#networking

it has 2 passthrough

only hurtel it needs 802.3at PoE+

@waxen scroll why you hating on wireshark?

because the enterprise tools are way faster at narrowing down the problem visually instead of wireshark where you're looking at a shitload of packets and using ghetto methods to find your issue. for smaller issues where it happens right away and you know which of the 5 packets is the issue, wireshark is great

wireshark has filters

hurrrrrrrrrr durrrrrrrrrrrr

cute.

tcpdump the linux CLI tool can save pcap files which you can open in Wireshark

most of my honeypots which I have on cloud servers save pcaps for me

sounds pretty useless

why are you honeypotting public IPs on a public cloud? honeypots are for private networks

of fucking course your public IP server is gonna get scanned

next you're gonna tell me you're in infosec and manage the FW appliances but dont know how routing works

sorry... i know too many infosec people who would do all this crazy crap like public IP honeypot, overly cautious FW/IPS, go on and on about BS then not understand networking

😄

it didnt use to be an entry level career, but i think it is now

Our infosec is simple: if it's working, don't touch it until semester end

that way of thinking allows for shit like this in 2019

https://i.imgur.com/VowyA3W.png

China expose Telnet which was Botnet used for DDOS attacks

my honeypot use Telnet

So... what do we take from this?

You people are nuts and shouldn't be allowed to configure anything facing the internet. That's the takeaway.

Unless it's meant to be public, or it's secured with a large-ass RSA key (no passwords, only keys), it shouldn't be facing the public internet.

*and if it's meant to be public, it better not have access to anything not meant to be. </rant>

https://i.imgur.com/w1NUqcY.png

SSH Key Based auth mmmmmmmmmm

I've been using RSA key auth for years. Password auth disabled. Any key below 2048-bits is dead, 2048 isn't exactly perfect, and 4096 is nice, but may be antiquated soon if state-level processing reaches the next level Moore's law suggests, and it's usually fairly accurate.

Just got another group of phones that will be no longer used

• these

What are those thing ?

😂

Voip phones lol

We are replacing them with some headphones

@thick minnow I like how shodan shows stuff like that it makes a good preliminary stat gathering

@waxen scroll We have a public honeypot for behavior gathering and other such things, gets used in the computer science courses. Actually has nothing to do with our network security at all, 100% course material resource

@little schooner my honeypots show even more that shodan does not show 😃

shodan is nice to see what ports are getting scanned for

and I use that information to create honeypots

omg comcast increased the gigabit activation fee from $300 to $500 this month

Likely the lower price was for trial purposes.

they are getting shark hungry for money

i cant wait for local fiber isp to rollout next year

Well there's exactly two fixes. Proper competition. Or government regulation.

I would take proper competition

Good luck on getting either of those.

because government can be corrupted by lobbiysts

I'd love to talk about this, but it's not permitted here.

heh

I know

When an ISP runs fiber to the home, is it part of my home to include in selling price?

The fiber install?

So just cross it off the list really. Lots of things must change for improvements to happen, and I don't see that happening in either of our countries for many years.

The fiber's not going to go anywhere, obviously.

I'd include it as a feature, even if it remains ISP property.

So I dont have to worry about them ripping it back out?

That costs money and offers no benefit.

They might take their nice switch back if you're not inadvertently providing your street's networking.

Thats okay i guess

Local schools and parks don't "belong" to you, but you might list them when selling a house. Fast internet is not very different.

Makes sense

also this disappoints me the most

The cheapest one is 15 down, 2 up

then the next one is 60 down, 6 up

but that price jump

omg

We had shit like that here in Australia maybe 5 years ago.

Oof

Most don't even plug their phones in now, even if included.

Like basically they dont have a middle speed, say 25 mbps, that would be good for netflix

and be cheap

instead they want you to go all the way up

to 60 and pay a lot

Foxtel (basically the only game in townaustralia for cable) got too greedy.

greed is too contagious

also comcast started doing this

Well eventually it becomes so expensive that people stop seeing it around.

So people stop wanting it for themselves.

hmm

the more of a need for proper competition

Instant TV is basically streaming rights

but its only for internet only customers

Cable sans internet here with all packages is $140/month.

yeah thats basically murder

No streaming included.

12 month contract.

comcast does a lot of contracts now too

i am stuck for one more year

So nobody gets cable and frankly not much is lost.

My biggest problem is that its hard to replace cable when other options as just as expensive for less value

like its easy to find tv alts

but without fast speed

Few people were bitter because Foxtel buys up stuff like GoT, but the price to get it legitimately was high enough that everyone I know pirated it.

Now even that doesn't matter, Netflix is enough and anything else may as well not exist for most.

Couldn't have happened to a nicer company.

my sister binge watches so many things on netflix

she spent one weekend watching netflix all day

thats crazy to pull off

I get very random and unreliable internet speeds. I have to shape Netflix heavily for latency reasons.

yeah no one likes to see buffer or cutouts

It's presently shaped to 3mbps because that's about the slowest our connection gets.

Standard-def only, but frankly nobody else in the house cares.

how much does standard def content use

not much right? 2 mbps?

I'm amazed it works at all. Kudos to Netflix's engineers for pulling that off.

2mbps or so, but generally bursty.

By shaping it, I see a constant amount of usage.

the term bursty was overused in my cisco training material on QoS

The connection we have 40mbps one second, 3mbps the next, and Netflix will peak to use all of it and throw latency out up over a second.

yeah thats.... like a dramatic change

You can't do normal QoS on that, so sometimes you have to get a bit inventive.

Currently shopping around for a rental place of my own, might get 80mbps-ish in nicer places here.

omg luke is online for once

I'm never online

@waxen scroll

wot

@little schooner comcast tv service? behave.

that thing has like 5 different fees

i love when i try to call in to "cancel" internet and they try to layer a TV package on and in the end its only $10/m cheaper than the increased rate but it could have been way cheaper if the fees werent there

@clear igloo https://arubainstanton.com/

@waxen scroll that's right the fees is why it gets so much more expensive

It shouldn't be the customer's fault that Comcast doesnt know how to negotiate terms with the fee chargers

i HATE the sports fee more than anything

i dont like watching sports period

why am i paying some $10/m in sports fee?

