#networking

@thick minnow I need to route a gig Oh get an R620 and a pair of SSDs, run pfsense

An R620 to route gigabit :P

A pair of SSDs? for the massive quantity of disk IO routers do, I assume :P

Gigabit's cheap to route, get your redundancy from buying two cheap MIPS/ARM routers instead.

I may have phrased that wrong

I'll have to fix that

Yeah... that went over my head.

I see the sarcasm

https://www.reddit.com/r/sysadmin/comments/dbol0i/they_say_no_more_it_or_system_or_server_admins/

omg my last job had a person like this

Quick Question

what do you guys call a disconnection that only lasts 1 to 2 seconds

a blip

thats the technical term we use in enterprise networking

We call that a browser refresh 😛

That takes 2 seconds demn

hahah

Thanks guys, couldn't get the word in my head today

Usually any event that results in traffic loss is called a "convergence event" where traffic finds another path. Traffic that just dies as a result of some event is called "black holed" usually when it has no path to the destination

That would make sense

now to deal with these broadcast storms

@distant wedge you didn't disabled STP did you?

no, someone brought a switch from home and plugged two of their ports into their allocated office space.

Why? Who even knows

BPDU guard

Yeah no, they're on a slave switch, but a lot of mission critical stuff is on that switch as well

So when I looked at the device tree and all those devices were offline I was like awwwwww shit

@distant wedge that's exactly bwhy you put BPDU guard on the aceess ports

Lol, I'm just the junior here so I don't have as much access as you'd think

I can only "recommend" things to my senior

I told him about it and he's like "noooooo, it has to be IGMP, there's no way" I'm like "ok have fun"

This is a good time to show them what impact it has when it's not enabled, as you just found out

They don't want to listen to me, lol

Right now they're running wireshark and watching things

I'm like "okay"

lol

You should tell them to read what IGMP actually does

I have, they told me not to be insubordinate

Startin to really think about this company now lol

I'd wager they disabled BPDU guard or failed to configure access ports correctly. If they disabled STP, run

"buT spAnniNg-tRee cAuseS LoOps"

im sitting here shitposting on discord while they sort their shit out. Their excuse is that because they configured it before I was hired, I have no say on what they should do because the settings worked before I showed up...

I haven't touched a single thing because I don't have access to anything, no switches or servers, lol

not even switch management console

Mission critical apps on the same switch as end users is just horrific design

Try explaining it to them

Are you off the same switch?

They have this stupid thing where they're all sharing the same VLAN regardless of what the device is because it's easier

I was like what the fuck

RUN... FAR

I want to 😭

Is it at LEAST not VLAN 1?

Yes, they have it set to like 125

@hollow marlin I'm running on the same switch through an AP

according to my superior, going wired into the device isn't best practice

Run Wireshark and tell use what you see

I've heard so much bs today I want to call it a day

I would have walked out already 😛

lol, I would if I wasn't hourly

@distant wedge You should pull up design guides and the RFCs for STP and PVST 😄

@clear igloo SO real quick, my superiors superior came up to me and asked me why I was on discord. I was like "I've got nothing to do. 'x' said he doesn't want me touching the hardware, so I'm respecting his wishes"

lol nice

i dont see jr/sr/ or architect

i just do it

most of the time im playing architect and as long as it works, the actual architect doesnt care

in my org i'm not considered senior but i work on what i want

sounds like a good job

eh. it has its issues. people are busy enough though that they dont have time to worry about letting someone make decisions

at this point ive had enough successes to be off radars

Is it necessary to have the transport input command assigned to vty lines in order to ping a Cisco switch from a host in the same vlan as Cisco switches svi?

no

I know I have done the configuration correctly, but my vms inside of esxi host is not passing the tag along or something to reach it

The esxi host is connected to Port fa0/48, set in trunk mode allowing vlans 99-200

esxi... 100mbit? bruh

VM is using tagged port group in esxi virtual switch vlan 99

@waxen scroll yes its for a lab lol

whats the SVI number

In theory it should pass through to virtual switch and then to physical trunk port.

It is vlan 99 on svi

I did interface vlan 99

No shut

"show interface vlan99"

is it up/up

I won't be able to check that right now. It's at the school :(. I only have the config available

But what if it was up/up?

What else could be it?

then tagging is messed up somewhere in esxi

Will have to double check all of that.

You know those power line adapters? How fast are those in the real world?

@little schooner did you remember to create vlan99

@hollow marlin well creating interface vlan 99 automatically creates vlan in vlan.dat

But yes, I did it anyway

Eh.....not all the time

I did remember typing vlan 99

Name management

Always create vlan just in case.

Yeh true

@thick minnow most I got was 60mbps

On the same circuit

My brother got measly 5 mbps off a 50mbps connection

But yea, check SVI up/up and if it is, show mac add and see if any tag traffic is appearing on the trunk with the ESXi mac

But he was in apartment

Alright I will be sure to do that probably Friday when I am back there

Ooof, yeah I couldn't use one of those, It was gonna be from the media converter, to the gateway. I have FTTH

@thick minnow I want that next just need to wait until next year for the new competition to oust Comcast

I wish I had a direct connection to someone who works there

I could get my area prioritized

@little schooner that professor needs to pay

@waxen scroll in regards to what?

you

Ahh. Yeah i agree.

i'd be charging $100/hr... $60/hr if i like the guy

I'd like to be hired by the school to work with him as the cybersecurity program assistant but

money is tight for the school

At my university, they are rolling in it, but they have everything figured out nicely

If anything, my 2-year college is firing IT helpdesk and server admins

i noticed when you said 100mbit

Yeah. Basically, when they hired my professor, they were teaching networking courses without any of the cisco hardware in the classroom

and no computers for the students to use.

Guess how he managed to get 20 computers in the lab?

u

No. IT for the 2-year school was throwing out older systems and my professor happened to see them in the hallway next to elevator

and he asked if he could have them and they told him sure... as long as you carry it

so they didn't even want to help him move it

and then he started testing with an all Ubuntu-system classroom layout

that worked good for a good 3 years until I showed up.

