running, and a few other important to me things running.)

GitHub should really make it easier to get in contact with the creator of things..

@covert ibex Can I just ask what you'd need two piholes for?

@dusty star
Incase one dies?

Oh yeah, that makes sense

I've got like.. 20 rpi's so.. it's not really a big issue.

Does PiHole have a failover mechanism though?

Not that I'm aware of.

Or do you just set the other one as a secondary DNS server in your router?

Yeah, primary and secondary

Okay

And a really badly designed macro trigger on my "fileserver" that if it drops connection completely, it manually logs onto the router, and changes the DNS settings off them if they both go down.

And by bad, I mean literal timed clicks, and keypresses.

Changing DNS servers on my router is a huuuuge pain...

Same.. now imagine recording the movements and writing scripts to do that..

Yeah, I can imagine... I'd never get myself to do that. Too much effort for too little result

I'd just set a third DNS server on my devices

like 1.1.1.1

Router can't do more than 2..

Yeah, neither can mine. I meant set another DNS server on like my PC and so on

It forces connections to DNS servers..
It's a horrible router..

Oh, that's annoying...

I've got a replacement to use, I just haven't bothered to pull the DSL settings and change it over.

I'm going to the primary data center tomorrow @little schooner

@clear igloo my coworker gave me 6 copper SFP for used in the lab!

We were low

Ah, hides the boxes of copper SFPs

Give. Me.

Muh N5k could use more

I've literally got 3 boxes stuffed full of 100G QSFP LR too >.>

I don't need that crap for a lab

Why not use 10G SFP+? 😛

I don't need 10g either. Only if troubleshooting prod

well, I'll ship you a few. Each SFP inside its own anti-static bag, inside a tube, inside a box, and then each box placed into a larger box 😄

U mad?

No, just annoyed when I get so much packaging for a few copper SFPs

All these people with home lab, and I'm here like yollloooo n7k, N5k, asr9k

Worth more than your house

Dexter's lab

lol

@unreal wedge

I'm not allowed to make connections in the lab... Technically

I do it sneaky

The data center team is supposed to

They do rack and stack, plus all cabling

But I'm not opening tickets for every cable move

lol, that feel when you can move your own cables freely 😄

It's a thing at many companies now

If you're not a DC tech or noc, no data center access allowed unless you open a ticket and potentially be escorted

I know, it makes sense from a security standpoint

It annoys the crap out of me

or a control standpoint so random people like me don't just go "shift cable from 1 to 2" 😄

I work here, my gear is in there, where's my access

I do have unlimited lab access

Is ProtonVPN good?

tunnelbear is good

We don't talk about tunnelbear on here @waxen scroll

you dont have the rights to do it

I would love a box of 10G SFP+ modules

How long do you need the runs to be? @fresh copper

Probably less than two meters though I might get one to another rack in the DC at some point. Seeing as I don’t have a box of 10G SFP+ modules, I’m probably best off just using DAC cables

ISDN Sample Topology.

Frame Relay Sample Topology.

ATM Virtual Circuits Sample Diagram.

MPLS Sample Topology.

i dunno why you're paying attention to frame relay

or ATM

MPLS is bae

i was annoyed that my classes didnt tell us about MPLS

I’m only sharing what I’ve been reading and learning about so far in my course.

I personally think it’s important to learn about the older WAN networking topologies and technologies in order to really appreciate how far we’ve come.

@thick minnow just wait until you attend change review board

@unreal wedge these young'ns dont know about CAB yet

its where ideas go to die

can i use a laptop as a router+modem ?

no

you can but dont

What he said. Totally possible but there are multiple reasons no to (mainly because hardware was not meant for it)

hmmm

the reason i want to do it is my router is shit + i have an old laptop (which is shit normally but would make a powerful router) that i don't use so i thought would be nice to use it as a router since it have better wifi than my router + 1gbps ethernet

can you link a guide for how to do it ?

also what are the reasons to not do it

@thick minnow
Better to sell the laptop and buy a router with the money.
The list of security reasons alone outweigh any benefit.

any idea about hm to sell a laptop with these specs for ?
i3 1st gen
2gb ram
1gbps ethernet
320gb hdd
720p screen

Country?

egypt

look at cragislist

we dont have that here 😐

Uh... If conversation rates are right.. around 750ish EGP.

so same laptop with i5 and 4gb of ram is 3000egp !!!

actually its a bit newer

but still thats way higher than i expected

the conversion rate is 1usd=18egp

(not really networking related atm.)
Enough to trade for a router though.

does raspberry pi make a good router?