It's stupid ik

Ughh can't wait to get rid of them next year

The fiber isp is still building out in the neighborhood

But I'm sure Comcast is sticking their hands to make sure it doesn't happen or takes as long as possible

ATT fiber is supposedly building out here... ive seen some fiber installers in the area but im not sure if its for ATT. theres new homes going in so it may just be for that

It's $50 for synch up/down

150mbps

Compare that to Comcast and it's already a better deal

$50 gets you Comcast 15 mbps

And 2 upload

Basically the definition of greed

we get 1000 comcast for $80 ... upload i think is 20-30

For 1000.... I think I saw 99.95

2000 comcast is $300

Yeah that's the same for us

Gigabit pro

i have 150 now and im completely content

I would be content even with 100 mbps

i had a gig server in the past and downloading was cool, but honestly i dont need it that fast at home

I would like to have my cloud backups finish faster

thats my main reasoning for wanting it

for school, I am migrating templates of VMs over the internet since I can't physically be on location all the time

At home, I have access to all the tools

50 is my limit though, nothing less. ATT can only offer 25 right now

25 for netflix I would say

only netflix? sheeeeeeeeeittttt

you should look into VUDU

i guess xD

fuckin love vudu

my roku has VUDU

but is it another subscription?

no

its movie rentals or digital purchase

redbox pissed me off many times on bluray rentals and i scratched my head and went "huh. so for $3 more per rental i dont have to deal with this shit?"

vudu can stream surround sound

thats what sold me

Oh i see

yeah redbox is basically gone from walmart near me

I think they moved it somewhere else

its so dumb.. like they invented that disc return button so when others use it you can still return... then they put it on only a handful of boxes... i also had issues waiting on other people so i can rent and full boxes so i cant return

streaming makes sense... no need to drive out and pickup and you get to watch it RIGHT AWAY

yeah that too

having it all digital, its basically infinite inventory

my time is worth wayyyyy more than the $3 savings

its not like i rent more than once or twice per month

right

I see they call HD "HDX"

whats that supposed to be?

just a buzz word?

or the surround sound thing

high def experience i think

oh.

its just 1080

the industry calls 1080 high def

UHD for 4k

HDX is a hi-definition (HD) format developed by Vudu that allows streaming video at a better quality than HD streams from other providers like Amazon Instant Video, Google Play and iTunes. HDX video is streamed at 1080p and 24 frames per second.

TIL

ha, they dont name netflix in that statement

but yeah, no complaints tho. everything ive rented has looked good. the audio was as expected

i have above average audio but not quite high end

if its shit i would know

yeah yeah

cool

at some point i wanna upgrade to 4k but i feel like ive waited so long anyway... why not 8

1080 is still acceptable to me

I would say so too. even more so with laptops like 15 inch, 13 inch

I made the mistake of getting xps 13 with 4k display

OOF

I now realize that 1080 at that size makes sense

almost always

dat massive scaling

yeah I was sooooooo disheartened inside

like I made a bad purchase

but dell gave me full refund, even though it was opened and I deleted partitions

i bet windows didnt look quite right, eh?

yeah totally not normal

if anything, linux would of looked better

4k crispness at terminal is a-okay

I'm still here.

I'm not dead, yet.

@thick minnow I'll be living for another decillion years

Come to think of it, I'm no longer hard-core Cisco studying anymore, too.

I was never hard-core studying anything.

I'm still trying to figure out what path I want to go, either I.T or maybe Computer Science, or Cyber Security.

Today 2 fiber cables (for redundancy) going from the main server room to another room where there are 3 switches that feed half of the floor that also happens to be the administration floor went down. Never thought something like this could happen. I mean what are the chances something like this can happen

What are the chances of fire at the substation happening and killing power to all of the campus 😦

Well that happened to the substation near my House. For what I've understood the transformer exploded or something like that. A kinda large area, included my house had no power for 13 hours

But I mean, there is no backup for that. But 2 fiber cables with 8 fibers in them... the 2 exact pairs that feeds that room stop working. Thats some bad luck there

it happens

hopefully your house breakers worked or bye bye electronics

Sounds like a big oof.

@thick minnow mmmmm gurl

?

@thick minnow oh computer science is a lot of math if that's your thing

And programming theory if you like therotical stuff

Just hope you get good teachers it's easy to be lost

Programming uses math a lot but usually the math is not too hard unless you want to specialize in areas that require more complex math. Computer science in general does require quite a bit of math though, especially in the theoretical areas

@fresh copper I would wager my school errs too much on the math vs. Other universities

Yeah definitely not for me

The network supposedly requires me to take digital circuits and engineering writing

Well my engineering writing teacher asked me for advice it was a tough semester for her

I didn't expect that

@little schooner rude

https://www.reddit.com/r/networking/comments/c08fgy/took_down_the_dr_dc_in_my_first_month_at_new_job/

if you want to do IT, you're prob better off doing as minimal as possible or trade school

if you want to code for a living, by all means, invest

a $90k degree and a $20k degree is gonna land you in the same place

Did I mention the bot is a networking switch

no?

/s

must be a ubnt box

I'm joking, it's on a VM somewhere in Jake-land.

c'mon dooley

what was bad in there

lol

@little schooner if you go IT, especially networking, do not waste time on a degree. I have colleges with Masters in telecommunication and they provided no benefit other than HR

Read the first word and thing about it.

At least you got the automated message, lol. Hope you enjoy the image that came with it.

for once i agree with @hollow marlin a little. IT doesn't need anything special. even an english degree will do

tons of people high up with unrelated degrees

@hollow marlin I will go for masters, I do enjoy learning throughout the years. Also, I can hold onto it in case

Ultimately I get where your coming from
My brother has the same thinking

whatever you do if you do it, make it a batch degree

dont go assoc

thats like pussying out

😄

all HR wants now is batch or no degree but 10yrs exp

assoc, dont care. assoc with 5 yrs, dont care

you have to convince BRENDA

from HR

Don't you mean Karen?

omg karen is her boss mang

dont screw with karen

@waxen scroll all I have is an ass. I'm like 10 creds from a bachelor too. I was going pre med when later I found out I hated the field, more the people I would work with really. I nabbed a job that lead me to where I am now.
So I have experience and certs to back me up. Just never felt compelled to pay to finish my degree

To fucking expensive

i couldnt do that shit

blood, human fluids, etc

NO NO NO

That's not even what bothers me. I would have to deal with fucking Beckys that are complaining not fucking stop

as in moms?

The environmental is so toxic and everyone is generally an asshole.