When I showed up, I got aquantied with him a bit more and it turns out we share a common passion for the work we do

As we went along, we were getting attention and started being able to get grant money

But a lot of these things have to wait until break in order to implement them

Like summer is when we implement our biggest projects. whether that is new servers, lab makeover, etc

and implementing a platform that is complex in documentation (but easy once you do it once) kinda stuff

@waxen scroll its funny because the old female professor who was teaching networking class claimed that she used the lab layout we have now to teach students, when she didn't even have the motivation to institute any kind of good change for the benefit of student learning

It was all our work and she was taking the credit in front of this new dean guy

@waxen scroll the improvements were so vast that we are planning on finding money to convert the classroom into two-classroom sized room. The room next door is unused and for certificate program in CompTIA+. Then, we will have a nice glass enclsoure where our server racks will be in a freestanding rack that the students can look around 360 degrees. Another rack will have equipment students can grab and take to their desk if they want to do some physical work with switches or routers. Lastly, throw in some digital signage and displays in the room and have a massively sized network map print out on the wall

Its going to be a fun summer once we get to that point.

@waxen scroll I promise this is my last statement about this lol but my friends were saying how lucky my prof is to have someone me him help him out with all these things. Of course, I make sure to leave him docs so he can fully take over once if I were to leave the state or anything. Make it easier for the next people who take charge of it. I just hope they do it with students benefit in mind.

@little schooner when you learning coding?

If I want to install IW-HDs in multiple rooms upstairs, would it be a better idea to run a single cat6 up there to a switch and then split it to each AP or should I run individual cables to each AP?

@unkempt ferry Id run to each if possible

@waxen scroll coding like java or python?

yes

@unkempt ferry I've tried splitting it between APs and it was a disaster when it came time to upgrading the firmware on them. That meant that they disabled internet access briefly to the whole household

I re-ran everything to have its own single cable towards a single switch

@waxen scroll Well, not formally yet. I need more motivation to start

Ok I’ll go with single runs for everything

Maybe during the break

Thanks for the advice!

No problem

@waxen scroll I've been scripting more in powershell

would anyone recommend Freenas for Nas and Plex server? I was gonna set up a raspberry pi to transfer new movies over to the nas for plex

I'd recommend freenas. But I also recommend Synology NAS even more.

Synology's GUI is simply fantastic

can confirm; and synology does support SSH access if you need to do advanced stuff

yeah but synology is 'spensive

True that; much of what you're paying for is the small form factor, lower noise level, and customized Linux based OS. I'd love to justify a Micro-tower server in my living room, but just can't.

I recomend Unraid unless you actually need lots of speed or its for a big company or whatever

FreeNas is better

@unkempt ferry better in what way?

It's definitely not in support and GUI

In price, sure.

Last time I got help from synology, a single packet tracer file was all they needed to diagnose my problem with smb 3

They were super knowledgeable

I mean for it being free, it offers pretty good features

Yes, no doubt about it

For free tier.

We bought a synology for a smb because they wanted a number to call and something that just works

Well Synology is good is you have the cash for it

I have the cash for EMC

😘

*slaps @clear igloo around a bit with some block storage

Ouch 😦

@hollow marlin that feel when you go into python shell on Nexus switch

Network as code

To make a site to site vpn, do you need a router that supports that or it's something you can run off a server?

Server can work

You may need to do something with static routes on your routers though

Hope there's that on the isp modem lol

Data is more safe inn Unraid than Freenas

Because data is not striped

@waxen scroll you have to program for the nexus switches?

Or is it for added flexibility?

Like playing around with frames and packets based on some logic

Added flexibility, you can run python and whatnot on the box

Even spin up VMs if you're so inclined 🙂

@clear igloo actually, it kind of reminds me like how edgerouter can accept Debian packages to extend the router's functionality

Except it isn't package, it's whatever code you make it do

A VM? Well...

They must be beefy

Yah, it's got virtualization support, not sure how in depth but I know it exists on some of the lines

Yeah that's real neat

Am I blind or are there only 4 wires in this picture?

4 wires yeah

Just making sure I wasn't having trouble seeing 🙂

That is real tricky

Also the orange one looks as if it's take both white orange and oranges spot with single wire

But that can be done if you force it in hard

I was partially incorrect when I said VMs earlier. It's more of a container based solution for Docker and whatnot; https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus9000/sw/92x/programmability/guide/b-cisco-nexus-9000-series-nx-os-programmability-guide-92x/b-cisco-nexus-9000-series-nx-os-programmability-guide-92x_chapter_010010.pdf

My first introduction to Docker was with an appliance called xibo

Got to say, much better setup procedure without the messy server and config files editing

Yah, you won't run a full blown Windows VM in most cases but a nice lightweight linux distro is perfect

@little schooner my script is done for the most part

it takes your login info and asks what switches to use... you define as many as you want

"show ip arp vrf all | i Vlan|Eth"

stores the output into a file, cuts some extra stuff out, deduplicates entries, makes a CSV

it'll do more later

Interesting read for anyone interested in SDN/Linux

https://blog.kroy.io/2019/08/23/battle-of-the-virtual-routers/#finalresults_kvm

👀

Yoshi

I want change my Internet from wireless to fiber optics

is that possible without changing the ISP

Unless the current ISP offers both, no

the current isp has some show off shit like "super fast fiber"

so do i call them up and tell them to upgrade me to fiber?

I mean it might cost more but it can't hurt to ask

im on this plan

it says 1000Mbps

*100

but in speedtest i only get 10 Mbps

is that normal??

(im on a wireless connection)

and they show this

i guess thats normal right?

They might throttle your WiFi speeds for what ever reason

What's your speed when you plug in wired?