From my experience with 20 of them, not really.

I would be surprised if you could get 1G with a laptop. Most laptops only have one Ethernet connection and you can’t get 1G over USB 2.0 or 3.0 though USB C maybe

I tested it and ... I didn’t get full 1g but I think it was around 500-600 mbps which is better than my routers 100mbps

But I just tested wifi and it’s maxed at 32mbps so ye doesn’t seem like it makes a great router

For those times you really need a poe line..

Whats the point of this? @covert ibex

Is it a router?

It seems like one

That looks like a wan port too

Doesn't make sense

Sup?

Hiiii

@clear igloo bad news. We have to run cable tray to get single mode fiber

$$$$

oooof

Whose gonna pay???

Not my team

You? 😄

@thick minnow get a older PC get a 4 port NIC and your good

Use pfsense

Omg @clear igloo my coworker just got two boxes of 100G sfp

Good 😄

For our new n9k

😘 😍

😛

Meanwhile I just put 9 copper SFP into the lab 5k

I'm hoarding

Hoard all the things!

Remind me again what SFP is?

Serial Flash Port?

¯_(ツ)_/¯

Super fiber port

😂

@thick minnow More like Seriously Flawed Product 😂

joking aside, I actually don't know off the top of my head since barely Cisco talked about it in the studies

it's a Google search away luckily =p

small form-factor pluggable (SFP

"(Small Form-factor Pluggable) A small transceiver that plugs into the SFP port of a network switch and connects to Fibre Channel and Gigabit Ethernet (GbE) optical fiber cables at the other end."

Basically it's modularity for flexibility then

I do think I read about it in chapter 2 or 3 of my course.

The one I saw in person was the picture I took earlier of the computer lab

where it was an sfp to ethernet

The uplink looked like it was going up to the ceiling and the Mac lab was on the other side of the room I was in

still that single point of failure cable is a disaster. Anyone can literally pull it out

True, redundancy is key.

I am still waiting for my teachers response about Business dept. giving us the Intel 8700 workstations we were supposed to get. Im curious if they will accept the proposal or not. It was my first time doing such a thing.

https://tenor.com/view/spongebob-technology-patrick-hung-gif-5567497

It's weird that we have to write proposal to use the money he earned by a grant

IDK how that works, just do what you have to do man.

Hopefully you'll get the equipment you need.

Should I start using buzz words with them to make it seem like it's worthwhile xD

You mean like hype it up? Like: "Powerful 4 Core processing power!" ?

IDK man, do whatever you want it's your proposal not mine.

My network devices have a Xeon in them

@clear igloo truth.

Cause ur using a old server as a router ?

Because a lot of networking gear uses server chips for control plane traffic dealings

ASICs deal with 99% of traffic but you have some control plane stuff and that control plane traffic is usually handled by a CPU, usually server grade chips like Xeon CPUs

Do you guys know if Watchguard or Fortigate is a good value for DNS entries in firewall rules?

or if there is a cheaper one that can also do line rate with that feature

Call both companies and run a POC with their sales people

^

many of them lie about being able to do line rate

lots of caveats and even when you do it exactly how they tell you, it still wont

ciscos also guilty

a good one... line rate until you turn on more than 1 feature!

at that point its just an access list firewall

but you paid $200,000

thats why you need to call sales and request a demo unit

then fire traffic at it yourself or hire a firm

the sales sharks are smart though, they prob wont give you one unless you're a well qualified buyer

👀 too many messages there, eh.

@waxen scroll Everyone knows you just scale to 10% of CPU and then multiply it by 10 to get 100% load 😄

yeah no

thanks for the advice

yes I am still new to all that stuff

@little schooner another LOL

sometimes line rate is only with the largest packet size possible

have a bunch of tiny ones? good luck

I received the supermicro TPM chip in the mail today. Now, I can implement the plan of powering down the server, after backups complete, to cut down on the energy bill.

With the chip, Bitlocker can unlock automatically without me having to input a passphrase. I'll make the local account passwords difficult so that in the event it gets stolen, they will most likely trip Secure Boot to bypass the account. I'll feel at ease because at least the data is encrypted and will require the long recovery key to unlock.