No the workers, nurses and doctors

yeah. i love reading about people who support doctors IT

There was a position open here for lead engineer for the hospital but I couldn't get my self to do it. I would be right back where I avoided. I couldn't do it even for the pay

Here Becky, go smoke a pack and come back. "Ew no, smoking cigarettes is bad for you." Did you really want to live forever, working here.

my coworker used to work for the local hospital system. they pay like shit and nobody appreciates what you do

Here had an amazing opening, $120k and all the benefits in the world. But I know who I would work with and for.
Also 120k in my area is big money.

whats good money in your area for a senior engineer?

Senior engineers here make $80kish

WOW

thats at large business right?

Yeah that's with the larger businesses. There are one offs of course of two people I know who make 100k yet know shit

out here senior is $100k-120k

That's what it should be here. IT is just not that in demand here

i dont make $120k+ because i dont want to sell my soul to a trading firm. i know many people who worked for a few local ones... hell. no.

the stories are terrible

Almost all I hear are also. I just got done an interview for a local VAR and had to argue to the teeth for even just $70k for lead engineer and they couldn't do more that $60. The job requirements were insane. I couldn't do it.
I hate trying to find decent paying jobs here

Not that I'm saying $60k is not decent

it cause you specialized.... you have to jack of all trades and do it for $50k

tons of jobs!

@unreal wedge my first two jobs i found on craigslist lol

now its all shit

I am jack of all trades! I started as installer/fiber tech then to engineer designing and maintaing an ISP running almost every major protocol.

Think I'm good. No need to die at work.

i did NOC/DCops

running wire, playing security guard, and provisioning space all day

I'm glad I don't have to do that anymore. But glad I know it

me too. worst days of my career

i couldnt touch network equipment until job 3 and that was a contract job

they let me take it and run though

My company was so short staffed at the time that after a couple months they let me get my hands on stuff as well. Then were like oh hey, you can do this so now you can provision and install....and then moved from there

It was rough at times for sure

i try to do that to other people with less experience, but nobody ever wants to run with it 😦

I'm actually shocked about how many people are so comfortable in doing the same task everyday, they just don't want or have the motivation to learn

yep. ive handed people jobs before, all they had to do was say yes and go to one interview

NOPE.

they hear "network designer" and freak out

OMG i couldn't do that. and i assure them its so easy

nobody goes for it

Hand it to me, I'll take it lol

it was pretty much building templates for new equipment at remote sites and then having an outsourcer be online at midnight with you sleeping. they push your configs and the local guy wires it

But in my early days I would just ask a senior, where do I start and he would give me a sentence and I would run with it, as far as I could go

instead the people just wanted to keep opening tickets with ATT for BGP down all day

BGP down = $50k, "designer" = $70k

also you get a shit ton more freedoms like work at home, work whenever, etc

NOC you dont get that

I tried the work from home but I get absolutely nothing done. I have to work at work. Strange as it sounds

im kind of the same, but thats only if my deadlines are way out. if they're close i do get a lot done at home

i have to.

I'll start working soon

I pray it's not around networking equiptment.

Why's that

@unreal wedge

Explain? I am more than capable of configuring a business network.

Lmao

Which access point should I use?

Linksys Small Business, Cisco Small Business, TP Link

Linksys Lapac1750

Cisco WAP4410N

TP-Link TL-WA901ND

cisco one is gonna require license

I have all three, but unsure which is best

the others will not

Sure?

I ran it without one though

Well, I've only encountered one in my lab classroom, and it needed one

I dont really know for that specific model but

cisco loves license money

that i know.

You only need a license for a controller, if the AP is in standalone mode it's no license needed

Small business stuff also doesn't really use licenses in most cases

Oh okay. Sorry for the misinformation

Lmao

@clear igloo let's switch our houses to the new arubas

lul

@waxen scroll why would I do that?

You need to see how the competition is performing

Get out of echo chamber

Give for free then

Tell your boss it's for market research

So trying to set up that hp procurve and it wont bring up the web interface

I can connect through the com port with putty but i cant get the web interface to show up... its just too long to reply

I keep trying to set the time server but it wont let me set the sntp to the right server

it wants an actual adderass

adderess

trying to use a public sntp but its not working

so im kinda confused on what to do now

been trying to set the timezone but it wont list the availible timezones by the cli command

@void oracle do you have the management vlan assigned to a port?

so i can set it

not sure

On a switch you won't be able to to reach the web interface until you assigned the management vlan to and access port and give yourself a static in the subnet

like i have a static of 10.0.1.11

Still of the vlan is not assigned to the port it won't reach it

well how do i set that through cli

its not givving me really any ways to edit the stuff

A simple Google should show you. I'm not familiar with hp syntax

kek been trying the spiceworks tutorial but it didnt say anything about that

the management software for this switch is dead

so i have to do it all by hand

Learn the CLI and avoid web interface if possible

kek

half the cli i know doesnt work on this

so no

Don't know what that even means. CLI is not the same access vendors and hardware

Just meaning that all it does when using the reccomended cli commands for this is give ambiguois input output

the help for this switch is dead

its an hpe procurve 2910al

switch had a dedicated management software made by hp

but since they've taken the download down so that people are forced to use new stuff

which would be the management port?

i have 48 ports

You can set any port you want as one. Essentially you are assigning a port as an access port the the MGMT vlan which is typically 1

i ment

i dont see the mangement port

i only see the 48 ports

which with the management would be 49

There is no specific management port

well mine has a rj232 output on the front

isnt that the console port

Again no port. You're assigning a vlan

fuck do you mean

I havve the r232 to rj45

and now i dont need it?

That's only for direct console access, bypassing SSH

AHHH

okay

thank you

for explaining like a normal person

with words

There should be a dedicated, out of band, management port on the switch above or below the console port but on some lower end switches they don't or didn't have that

idk this was a 3,600 dollar hpe procurve

so what im gonna wanna do is tag the first port with a vlan right?

Depends on how you want to set things up but yes, tag it with a VLAN and then create an SVI

svi?