10Mbps

Yeah I would call them, if you bought 100 you should get 100. Are you using their modem?

yes

here is something you should know

by wired i mean im connected to the router via lan

The actual setup is

There is an Antenna at the 12th floor

which sends a wire down

wire plugs into router

and im plugged into the router

Is it your router? Like one you bought?

no

the company guys installed it

and this is the speedtest from 8 days ago

same connection same pc connected via lan

now they are throttling my speed i think

Yeah, looks like it. You're correct that you shouldn't be getting 10 Mbps

an hour ago a guy came coz i reported some stability issues

i asked him about this speed thing

being reduced now

he said "you were getting high speeds coz of more bandwidth "

and said that the speed right now is normal

i just want to know whether the ISP is scamming me

I mean are alot of people home right now from work/school over where you are?

home

and only i am connected the to internet

What timezone are you in? They might throttle everyone down during peak hours

i am in IST

(indian time)

and i dont think they are throttling in peak hours

its 7pm here right now

and i have been on my pc for like 12 hours now

and the speed hasnt changed

its been like that

10Mbps

I love this page I found, It's great for planning WISPs that you can never afford building.

https://link.ui.com/#

Anyone in here that could either talk to me or direct me where to find some info on 8K video streaming? I have a use-case that I'm not sure how to approach...

@thick minnow Yep, that's the only thing I use it for lmao

I wanna make one irl, but it's waaay too expensive. Also the IP transit probably costs like $500 a month for 1 Gbps

About 600£ in the UK by my research

No idea about US, tried to research but surprisingly found nothing

@thick minnow there are more than just cost with WISP

@ember phoenix Yeah if a wireless internet service provider's offering "100mbps except for all the wireless users" it's clear they're using deceptive marketing techniques and you should tell them where to shove their service.

oohkay

time for consumercare forums

@pseudo blade i used to think they are providing 10mbps on a 100mbps plan because its not possible

but they aciddentally provided me 60+ mbps speeds for 5 days

now i know they are throttling me

Not possible, eh? If so it'd be on them.

i guess they are just scumbags

time to head over to their social media and talk shit about them

Anyone in here that could either talk to me or direct me where to find some info on 8K video streaming? I have a client use-case that I'm not sure how to approach, and I need to quote them on some wiring installation very soon.

@shadow mica what/how will you be streaming 8k

@hollow marlin I think they would like to stream recordings to a smart TV, but the primary will be a direct from camera to monitor situation. The client is an oral surgery school, and they will be doing live procedures that students will be observing.

I guess it will depend on but rate. I cant see it reaching a gig/s but still unknown

Depends on the camera/codec/compression, and framerate, 4K video (24fps) can easily crush a gigabit pipe and push up towards 3+ Gbps depending on the camera and codec. I think RAW 4K video can do somewhere in the 2 to 3 Gbps range and depending on the fidelity of the 8k footage, which I hope is not too high, you could go MUCH higher than that

IEEE mentions 257Gbps per channel for UHD uncompressed 8k footage 😄

Obviously there will, or hopefully there will be, compression of some sort which would probably put you in the gigabit range for 8k footage though

@clear igloo a packet pushers podcast has a video engineer for a live broadcast company. He was talking about complexity and their raw 1080p footage was 7gbps.

Yah, I was just looking at an IEEE document that mentioned they did 2x 100Gbps pipes for stable 8K transmission
https://ieeexplore.ieee.org/document/7936827

@hollow marlin Those were at 24fps rates, what I mentioned. Should have edited that in

I cant even imagine. Also the ultra low latency with a lost packet or two destroying the entire stream. LAN side of coarse

Yah

https://i2.wp.com/vashivisuals.com/wp-content/uploads/2014/06/VV4Kdatafinal.jpg

Just put deep buffers everywhere

https://packetpushers.net/podcast/heavy-networking-424-broadcast-media-using-ip-networks-part-2/

Good episode. I was wrong, I was thinking of something else. He said 4k 12gbps and 8k being 48gbps

Nice, I'll definitely give it a listen

Gonna have to dig into this...

... That 4K raw number looks wrong to me, is that HDR+ or just standard 8-bit color?

I would have to go through a bunch of legal stuff to start a business, learn how to make a DHCP server or manually assign IPs, I would also have to buy an IP Address pool. You also have to abide by the US Government and do whatever they want you to do, part of what I assume is assigning IPs. Not only that but I have to learn the security side of things too to prevent from being hacked or getting DDoS attacks. Im thinking of having the equiptment on farming equiptment like grain houses and stuff like that. I also have to find a base site that isn't too far from fiber, the more fiber I have to build to the main site the more it will cost.

I'm sure there might be some that I am missing. Let me know.

I could probably physically set it up. But I wouldn't be able to set the IP addresses ip. Idk how things work ISP side.

@waxen scroll @hollow marlin the output with vlan 99 on switch did not show up/up status, so yes, that was the issue why I couldn't not connect to it. A "no shutdown" fixed it quick.

Thanks

I set up my new office today and feel like I did a decent job for being an amateur

Is there any difference with getting an Asus RT ac1300UHP, and/or keeping with my current rt ac1200G+?

is it possible the EPON i have from the isp to slow down the speed? on their page it says the minimum spped is 200 Mbps down and 100 up

It's a 802.1x authentication mechanism usually. What speed are you getting?

https://www.reddit.com/r/sysadmin/comments/ddk0pe/how_do_you_deliver_scripts_to_helpdesk_support/

lmao

the problem i have with scripts and letting other people use them is that often I have to code validation checks in

those blocks of checks can be just as big as the actual work the script does

you cant just go "if username empty, stop"

what if the username is nonsense like #$%^$ or contains escape characters?

Leelaroo says "I tend to expect help-desk staff to be smart enough to run scripts I provide them."

oof.

bad policy

@clear igloo da?

sure your helpdesk could be smart enough to type their username... but what if they hit \ by accident?