Kawaii

@unreal wedge omg kawaii.... LTT pins

Sup my networking peeps?

All the servers and gear is up

😛

That sounds very ONLINE to me.

Networks be like: network noises

Networks be like: 01110011 01101011 01111001 01101110 01100101 01110100 00100000 01110111 01101001 01101100 01101100 00100000 01110010 01101001 01110011 01100101

lurick~~

Very accurate.

School makes it very easy for someone to feel inferior, its so frustrating

It doesnt make sense how my networking degree requires so many non-core classes in order to complete it

;/

probably to meet some sort of minimum standard for accreditation

or you can go full alex jones and say "they just want you to pay more"

If you go to the UK, you do just your subject and nothing else in most places

Only because I feel like engineering technical writing is such a drag on me

You often get a degree faster too. Some offer 4 year programs to get a bachelors and masters

Thats really fast

wow

I only got 5 weeks left

It can't end soon enough omg

I was so close to freaking out when Visio randomly crashed on me in the middle of my network diagram....

then i remembered that I was saving every 3 minutes or so

disaster averted.

hey, I'm having some IP routing issues, can a few people traceroute 161.129.154.70 and send the result?

tons of providers offer BGP looking glasses and traceroute sites, maybe start there

@strange zealot there are tons of online routing sites that will show you routing details, but here you go:

Tracing route to 161-129-154-70.static.nexril.net [161.129.154.70]
over a maximum of 30 hops:

  1    <1 ms     1 ms    <1 ms  spACe.local [10.1.1.1]
  2     8 ms     7 ms     9 ms  70.66.xx.x
  3     9 ms     9 ms    11 ms  rd2cv-xxxxx-x.gv.shawcable.net [64.59.xxx.xxx]
  4    10 ms    11 ms     9 ms  rd1bb-tge0-4-3-0.no.shawcable.net [66.163.72.22]
  5    12 ms    12 ms    12 ms  rc1wt-be40.wa.shawcable.net [66.163.68.18]
  6    12 ms    11 ms    11 ms  100ge14-2.core1.sea1.he.net [206.81.80.40]
  7    16 ms    15 ms    15 ms  100ge11-1.core1.pdx1.he.net [184.105.64.138]
  8    40 ms    39 ms    57 ms  100ge10-1.core1.slc1.he.net [184.105.213.242]
  9    59 ms    58 ms    59 ms  100ge8-2.core1.den1.he.net [72.52.92.41]
 10    58 ms    58 ms    58 ms  100ge14-1.core1.mci3.he.net [184.105.64.50]
 11   112 ms    93 ms    96 ms  100ge10-2.core1.dal1.he.net [184.105.81.206]
 12    88 ms    87 ms    85 ms  hivelocity-ventures-corp.e0-11.switch3.dal2.he.net [216.66.79.226]
 13     *        *        *     Request timed out.
 14     *        *        *     Request timed out.
 15     *        *        *     Request timed out.

rip

paying $200/mo for this dedi and it doesn't work

@waxen scroll @clear igloo https://pcmr.rocks/u/422a412721.webm

pls explain this

my client is Gigabit, my server is 2 Gigabit, the drives on the server can do 600MB/s read and write, the drive on my client does 125MB/s read and write.

YET, Windows says 2.58GB/s

🤔

have some logic

my mac's logic is worse

caching?

you copied it multiple times

🤔

even on first try before I recorded it

it did 2.69GB/s

and does iSCSI even do caching?

do you have optane or something

no

dunno bro

that behavior is classic caching

so

just be happy its fast?

😛

Maybe it’s Windows being bad

i used to have a 1gb raid controller cache on mine

i dont screw with raid controllers in gaming PCs anymore

they're not really compatible

but they can work

thats straight from LSI/Avagos card designers mouth

had a long support case open

lol

the card wouldnt work unless it was on a specific firmware (nobody could explain why) and even then the raid bios GUI was flaky

tl;dr x8 raid card needs x8 slot. it can work in x16 but its not supported. SLI compatible systems have a different clock speed on the bus than a server and it can cause the raid CPU to act funny

theres my bad summary on what was discussed

i got into raid during the 1st - 2nd gen SSD boom

where you get like 6 of them and its stupid fast

but NVMe has made things so much better....