Yeah im not seeing anything thgat has to do with web interface

its just looking useless at this point

fuck it dont need a web interface just a ip routing table i'll do everything from the console port

all this is really acting as is a interface between 2 routers and for my main traffic the router after this is gonna be my tv

So you want to give up on manament but instead setup routing? Mean good luck but if you are just connecting routers leave it defaulted and just attach them to the switch

nah im gonna do management

just from the console port

saying fuck setting up the web interface

just gonna do everything from the console port like that you

like you said

get my aunt to help me maybe with web interface she does it professionally for cloud routers

I wasn't trying to be harsh about it, but CLI is the only way to go if possible. Even modern equipment web interfaces still suck and are limited

but she'll prolly just give me a list of useful commands for cli

or i might just dive into the help

and try some things

Cause i mean resetting it back to factory default is as easy as a button press

got it for 10 bucks so i mean its great for learning networking

guy has a second one 3 layer with nat i might try and stack

and make into a router it self

biggest thing is that i needed sfp for my routing before my oold router because my old rotuer cant handle the traffic

but my old router sends out the auth signal to bell

for the tv the internet is just ppoe

which im planning on handling with a pfsense and off loading to this switch

Looking at configuration for that switch it seems very similar to Cisco. But again if you want routing you will need to learn to create SVIs and add the vlan to a port

Also not sure how well it can route but don't be surprised if it craps out when routing

Maybe I mean it is a 3 layer switch just not too sure on making an svi

So it has basic 3 layer up routing

Ip

@void oracle You need am SVI to do routing on a switch. It's where you create an interface for a vlan that can utilize layer 3.
Without it you cannot route because there is nothing to route

@hollow marlin There is something I dislike the most about the Cisco ASA line and thats that there is a strict requirement of setting interfaces in different security vlans

I mean I tried having two separate networks within the same vlan (default basically), and asa just wouldn't consider it as a "Separate" network port

it just adds it back into the vlan group of the others, default vlan

instead of making it its own routed port in the same vlan

ugh the frustrations.

Also, I was sure that we had a bugged firmware version because the wizards basically locked out the administrator from cli and webpage management

like cmon xD

@little schooner sperate networks under the same vlan are the same network virtually. You cannot have the same vlan on two routed ports. At least not the way you are describing

@hollow marlin on pfsense, it works like that. Maybe I described it wrong.

I was wanting, basically, two isolated routed ports. Like how setting up a Cisco 1921 routers g0/1 port to be in 192.168.1.0 and g0/2 in 10.10.10.0/24

Without telling them vlan ports

The problem with Asa is that, I guess, it's attached to the switch "bridge" part of it, so it's hard to deattach it or something

I don't really know

Because I have a pfsense appliance where it just works. They have two Wan ports, both isolated

You're in bridge mode, or on a 5505 model, you need to be in routed mode and it works just fine

@clear igloo that might be it and all this time I probably didn't realize that

Yes it is 5505 model

Been a long time since I've touched a 5505 but if I remember right it's all bridge mode on that one with some weird configs for routed style to happen with the VLANs

Yeah tell me about it

My teacher was about to throw it in the garbage xD

@clear igloo thanks for pointing that out. Sometimes it's the little details that slip my mind

@little schooner that explaintion was better. Sorry didn't know that's what you meant

@hollow marlin its okay. I think I didn't explain it right the first time.

@little schooner so why doesnt dooley trust you admining a corp network?

I don't know. But last summer, I helped my college professor basically redo his entire lab network (standard workstation images, new switch configuration, new uplink cables, replaced all fast ethernet equipment, implement distance learning platform) and basically its been running smooth since the August 25th of last year

Only recently now are we putting together documentation for the network and room

He was so busy teaching like 4 courses and doing workstations in the new lab

Now the school is basically making crazy money because the class sizes have grown and our systems are more capable to teach things like forensics, ethical hack, info assurance and Cisco netacad with all our VM templates

So, there can't be a way that I wouldn't know what I was doing if we got all this success just from one summers of work

On top of that, we did a proposal for new equipment and thanks to the diagram and problem descriptions I put together, they approved our purchase of 30 new Intel 8700 workstations without issue.

@little schooner don't worry you don't need to prove yourself man

@hollow marlin thanks

@little schooner What did you do for distance learning?

@strange silo We paid for and implemented a commerical solution that makes it possible to run virtual environments over an https web browser connection. It was to reduce the cost of course to students and offer more courses to teach. Now basically online versions of more physical hardware type classes can run during the summer and on students low end computer hardware

And it is scheduled on demand. They can reserve a time to do the lab and activities and submit it in for grading.

I was happy because now more students can join the program

So VNC like with a hypervisor... that you can download for free...

@unreal wedge not quite. All the VM start and reset is automated too.

They just click start reservation and the back end takes care of the rest

So again, what I said before, but with a boot script.

Nope. Not even quite

With snapshots

Look, the people who will benefit from using it is more important than how it works

🚶 🚪 💨 so again...

@unreal wedge This summer, we can start pushing the next phase of project and enable physical routers and switches to also be configured and worked with over https

So ccna over entirely https connection in your favorite web browser

Its a learning tool for the students. Now they don't need to buy the gear. It is accessible anytime anywhere

Don't you see how it saves them money?

@strange silo but yeah that's what I did. So the college has a few more options on courses to offer during semesters.

But at a significant lower cost

Since the labs are also included

@little schooner VMware Horizon (View old name), Citrix XenDesktop or something else cheaper?

As a whole we have about 15k distance students but most of those are not Computer Science courses or ones that don't require labs etc. When they do require labs the distance students travel in for block course and do them in a bulk session.

We're in the middle of moving from VDI pilot to wide scale usage, VMware Horizon, but that's a more general thing than catered to a course etc and doesn't address situation of interfacing with lab equipment very well.

Licensing is also easier this way too as you can use site per seat licensing and not have to work out some more complicated student personal device scheme

all ive seen used for that is citrix

https://www.reddit.com/r/personalfinance/comments/c0o3p6/potential_employer_asking_for_salary_but/

yikes

i swore this was r/sysadmin for a second

Is it possible to connect 3 devices to a Gigabit network switch (5-port) and achieve full speed assuming your ISP is also gigabit?

yeah

i mean.... it depends on the switch

ive never looked into what tiny switches can handle

just cause all ports are gig doesnt mean all ports get gig

lol i brought an 8 port gigabit switch at work to work on more pc's simultaneously and filled all the ports. i was like downloading 200 GB ISO on each pc

the lights were blinking like crazy

Unmanaged small switches are all hardware based and can run full speed, but with still a a single uplknk, it's limited to a gig

@waxen scroll TP-Link TL-SG1005D (or get something more expensive)

like the TP-Link TL-SG105

With unmanaged switches it honestly doesn't matter

YeEEEEt

any local vancouverites in #networking ?