Yup, gotta think about what someone who doesn't know the script will do

@waxen scroll That's where making GUI out of script function logic comes in handy, this way they are restricted to what they can do. Although, yes, you still need to do some input validation, but in C#, it does not take as long to do with a shared function. Yes, its more work :/

once you need to ask for input its game over. you need all the validations.... if its a script to check firewall arp tables, you dont need input or can used predefined input

I configured a Dell n1548 switch the other day and have to say there are a bunch of enterprise features I never knew about

however theres also a catch with predefined input

for example with an HTTP site and a predefined hostname dropdown box

something like that

Well, by this, they wont edit the script by hand and add in mistakes

i can submit my own POST reply and give it an unexpected value for the dropdown

I guess it still has its problems

is ISDP the equavilent to cdp?

I saw this yesterday on the switch

i think some of the r/sysadmin people are underestimating the stupidity and curiousness of humans

It happens constantly

i would expect a bored helpdesk person who just learned about pushing their own manual HTTP POSTs to go try it on a hostname that wasnt in the list

now you have a rogue script trying to access devices and run commands that werent intended for that device

@waxen scroll at that point, perhaps having a whitelist within the script is your next best bet

Will stop all their curosity

thats what im saying, you need to validate all inputs

is matching and validating the same thing?

yes

ok nvm then lol

yes your right

arrrgh

the struggle

i released a dangerous one that had to run as root a while ago

that was fun letting coworkers use

😄

https://www.speedtest.net/result/8649859697.png this is my speed test right now... i think that my router is the problem sometime...

asus rt 66u i belive is, i have another asus, might try it to see if it's better

@oblique aurora what's the problem exactly?

sometimes my internet is getting really slow... some pages not loading, others do. no idea ... maybe i can try a fiber optic media converter thingy

anyone able to help with a network connection problem?

ask. someone must know the answer

well i just got a new wifi extender

and for a while now I was not able to connect to my 5ghz network kept saying cannot connect to this network

now it seems to connect

but I am still getting low dl and up

i am paying for 150

Well a wifi extender is problem number 1 because distance away from the router reduces the speed alone and then a repeater will pretty much cut that in half to repeat the signal

Couple that with any other load on the network, interference, etc. and you can easily see good speed drop way down

that is the the network not on the extender

@clear igloo The network, extended.

@waxen scroll The network, wireless

The network, outsourced

The definition of networking is notworking

@little schooner you kids today

there used to be so many level 1 network and systems jobs

Now they are all taken and more of the specialized jobs are common

yep

well, at least in this area, they are looking for more database admins more than anything

moved to india.... or if you're in europe, ukraine

c# developer is pretty popular too for a position

im waiting for the lolz when nobody can do level 3 positions locally cause nobody was training for a decade

the business people LOVE level 3 local

ive noticed all the big players who outsource are at least smart enough not to put all eggs into one basket

I thought the ac1300uhp was the successor to the ac1200g+, but im getting like half the speed in the 5ghz band with roughly the same signal strength....any settings on router or client to optimize this?

dont let the router do auto channels, lock one in. it could be that the channel its chosen is too noisy

Do you think a 1 gbps backhaul would be good for up to 400 people? Each customer will have 100 Mbps speeds. I know it's slightly over selling, but not everyone is going to use their 100 mbps connection the whole time.

If everyone went like full balls to the wall at the same time, each internet connection would be limited to 24 mbps.

Probably actually 20 mbps

Cause 1 Gbps isn't 1000 Mbps, it's more like 940 mbps

dunno. ive seen businesses with 3,000 people on 1gb

buy a 10gb port and inform sales that you might intend to upgrade to X speed later

some providers make you run new circuits if you dont tell them

Stop with your helpful planning suggestions sir 😛

sorry 😦

you're right, i need to be paid

@clear igloo i have way more suggestions but pls insert $300

Anyone know how to make this change from 100 Mbps to 1 Gbps?

for some reason it defaulted to that even though my other systems can pull 1 Gbps on LAN

and I'm on Cat 6 on the connected port

cable is probably bad

or its an very old computer/card

It's not old cause its Z370

apparently both my laptop and old run is reporting 100 Mbps from the Router but direct short line from Router to Laptop outputs 1 Gbps

Guys. is there any difference between red and yellow etherent cables?

Usually yellow ones are crossover

Depends completely on the supplier but usually color is just color

Our red ones were crossover back at the technical college.

I cant remember the last time I saw a crossover cable. There are no standards with shielding color

The crossovers at my 2 year school were different tips on both ends as a way to identify it

@unique crypt im Paying for 5Gbps

that ain't 5 Gbps

Then get your money back

@limber junco are you actually paying for 5gbps?

Yes

Do you mean 50Mbps? Because 5Gbps would be roughly 100x what you're getting now

I mean 5Gbps

And you'd be on a business line with proper equipment and a SLA

yes

@limber junco so what router are you using to route 5gbps

And you wouldn't be using a wifi extender to say the least. Do you mean 5GHz wifi?
Because if you have an SLA and are paying the roughly thousand dollars or more a month for that speed then I would be calling up your dedicated tech support person and complaining

I am using the Razer Sila Router

The only creates up to 2000 mbps, but that would be completely sufficient, but I have an appointment tomorrow with my internet provider.

Well it only has a single gigabit WAN port so that's problem number 1 and that 2000Mbps is theoretical maximums based on a tri-band AC capable device in perfect lab like conditions and you'll never get that in the real world, let alone outside of the router since it doesn't even have a physical port capable of sending more than 1Gbps

@limber junco damn

fuck, i have the wrong router i think

Actually, I would need a router that transmits 5 gbits or generally accepts

Stuff still doesnt add up. You would still be pulling a gig (if the razer can even do that) if you are currently getting 5gbps. 5gig routing is not cheap.

5gig routing would still require a 10Gbps capable port since I don't believe there are any 5Gbps optics or anything

And then it would just be hard limited to 5Gbps on the port

internet providers are like printer cartridges, always disappointing

@clear igloo yeah just 10gig with 5/2.5 support. When we were looking at Calix's new ONTs its a built in copper 10/5/2.5

That's pretty cool 🙂

anyone know where to get a decent Cat 6a Patch panel

@twilit current Anything on amazon will do really,

recommend Cisco ASR 1001-X w/ 10Gbps license over asus

why u smirking, we should only need 5Gbits but your licensing is bogus

;p

😛

if i have RX using 5, ive met the license, my TX cant use 5 at the same time

Hey Ciena pulls the same shit

i have to triple check special order routers sometimes cause its like... wait.... how does it work?

Even better though is you need a license to create non-management vlans on their L2 only switches

lmao

does the ubnt stuff actually handle 5x5gbit?

never tried

"6.8 Gbps (Line Rate)
"

L3

I would assume it would at least be limited to just the Edge series

we have cienna too

its sitting in my lab

i never touch it and dont know how it works

its new too

that QSFP life

@waxen scroll Its french translated into english, so the syntax is backwards

port show port x

ew

Its mostly a carrier grade switch. Mainly for transport and L2 circuits

Fucking rock solid

But support is less prevalent than Ubiquiti's. Calling and documentation

We have ~150 deployed with 6500 chassis for 80km 900gbps backhaul

speaking of 80km

i got two of those SFP for free and cant even PoC with them cause i dont have an attenuator

😄

FS.coms competitor sent me like every gig and 10G SFP they have for free

Just do what my coworked did and link them up at 3km and wonder why one is permanently showing -5db even when nothing is connected

my coworker says why not just keep looping fiber between the lab and prod until its good

not sure we have that much to loop

When I was in the field we used a pencil to wrap fiber, around -3db per wrap (testing purposes)

we only use 80km in 1 facility so i cant test in prod

nice

i was told i need to -20db

Yeah most our 80km can only get as hot as -5-6db before going poof

im happy they sent them though

its like $700 free

Id be happy!

i already bought like $20k of SFP from them so i dont even know why they agreed with our var to send anything

i didnt ask, our var was like "how about you test X brand against [vendor you already buy from]?"

i was like..... its free, OK?

so both brands sent sample SFP

Im always up for getting free SFPs, more concerned when the company wants to test this in live environments

one brand is gonna win my business cause they're $5/ea cheaper for 10-SR, the other brand i already use is gonna get everything else

our var doesnt like dealing with the one i use cause they cant directly quote

if i need a quote now it takes a day

We are still spending full price on SFPs -_-

we are also doing that

they still want me to use cisco if its cisco to cisco connection

ive been kind of rogue, so i might change that and go "look! it works fine!"

Last job we used nothing but FS.com, I suggested it (with that 80km optic), burnt out, then upper managment came down on me with "I knew that cheap shit would break"

im not allowed to use FS

they dont want to open relationships with all these vendors, they want a var

the var is doing more than just being there for orders anyway

Last job maybe had 3 die out of the 10,000 optics we purchased from them. Just got fucked at my current because layer 8.

I would like a consolidated sales/support like that

We have too many vendors

ours has a staff ccie assigned to our account, so they lean on him if we order new stuff that they havent talked to us about

like when i ordered a new model line card they were like "wait. stop. do you know about XYZ?"

Yeah thats so nice

Our juniper reps like to tell us that after we already run into the problem

ive seen worse. lying about firewall feature support on a $300,000 device and "oops. not until next year"

Sounds about right

it was checkpoint

Have never dealt with them, only heard about em

Does anyone have a recommendation for routers the 5 gbits accept / transfer?

Yah, the cheapest you'll find is going to start in the $1500+ area
https://www.ui.com/edgemax/edgerouter-infinity/

Look at the Juniper line of routers.
Edit: Ubiquiti is good too.

And you'll never get real world speeds anywhere near 5Gbps on wireless, not for a few years at best unless you find an 8x8 AX client and AP

^ Okay, I agree with this. If you really want 5 GB/s of speeds, you’ll need to use CAT 7/Fiber. Another point: even if you use the types of cables above, you’ll never reach those speeds due to bottlenecks with spinning drives.

Another way to go about that would to use RAM disks if you really wanted to use storage at 5 GB/s

Cat5e can do 5Gbps up to 30m, anything more and you need Cat6 or Cat6a for copper

^ True. I’ve used MS Azure in the past and got 10+ GB/s to the internet. So I know it’s possible, just difficult.

Gb*

Yah but that's from a DC 😛

Yes true, they have really good internet there. Because of cough cough government communications

shakes fist
da gubment!

😂

@clear igloo Do you do IT-related things?

Yah, I'm a network validation engineer

I’d love to be friends!

I break network designs and get paid for it 😄

(I’m 16 years old and already have admin access at school rofl)

I'm 17, teach my teachers how to use computers and change the network id at home to kick my parents off the internet

LOL

@leaden topaz You Australian?

yeah

Damn I was born there too

Lachlan (my name), nice to meet you.

hiya I'm lachlan

😂😂

where you live now?

US

lol, nice

I wanna move to denmark in the next 10 years

I hear Denmark is really nice

it's also going to be super fucking cold rip me

@finite mango Just one small thing, it's b for bits and B for bytes and network transfer speed is almost always referred to in bits 🙂

Yes, that's true about bits. I don't know why people are so picky about that stuff lol.

We just got students from Denmark at my school 👀 @leaden topaz

oh nice

@finite mango we are picky about b vs B because it's no small difference

True.

Walked into 2 day training class
Opened the quiz
Passed with a 90% in 10 minutes
😄

..................

What if I only want 1gbps router that isn't an ubiquiti?

Cisco ISR 4451

@waxen scroll new or from ebay?

new.

Personal use

Lol I meant to say 10gbps

Cisco ISR 4451 w/ max throughput license.

Ahh

oops. i forgot thats gig only. Cisco 4461 supports 2x 10G interfaces

either way you're not buying it

did you know you can put a server inside those routers?