I live pretty close

RIP target is down globally

pour one out for their server admin

@waxen scroll server admin will just blame the network and not do anything

yep

at a previous job there was an escalation procedure for dealing with server people blaming the network

i took that procedure and wrote a document with 30 questions on it. if a server admin did it properly, it would take 2-3 weeks to fill out

it weeded out the people who didnt want to check their shit almost completely

2-3 weeks lol

yeah... it was asking for stuff like visios of their environment, among other annoying things

many people didnt want to do it

i would also need to do bullshit myself if they did manage to complete the document

trace route, check every damn path it takes for errors/port issues/QoS issues

the people it gets escalated to were super anal about all this stuff being checked or known

once you blow a week wiresharking only to find out it was a duplex half or congested port all along, you'll never do it again

😄

@hollow marlin not sure about you but the companies i work for almost always have between 1-4 people whose sole job it is to work with taps, SPAN, wireshark, etc all damn day

theres that much network blame going on

its not my favorite thing to do.... its so open ended

and sometimes you just find 0 wrong in the packets and then its... now what?

Only worked for ISPs so not the case for me. But I know of friends that have similar situations

I spend 24/7 on wireshark

I even have it open now 😃

tried and true when you send tcpdump over ssh/netcat piped into wireshark

wireshark is great for testing firewalls and latency issues

i just installed our 30th port aggregator for taps

if only they would put that money towards my bonus

those damn things are like $30-40k

Just buy NaaS, plug all the cables into the cloud and be done, LUL

HAH HAH.

you laugh, but....

we have a business unit who is asking for VoIP in azure

theres no QoS in azure.

lol

and this isnt for internal phones, this is call center

bad quality in a call center? hmmmm

They said that the Target thing was a network issue but from the info I have, it was probably more likely an application/database issue

Not a surprise. Like I said the sysadmins just blame the network

So I have a Catalyst 3750 PoE - 24 and I set it up using express setup but I can't figure out how to configure my PC to connect to it to access the interface again.

Please help

Btw the default gateway and up address both start with 172

Just set your PC to 172.16.16.25 with a mask of 255.255.255.0 and just go to 172.16.16.50

You can plug into any of the 24 ports

Ok

In retail network isn't allowed to make changes during the day like that, so IDK if I believe that

Oh maybe my Linux install I had was corrupt because with windows it's doing dhvp correctly

It still took me back to express setup

Ok it won't stop going to express setup

Setup through CLI instead.

Wdym

I'm trying to download the network assistant software but you have to be a business to do that so I can't..

Don't bother with that. Look up a video on YouTube for the 3750 and setup with console. There is no point on wasting time with softeare

Ok

I just wanted this to be easy😭 😭 😂 🙄 😑

It's works out of the box without manangement. What are you trying to setup?

Just trying to learn and see all the features

The configuration guide is 1350 pages. Nothing you can just learn from the GUI

It's a popular switch so you can find a lot of information on them

I just don't understand why it likes express configuration sooo much

I did read some of the guide and followed it

Idk I might try the 2009 model I have too

Like I said don't bother with gui

yep. nobody enables GUI in the real world

and if it is enabled its freaking useless

Ugh this is why network is boring for me lol

Don't base networking off just that

I mean it's cool but it's just less exciting

Except for the flashing lights on large switches lol

I'm not going to probably be keeping the switches because they only support 100mb connections

What would you recommend though for a small home network with servers that is also rack mountable

Also preferably 2 sfp+ or something to that effect for connection between main PC and nas

an edge switch lite

unless you need 10G, then... lol

oh looks like the 48 port version does have 2x 10G

i only have the 24

1gbps would be enough for a nas probably?

Or do you think that could be a bottle neck

I would be using SSD's as a cache

It's going to bottleneck when transferring files but not when streaming

🤔

Mmmk

$400 is little bit much...

Maybe a sfp to sfp thing separate.. idk

$400 is a steal

Cisco will sell you the same for $3000

Random question, but you know how people have car meets and such like that? Anyone know of a meet up got tech and networking enthusiasts? I want to find others in my area to discuss what's going on and maybe study for certs together.

LTX?

I was thinking locally (Arizona, USA area)

NANOG exists for networking professionals but it’s not really what you are looking for I would day

I just met people in my area though various networking discords where I eventually happened to find two people near me

Hm. I see. I'll look and see what I can find. Maybe a city subreddit could help

im pretty sure nanog is niche

if you dont work for an ISP its not for you

the topics that concern ISPs and enterprises are different

NANOG is definitely just for people who work at ISPs or are otherwise affiliated with ASs

Here are some recent topics from the mainling list

hey! thats me. i got an ASN

That’s also me which is why I’m on the mailing list

If this switch is going to be in a single rack cabinet with other switches and uplinking to them, what sfp+ module should I get? I haven't used those ports or modules before.

Like there are a lot of them but I don't know which one is best for my situation

Here's more

fiber you have to be a bit more careful about

but it seems to me that you just get the length you need

like all you need is a pair of the same modules

@drowsy fossil hmm. Also, what is the difference between twinax and active optical included? Twinax is the shortest one to use?

Since they will be really close to each other, I think 0.5m would work

isnt twinax copper?

yea im pretty sure twinax is copper

if copper can handle your needs personally id go for that

but if you think youll need to expand later on get the opticals

Hmm okay. Yeah this is all new to me.

Eventually it will connect to an adjacent lab

adjacent like throught a wall?

@drowsy fossil yes

Also omg

Man the cable alone is more than used car

if you can get premade copper that is long enough, do that

and thats not the cable is it?

thats a tranceiver

No I was just looking at the high price

i mean

Well we would need transceiver and cable

thats meant for one end of between 35 and 50kms
(depending on the cable)

We don't have either

Yeah that's pretty incredible

That distance

single mode is unnecessary for you

Yeah

For long hauls basically

see if you can get sfp+ direct attach cables

cause thats even cheaper

oop seems like twinax is your copper direct attach cables

Yeah that's what I see

$76 ish for 0.5m

And uh

$87 for 1m

For direct attached cable

😬

But if I'm just connecting rooms

That should be enough?

yep

It's literally like 4 feet from each door

To the right

well,
can you drill holes in the walls?