@waxen scroll yeah I think lurick was saying something like that

@waxen scroll also, my Intel NUC just randomly froze right now

Ugh this happened with the last generation of NUC too. I do not understand why this is such a problem

:\

zotacs are decent

@little schooner Did you feed it the tears of a child and the blood of a mongoose?

@clear igloo where in blazes am I going to find a mongoose in Northern US?

@waxen scroll I want a specific model, MI621, but I can't find out where to buy it

Whoops, meant this one https://www.zotac.com/us/product/mini_pcs/mi621-nano

@little schooner guess its time to buy the next step up

no loss

@waxen scroll okay, so now that I'm home, I was able to diagnose the problem. Turns out, the scheduled task I created to autorun a web service application was set to automatically terminate after 3 days of running time. Since the service task never stops (unless crashing or manual stop), it was easily going to go over 3 days. So at three days, it terminated it all. I've adjusted the config to NOT have it stop running after x days and now it should be working better.

Almost thought it was Intel NUC's fault again, even after I followed all their Hardware verified lists when putting the NUC together

Good job

2nd Interview tomorrow for lead network engineer position. We’ll see how this goes

ive always been senior but never in title

for some reason i can never get it

i interview for senior and then its either "we hired someone else but want to hire you anyway" (sr pay-ish but not title) or "im going to give you senior pay near the top of the non-senior band so the pay can grow more than it would if you were hired as senior"

next job i'm sure ill finally get it

im asking for a lot of pay

I’ll get more info tomorrow. Different company.
There is no chance at senior here until the boomers croak

😭

@hollow marlin or worse.... gatekeeping in the telco industry

im friendly with a group of people who know people, its all telco, and no referral from a few people in that group ever works because i dont go to industry conferences like nanog and they refuse to look at anyone who isnt beer buddies

@waxen scroll the more I’m branching out the more I see that as well

Honestly it makes me want to attend those conferences even less

Since the people are kind of cancer

Lol

I want to go if my employer allows it, but yeah, the whole "your not a real engineer unless you been doing from the beginning like the rest of us" really turns me off.

Man I really wish Juniper's vSRX image didnt run like dog shit in VMs

10mins to boot...4gb minimum for stable release, 8gb for 1ver behind. 5 cores min but all processes are single thread and in flow mode polls 100% of the time

Then I sit with 30 IOSvs sipping less memory and CPU then a single vSRX node

how much would it cost to run a cable from the modem to another part of the house?

why does internet in australia suck, like fastest you can get is around 90 Mbps

i only get like 10Mbps

atm I'm living on 25Mbps across 7 people so drastic difference, I just want fast internet

I have NBN on Telstra and get 90-100 solidly

Also should I avoid killer networking like black plague? I hear it has a ton of issues

@unique crypt assuming no major drywall work and 1hr of work, $350 minimum labor only. $1000 max

This is from skilled contractors. Unskilled or side gig would be cheaper but those rates vary

That's the lowest I paid for already existing wires to the attic and simply having them dropped into walls with existing jacks already there

I'm finding that wire runners and electrician don't like to come out for less than that

What kind of firewall could I get that would tell me more about the kind of traffic that's coming in, and what's using all the upload speed?

Passed this today

@tawny seal Congrats! Any tips, Taking mine here in a few weeks!

I did not even study

I just kinda knew it

Fair enough

I just took my chances since my teacher had aloymof vouchers from last year

I just knew most of it

I'd say just keep reading the textbook

And actually practice stuff in Windows 10

I'll be taking networking and security also

The CCNA exam is one that they love to play around with you when it comes to deciding which of the answers is correct

They are having too much fun

@little schooner It's not about what's technically correct but what the question writer feels is MORE correct 😛

@clear igloo I finished with like 2 minutes left

They really timed out those questions

i finish with like 20min left

im always in the 800s

new test i'd probably fail

they changed up a ton i think

God that interview was so awkward

oh. one of THOSE.

conversation didnt flow?

I tried to keep it going. I'm a bit on the quieter side in person but can hold a conversation easily when I need to... He just had no questions for me and at one point asked if there is anything he should cover in my resume....but...that's what you are here for

First interview when amazing

rip

my boss tried that on me

"hey i need you to interview someone in 5min"

but... ive never interviewed someone before?

what are we hiring them for?

if that guy was technical i bet thats exactly what happened

@waxen scroll my score was near 780

I only had lab and home practice, no work practice

In fact, still no work practice because the school thing I do is volunteer not work

And even then, the prof doesn't want complex things, so I am limited to what can be implemented.

@hollow marlin you dont python do you?

I started then gave up when I couldnt find a use

@waxen scroll Python!!!!! 😄

I'm having trouble getting ssh outputs into arrays without a feature called fsm. But I suppose it's not possible

I wish I knew more than super basic python

I can at least do something with pascal bc I spent 9 months doing that for my programming class

I know I can learn it, I just need to find use cases for it like I do with Powershell constantly. It sticks better that way for me. The fact that I have to revisit it daily lets me remember.

I found a few small cases to manipulate show command info but I also can't find a major use case. Too many people running around telling us that coding is the future for networking.

We use Excel template for major stuff and it seems to me that it makes more sense to do that then to give a script the information live and potentially screw it up

If work bought us some fancy Enterprise program like ansible tower where it's GUI and can easily be shared between people, I can see it

I've seen coding relevant in Cisco ACI because it's such a chore to use the GUI

@waxen scroll what switches are you using? The Nexus Switches support APIs that can be in JSON format

Nexus and ios

I'm a little scared of enabling the API https because it opens me to more risks vulnerability wise

Yeah of course, it's a trade off

What are you trying to do with Netmiko?

Two things right now. One is an arp scanner which scans multiple cores, dedupes, then does dns and ipam lookup before dumping into an Excel sheet. This is a report for maintenance. Next is a VRF scanner. Take a VRF name and get the configs for it across all network devices. My issue is I can't do an array without textfsm and have to dump to a text file then import to an array/list

And why can't you use TextFSM?