Not yet. We need to wait for grant money to fund that project

It was supposed to be tore down completely and make it one giant room

ah nice

That's the goal anyway

well either way
avoid fiber
has a bunch of limitations for installing it properly

In the interim, it will be connected via switches in each room

unless you want to spend the time and become a cfot, just grab the copper schiz

Mind if I ask what's one of the limitation?

biggest is bend radius

Oh right because it's glass core

That's hard to like bend

even if the cable doesnt break, if you bend the cable too far the light escapes bc physics

That I didn't think about

Hmm

all the fiber ive dealt with can be bent back on itself, but you wont get any signal through, and not understand why

Yeah. Really it will be me and my professor running the cable above the tiles

I don't think we would do it carefully the first try lol

The way we have our ethernet now is bending along the floor with table legs, corners and all that stuff

if its a cheap tranceiver you will see the light escaping the cable

lmao yea no you cant do that with fiber

Hahaha

single mode can have a bend radius of up to 3-4 feet/90 degrees

multimode is much smaller

Oh man you should see our uplink cable before. It was literally going like 45 degrees upwards toward the ceiling

Anyone can pull it

😬

yea go with the copper sfp connectors

k. Thanks for the help

We are starting this project tomorrow so it should be fun

yea glhf

@little schooner Not sure if you have your answer but if the two network devices are in the same cabinet use Twinax Direct Attached Copper (DAC)

Hi all. Because of lots of lightning strikes the past couple of weeks and my servers and CCTV is now online 24/7. I need to protect it, cant take it offline every time there is higher risk of lightning.

I have looked at a powerwalker AVR 1500/SIV (1500VA 1200W)

Protection:
Surge Rating 312J
Over-voltage, Under-voltage, Over-heat, Over-current, Surge, Spike Suppression

Anyone know of issues or reasons not to buy the powerwalker AVR 1500 for this?

@little schooner if you go fiber always buy the sfp from fs.com, nevermind buying first party

@outer nexus we use APCs widely and have few issues with them. Yes it's more expensive but I would be worried a out eh powerwalker with it's reviews

@hollow marlin THanks. I will see if i can find a APC at a reasonable price instead : )

Unless you need production support @hollow marlin

Cisco will tell you no in some cases

Any vendor who sells SFP for their gear will probably try to pull that

That's why you negotiate it in your support contact or have a used first party to swap in during support

@clear igloo you people

At least we don't charge you a license fee to use unsupported SFPs

😛

And yes, there are vendors who do that

I’m still here.

I’m still part of the LTT Discord community, kind of.

Who are you? 😛

Kidding

Is the twinax cable easy to hide or cable manage? I'm thinking it's like this stiff copper cable

@hollow marlin actually, I want a PoE switch from fs.com. From what I read online, their switches are pretty good

But that's cool they sell the cables too

@thick minnow 👋

@waxen scroll Will tell you all about the hell of twinax 😄

Let me tell you about the horrors of a token ring to 100mb conversion

🖕

everyone congraduate @little schooner for figuring out split DNS on a ubiquiti

X 👏 E ❤ O N

Give me an X
Give me an E
Give me an O
Give me an N
What's that spell?
Xena, warrior princess!!!

Token ring was a really great solution but I’m so happy that we don’t have to deal with it anymore though there are ways that you could simulate one

one of my jobs kept all the token wiring and used adapters to RJ-45

they kept it that way for a lonnnnng time

Today we ended up not doing too much because IT department people were holding our workstation equipment, handling the labeling and serial number grabbing stuff

But they were gone for hours and we were stuck waiting for them. It was 5pm and no one answered us back so

Ughh we could of gotten more done

I was told IT department wanted to change our order to get systems that they had in the other classrooms. Basically they hated our config how it was better (I guess) or maybe they wanted total control over our labs assets

its cause they would have to make a new image

when i got my non-standard computer it took forever to go through desktop

Ahh true. But you think that even with an enterprise solution, such as Dell KACE, it would still take as long?

I've never used it myself but that it what they use to roll out everything

Also, when ended up happening with the room next door, they told him that a computer hardware course with two students is going to run. It's strange, but once that is done, he can claim usage rights to the adjacent room

We decided one room is networking courses and the other room is for cyber security stuff

Hi guys, I'm looking for a new router, and I can't decide whether to get the TP-Link Archer C1200 AC1200 or ASUS RT-AC57U AC1200.
The ASUS router has 4 antennas, but didn't get any firmware (vulnerability, etc.) updates like the other versions since it got released. The TP-Link has 3 antennas, and as far as I know they might be more vulnerable. I would really appreciate some opinions. Which one would be the best choice? Thank you for your help.

I like the quality of the asus routers. They never let me down a single time. I would go with the ASUS one

There is merlin firmware that you can flash onto it if the current official firmware is no longer getting any updates

har har

i have the opposite experience Xeon

i had an asus before i went UBNT and went through 2 RMAs for an issue where the 5Ghz barely worked

Oh. Well the models I bought were the ac66u and the ac87u and those worked for a long time

mine was ac66u

I think the only consumer router I ever had problems with was a DGL-4500

that thing was nasty

the first RMA it was clear they plugged it in, went OMG it works right now. and shipped it back

I've never really had a good experience with any consumer router I've had to use.

same S/N

@waxen scroll yeah it happens i suppose

@pseudo blade I literally bought the cheapest TP link router for my sister and its been on for 2 years straight

once i went UBNT, no issues with wifi or router

same

thats mean on your sister

I never had issue with ubnt

As in... they generally work...

@waxen scroll my sister wanted something cheap i guess

Just that's about it, and good luck configuring it to do anything of interest or value.

she did pay for it

@pseudo blade yeah its too limited for me

I had to ditch consumer stuff

prosumer stuff like ubnt is better

or is it enterprise lite??

:p

If I had genuine performance requirements rather than 50mbps being the fastest connection I interact with on a daily basis, I'd build my own router. All home networking stuff is presently being done via router-on-a-stick off a 10/100 ethernet port.

right. its like what my teacher has in his house

He has two gamer kids that bring down his internet all the time

hehe those kids on fortnite

It's a Mikrotik Groove with a dead radio.

my teacher uses one of those cisco asa 5505s

the one with fast ethernet

i have 5 users doing multiple streams and crap... i dont put in QoS, everything is fine. gaming shouldnt take that much data

He mentioned they stream too

but that was very brief

Id have to ask him again.