I can use textfsm but there's more bullshit involved. I have to learn it. It also makes it harder to distribute the script unless I make a jump server with all the dependency like custom textfsm definitions

Yes it's me being lazy. I'm just curious

Yeah I get that

I did two things before I learned TextFSM. I made an array by separating at the space " " or I counted the characters I knew the output would be

Example 1:

  MAClst = [];
        for char in showMAC:
            MAClst.append(char)
        MACvarsplit = (''.join(MAClst).split('\n'))

Example 2:

interfaces = [];
for line in showMAC.splitlines():
        #only grabs interfaces that are not equal to userVLAN
        if line[2:4] != userVLAN:
            interfaces.append(line[38:47].strip())

But of course TextFSM is so much easier

lldp = net_connect.send_command("show lldp neighbors detail", use_textfsm=True)

    # iterate over the list
    for lldpf in lldp:

        # grab only "W" capabilities
        if lldpf['capabilities'] == 'W':

            # grab some information
            ap_ip = lldpf['management_ip']
            ap_port = lldpf['local_interface']
            ap_name = lldpf['neighbor']

Thanks

@radiant crane wait a second, textfsm is like treating it as an object and going through its properties, not just filtering output?

yuppp, they're custom templates people have made

I can see why that is much more time efficient

You just have to write out the entire command, no shorthand

Yeah. That's good, then if someone else is reading it, they can know what it is too

You guys have a GitHub? That's where I put all my random scripts

No

I'm thinking about it but I make these scripts on company time so they own it

Huh, I never viewed scripts in the same way as software

To me scripts are a process, just a quicker way to do it

ScRiPtInG :D
Run Keyword IF ${v4uniconvergence[0]} > 4 Log IPv4 Unicast Convergence Greater Than 4 seconds WARN
... ELSE IF ${v4uniconvergence[0]} > 10 Log IPv4 Unicast Convergence Greater Than 10 Seconds WARN
... ELSE Log IPv4 Unicast Convergence Less Than 4 Seconds
Log ${v4uniconvergence[0]}
Run Keyword IF ${v6uniconvergence[0]} > 4 Log IPv6 Unicast Convergence Greater Than 4 seconds WARN
... ELSE IF ${v6uniconvergence[0]} > 10 Log IPv6 Unicast Convergence Greater Than 10 Seconds WARN
... ELSE Log IPv6 Unicast Convergence Less Than 4 Seconds
Log ${v6uniconvergence[0]}
Run Keyword IF ${v4multiconvergence[0]} > 4 Log IPv4 Multicast Convergence Greater Than 4 seconds WARN
... ELSE IF ${v4multiconvergence[0]} > 10 Log IPv4 Multicast Convergence Greater Than 10 Seconds WARN
... ELSE Log IPv4 Multicast Convergence Less Than 4 Seconds
Log ${v4multiconvergnece[0]}

Oiii

Scripting is so much fun, ngl

It's basically learning how to put yourself out of work, but at the same time, it isn't as automation is a thing

@clear igloo ahhh, I hope CCNP exam is not like that too.

Is it?

The new one?

Yeah the new one has a section for Automation

https://learningnetwork.cisco.com/community/certifications/ccnp-enterprise/encor/exam-topics

The topics look interesting. And finally an understand of igmp on switch or the router version is taught

Vrf I never played with

VIRL is suggested for CCNP training?

I'm not looking forward to actually buying the equipment

Yah, VIRL is a good way to not buy a ton of gear

My company uses VRFs for everything, it's so needlessly complicated lol

@radiant crane I just hope I eventually get it so I can comfortably implement it

I thought some stuff from ccna was hard

Yeah it was hard, I thought I failed it for ICDN 1 and 2

Are you waiting until Feb to do the CCNP?

@little schooner I am using VIRL for my CCIE labs. VIRL images + EVE-NG is the best labbing experience.

@radiant crane VRF use really depends on your use case. What are they using them for/what scale

We use VRFs for every network, so security cameras vrf, staff vrf, guest vrf

Even though they are different networks with different IP ranges already

So when you're troubleshooting you'll do sh ip ospf neighbor

And troubleshoot that for an hour then remember it's sh ip vrf Guest neighbor

So on and so forth

at least you're not dealing with VDCs as well 😛

Oh please do tell, what's that?

Virtual Device Context, used pretty much only on Cisco Nexus 7000 series boxes. It cuts the box into virtual instances that live on a physical box

Yeah no thank you

😛

I'm ripping out VRFs when we upgrade our distro switches

It'll be OSPF area 0 to the core

Haha, nice. And just firewall and ACL off everything instead 😛

VRFs have a good use but only when done properly, you don't need a VRF for every network though

Yeah I can see the appeal. I think one article/person mentioned if your company bought another company with the same IP space, that would be a good use

Yah, ISPs use them a lot to keep customers segmented since you're almost definitely going to have overlapping routes and don't want Customer A to leak into Customer B's network and vice versa. Have multiple tenants/customers in your own network is another option for larger companies too

Oh true about the tenants. ISPs use full VRF though, not VRF-lite right?

Yah

Yeah we're not that fancy yet

I have like 15 vrf!

And mpls at my network edge!

Linus vlan tips

Drop all the packets that way 😛

🤔

Jelly?

https://www.bestbuy.com/site/arris-surfboard-32-x-8-docsis-3-0-cable-modem-white/4600801.p?skuId=4600801

Is Comcast lying when they said that this modem is not Bridge-mode aware? The technician kept implying that only their modems works for their Internet service.

I think they are honestly. Those work just fine. The only problem you run into is when your internet is out. The moment they see you're not using their modem they'll hang up

im pretty sure all that modem can do is bridge mode

why are you calling comcast on it?

@hollow marlin job = ?