The ASA 5505's... I didn't really think much of them during CCNAS, but I guess it isn't 2006 anymore :P

He has a spare in the lab so he yolo'd it or something

I'd probably still prefer a 5505 over their new ISR's... The bandwidth license limitations are insulting at the price points they offer them at.

i once had a comcast installer putting in my new internet service (2013) try to upsell me on 100mbit (i was getting 50) and his reasoning was that i was a gamer and it would work so much better. Then i asked him "ok, but games need low latency not high bandwidth... right?"

he looked at me with a blank face

I like to do that too

It'd help if everyone else on the network was saturating the 50mbps.

in fact, at&t tried to trick me and said that "Fiber line runs all the way to your home" for the internet connection

the biggest hog of a game ive seen was minecraft at a whopping 5mbit/s on an unoptimized server

instead what he really meant was, it stops at the street corner then is like dsl line for the last mile

pretty sure other games dont come close

so he tried to lie to me that my connection would be all fiber

because at the time, I was playing Crossfire FPS game, and i wanted low latency

this is why line techs should just shut up

the sales people are worse tho

they REALLY dont know what they're talking about

mhmm

I was told by a technician that I could have two modems in use with a single subscription to comcast

over the phone.

Oh really?

comcast sales moved to this stupid pricing model where they ask you how many people/devices you have then when you count it the only obvious answer to sales is 100mbit+ .... BRO, im not having 20 devices do 4k netflix at the same time

yes. then when they came, they said they couldn't do such a thing unless i buy business subscription

Sounds like you need to start recording this stuff and using it to punish Comcast a bit.

like oisjadfoijfaoejfoejwf

liars

yeah I do

well, now we have cameras at the home so

if they ever come back again. yeah

They are quick to say "its not our job to run ethernet cable" and put the responsibility for an electrician

but the phone support says they do cable installs like that

so much conflicting information

yeah i looked it up and it seems like they dont. i have 4 wires that need to be put in

i hired a local major electronics store to do it

I definitely need to get it done. Mainly, I want them to run some outside so I can attach an AP via hardwired there

Some inside my room would be great too

an electrician wanted $900, a networking company wanted $700

the electronics store wanted $300

This was the most one technician could do for basic room to room ethernet

keep in mind thats with MY parts... i already ran the wires

someone needs to drop them in the walls from the attic

Strange how they didn't use a keystone

@waxen scroll but this, I have no idea why the technician did this with the ethernet cables

rofl

fired.

those look like pre terminated too, but if they are, how did they fit

I honestly have no idea

I just gave him cable and he said he would run it with the coax cable or something

It's incredible how they managed to fit like 5 cables through that single ethernet jack hole

Yeah that's how it supposed to be done

I wish someone could do that for me cheaply

it took for freaking ever cause i only had one box

If it were me, I'd run everything back down to the basement

in commercial you run 8 at a time

im not paying 8 boxes

😄

Yeah that expensive

Also my switch and router stuff is currently on a wire rack

this is my best house work so far. the other house i did was when i was in school and didnt know better.... wires all over, switches all over. jacks werent central

Wrong kind of rack :P

@pseudo blade wish I'd knew that earlier

Well it's holding a computer tower too

Above it

@pseudo blade

The drive cages look nice. Were they expensive?

my ghetto label system

keystone, BABY!

@pseudo blade uh they are by Silverstone

Like $80

@waxen scroll hey, I got no labeling so you got it easier than me

@pseudo blade they have locks and stuff

I like it

someones gonna buy my house and just royally fuck all this up

That photo's super blurry. Are they all coax or are those just screw terminals?

thats speakers in a couple rooms that a previous owner put in and never wired. i put the wires into jacks

Ah. Thought that looked strange.

That's neat

this pic is when i didnt live there yet. i was wiring it before moving in. so the other wires are a receiver i brought with for music

@pseudo blade do they even sell cabinets or racks that a tower like mine could fit in and have space to rack mount the switch?

The only reason it's on wire rack was because it was easily adjustable in height

Well the tower's not going to fit into a rack easily, you'd have it on a shelf in there anyways, so no real benefit.

I was mostly joking about the rack anyways.

This room that its in is super tight

like not enough space between it and the bed

There's a guy I know that runs a rackmount server under his bed.

that guy is nuts

that wont be me anytime soon xD

That guy is nuts, yes.

Comcast did the black wire and att the white

Ugh they do it so messy

LOL

did they just drill through the siding?

Yep

They did

RIP

It's stupid

They can't even do it right from the attic

yeah cause its a bitch to do an attic

Heh honestly that is so true

why do you think im hiring my work out?

its just plain annoying and not safe

normally I'd laugh you out of the room if you wanted $100+ to run wire i already put 5-10' away from the wall it needs to go in

i have a fancy roof

so that means its extra bullshit to dodge

Whats a "fancy roof"

It's not /\ the whole way. There's a few sections. Some of them overlap other roof lines

Stuff like that

@little schooner yo tf is wrong with those companies?

Jesus. I looked at the other pics too. Wtf is wrong with ISP peeps

What is the name of this ISP buildings again? where you have all this racks and switches?

Central office, carrier hotel, datacenter. Take your pick

I wanna go there one time

@broken cosmos honestly, I wanna get it all redone . Properly from the attic all the way down to the basement.

And buy a cabinet rack to put all the equipment in and make sure each room has at least one ethernet jack

Those cables that came out of the wall? Are they just cables directly attached to a PC or something?

@little schooner how many floors?

@little schooner how good is the edge router and does it have threat protection

/description and analysis of web traffic

its good because it doesnt have threat protection

@waxen scroll 2 floors and a basement
@broken cosmos When the technician said he could run the bundle of ethernet cable through the hole in that one room, yes, they were for multiple different equipment

@stable crest I use it with its built in firewall rules and it serves me fine

Nothing special needed

Mm I like UTM software

@little schooner OOF. you'll want to open drywall all the way up and put in a nice fat PVC pipe

one and done

@waxen scroll absolutely

I just took the coax cables and removed the keystone and put in rj-45

Made it really nice to have most of the stuff there

@broken cosmos basically the picture shows the last room where all the cables pass and connect to the switch

the builder put in a PVC in my house. i accidently found it one day and was like "huh. i wonder what this is for"

Stab the technician. He doesn't deserve to live 😄

But atleast itself slightly cleaner looking that what i have in my room

That was all the technician could do for me

Isp Comcast

I wasn't expecting magic

From all the way downstairs to upstairs is hidden within the wall or tucked up in a corner.
But when it enters my room. It just comes out the wall and feeds directly into a small switch

I know one drop spot in the basement where a cabinet can fit and everything can be hidden

That autocorrect was awful

oof

Hmm

If i ever move out. I'll try to do my best with the etherner cables going to every room

I want to do that too even though it's uneccesarry

after tomorrow ill have cables in every room except bathrooms, living room, dining room

no need for those

Pffft

No you definitely need connections there

Also, now that I'm in a networking related channel. How can i make a router work as if were to be the one that's all the way downstairs?
Specifically asking because our Sonos Boost is connected downstairs. And I'm all the way up stairs. The wifi from downstairs just doesn't cut it. So we placed another router upstairs. But Sonos doesn't work on that router

its all standard, why wouldnt sonos work

does anything else work?

Huh?

1x custom built Sophos-XG router
1x 24 port edge switch lite
1x 8-16 port switch (100mbps)
2x dell r710's
2x wifi ac ap's (unifi perhaps)
1x 10tb nas with raid redundancy and 500gb cache
1x 8tb nas (for steam library no redundancy)
1x patch panel
1x possible expansion

Would this be good?

Jesus

And or this is my plans eventually so anything that I should change?

I only have the custom router so far and 1 wifi ap from 2008 but I get 80-90mbps on it

yep. get a modern server

if you're using vmware, R710 is end of support soon

710 is like 6-7 years old now

@broken cosmos you'd have one main router that leads to the internet and make use of it WAN port to the modem while the router at the bottom of the chain would not have its WAN port in use, just the ethernet bridge ports in use.

The information will then travel between up and down locally

But you need to make sure that both routers have communication somehow, whether that be they are directly connected or you have additional switches along the path

@waxen scroll AMD EPYC?

personally i might stick with intel but my reasoning for a LAB is to test IT applications and its not uncommon that some say intel chips only

My reasoning is to learn and run web servers and other useful things like that

amd is more cores for less money and more cores goes a long way

Yeah

I'm really liking AMD's CPU's rn

My first ever desktop computer that I used for gaming had an AMD CPU in it.

AMD PHENOM 2 (some number)995

my first computer was cyrix

that i built anyway

@little schooner can i DM you about this?

@broken cosmos sure but I might reply later I am in the middle of some projects at the school

Aight.

Toll-Free Tech Support!

Supports full duplex. hot damn

IKR

It was a steal at the price of free.

@little schooner @clear igloo i just had a really ANNOYING issue with N7k route map

two of us couldnt figure it out

it was bizarre

match ip prefix-list one
set delay 100
route-map bgp-to-eigrp permit 20
match ip prefix-list two
set delay 200
route-map bgp-to-eigrp permit 30
match ip prefix-list three four five six seven eight
set delay 1000
route-map bgp-to-eigrp permit 40
match ip prefix-list nine
set delay 100```

prefix list nine was being set the metrics for line 30

if i remove line 40, i still see the route nine matches

if i move nine to line 10, same result ... 30 metric

if i make a new line, 5, and make it look like 40... issue goes away

I did show run, i made damn sure the routes in nine werent matched anywhere else

also i looked and saw the prefix lists being matched werent blank

gonna try in lab i guess

@waxen scroll But also you need to post your prefix list because it s a match top-down and also sounds like a bad config because of the match at 5

Or just a cef bug which I have seen similar symptoms

@waxen scroll im not familar with N7k but yeah the behavior sounds like its odd

@waxen scroll also we hit a big roadblock today in the lab. The cables my professor bought were too short!!

so we ran everything above the tile ceiling and made both ends visible only to discover that there wasn't enough slack to reach the very front and very back of computers

We have to return all the wiring and get 75ft wire

Lastly, CDW wants us to get a Cisco 9200 series switch that is Layer 3 when all we needed is, strictly, a layer 2 switch that would be $1300 vs. the cisco one close to 3k

obviously they are trying to upsell to us like we dont know what we need

I have set up a powerline network using the TP-LINK AV1300 Gigabit Passthrough Powerline Starter Kit which runs into a switch with a philips hue bridge and a ethernet cable to my computer. However since setting this up it has caused worse performance of my router (it now has a lower bandwith). Does anyone know why it will cause worse performance of my WiFi? And if there is a way to fix this?

@little schooner don't buy what you don't need. If they keep pushing tell them you're getting quotes eslwhere and they tend to stop

those 9000 series have screwed up licensing too

cisco trynna make you PAY in intervals for switch features

cisco is trying to push those hard and they end up cheaper than the previous generation

just not when the license renewal comes

its cisco DNA... SD-LAN

you cant opt out

you're gonna purchase some kind of SD-LAN license with a 9000

for shame @clear igloo

@crude ocean i have no experience, but my understanding is power line isnt like ethernet where it just works well within distance specs.... lots of stuff in your house could probably hurt you on powerline

bad wiring, long wiring, whatever

But that still doesn’t explain why the router is performing worse on a wireless connection on other devices the power line to my computer works well

oh

and if you plug the power line out it magically works?

powerline adapters tend to drop a lot of packets, especially in an environnement where there is high electrical/ electromagnetic noise

Yeah after unplugging the router performance increases again

I guess I could try to move the router to minimise the interference as it is quite close to another computer

@hollow marlin yeah. Also, we happened to get another pfsense hardware box for the room firewall. I didn't know about this purchase

It's the sg3100

@waxen scroll come to think of it, the sg3100 is kinda a bad buy because it does not support aes-ni

So I don't know why it was ordered

@little schooner yeah I don't know anything about pfsense or hardware you can buy it on.

Do you need that kind of hardware for the room?

By that I mean do you need anything more than that.

@hollow marlin looks like it IS a missing prefix list thats defined in the route-map

my coworker got tricked when he looked

a name looked similar

we'll put the change in soon and see if its the fix

@waxen scroll 👍good find

Sup folks?

Imagine if EA sold networking equipment.

😣

@thick minnow it would probably be better

@hollow marlin well, we only need one that supports AES-NI because netgate was trying to pull a fast one by requiring all future pfsense boxes to have it in order to run future pfsense versions

They backtracked but I don't know how much longer we have before they require it

Which would make our platform obsolete

Why would they make that a requirement?

@hollow marlin that's why they backtracked it. They didn't really explain it I think