@waxen scroll my professor got a call from the dentist doctor, complaining that their entire network is down. Router had internet access, workstations had internet access. Domain controller was somehow changed from static IP to DHCP setting.

Told prof that Comcast Gateway defaults to Router mode when it's reset and that's when the problem starting getting worse. When you factory reset this particular router, it keeps the old static ip address. He couldn't connect to it. The modem was purchased today from a best buy and connected immediately

Then only the IP phones didn't work. Everything else was. Unfortunately, prof had to be in lecture by 4 something, so the fastest solution was to call Comcast to fix the problem

But then Comcast told him that modem that was bought didn't fully support bridge mode.

Obviously a lie but can't believe they speak misinformation like that.

Mind you, this is all happening during my physics class lol

@waxen scroll the doctor also grew impatient, so I guess calling Comcast was the last comfort resort to show that progress to solve problem was still rolling forward

@radiant crane so true. And even lie to the customers about it

xeon... pls

do a VRF lab for us

oh yeah please

@little schooner Requirements: 2x Simulated WAN provider, 2x remote office connected to simulated WAN (WAN1 to office 1, WAN2 to office 2), 1x Datacenter WAN edge router (2 VRFs one per provider, and global tables), 1x firewall connected to DC WAN edge, 1x switch connected to FW (DC LAN), 1x simulated server

I need you to provide resources from the server to remote office 1 and 2 without allowing them to anything else in the datacenter or between themselves. you may not share a default route or routing tables from the datacenter into their networks

you may not leak their internal routes into your datacenter or share between remote offices

because you're new, ill give you a huge hint... that firewall needs to do some sort of NAT. If you generate routes for this NAT, you can share them to the WANs but dont share the same NAT address with office 1 and 2.

draw it and someone will tell you if its good enough to start labbing

@clear igloo i think he ran

@little schooner this is close to what i do sometimes in the real world

I'm still here but my dog just got sprayed by skunk

Just my luck

Also I'll do vrf when the time is right. I feel time is not right at this moment

@waxen scroll So I just got an email for a job offer.....

You remember how low my current area is in terms of salary to market value, they even low balled that

is it more than you make now?

LESSSSS

lmao, bye

watch louis rossman "the power of no" videos

just reply "no"

no emotion. just say no

let them bake

I just responded by email with my desired salary. I know 2 people who work there and they said they do not know why they offered so low

This is also about an hour away where the cost of living is even higher than here. It honestly a slap in the face

i would have said no to it just being an hour away

Its a better city and I would have considered moving

https://tenor.com/view/kristen-wiig-bridesmaids-kidding-me-fucking-kidding-me-seriously-gif-3547686

how I really wanted to respond

im about to get my review and i feel like ill feel the same way

expecting the bonus to be like.... $200

Does Realtek RTL8125-CG gives any real improvement over Intel I211-AT if you are just connect to a Gigabit Ethernet?

I don't know but curious to know the answer

Today I just got a Nighthawk 12X Wifi 6 router

but its in AP mode and I don' thave wifi 6 so...

@thick minnow if you have one of the newest smartphones, like the s10, they have wifi 6 capabilities

S10 is the only wifi 6 smartphone I know of right now

Pixel 4 should have it when it launches though

Huawei might have it

Like the p30 pro maybe

yah, maybe

@clear igloo what about the note 10?

Have wifi 6 capabilities @little schooner

Is there anything with 6 over 5 that really makes a difference?

Not sure if this was common knowledge, but, when I tried to use my Gmail account for alert monitoring of servers and stuff, Google would actively refuse to accept credentials of my account, even with "Turn on less secure access" setting. It would ask me if it was me who logged on and I clicked the "Yes it was me" button to add it as a trusted logon source.

Nope, that wasn't enough either. Still getting silently blocked when server tries to use SMTP settings to send test email. What got it to finally work was to enable Two-factor authentication on Gmail account and then use an App Password. It immediately accepted the app password when server tried sending test email again and went through. I was able to get the email.

So in other words, Google errs on the side of mandating App passwords instead of regular password with no two step for personal accounts?

https://unifi-flexhd.ui.com/?utm_source=Ubiquiti+Newsletter+Subscribers&utm_campaign=5bfb57bf75-EMAIL_CAMPAIGN_2019_10_10_01_24&utm_medium=email&utm_term=0_1c1b02cb37-5bfb57bf75-238432313

lmao wat

I kinda like that idea

If only they focused more on stability vs. new products. Can't release stuff that has buggy firmware, even in the stable versions

@radiant crane i got half my VRF script done but i ran into an annoying issue on ASR9k / ios-xr

if destination in (0.0.0.0/0) or destination in PS_LURICK or destination in PS_JAKE_HATES_TECH```

im not sure how to get it so the script can read that second line and go "OK, ignore any IPs in ( ) and make an array of the prefix-set names"

right now i use textfsm to match show run and dump anything that comes out into an array

i then loop the array to look for "if" and then it does an awk type deal to isolate each word

so if i say array['config'][3] i would get PS_LURICK ideally... if (0.0.0.0/0) shows up instead it shits itself at the moment

problem is if i try to fact find using [3] and keep going up, eventually the script will get an exception

before you answer, i also want you to know that second line is dynamic in length

some might be 1 destination, some might be 10 (lets just argue)

this crappy problem is the last one i have to deal with for IOS-XR... then i move onto the NX-OS part of the script

You would use something like

if "something" in output:
    do_something
else:
    do_something_else

But you would have to show my the TextFSM output so I can see

the output looks like this

im not at work so im just freehanding

['route-policy block Xeon'], ['if destination in (0.0.0.0/0) or destination in PS_LURICK or destination in PS_JAKE_HATES_TECH']

im running a "show run route-policy Xeon"

the reason textfsm outputs like that is i need it all in an array so i can dump it into an excel file

its a VRF crawler that dumps the configs for the VRF into excel

if the VRF is calling a global object such as a route-policy, the script goes and investigates that so it can be included

i could potentially run it in textfsm a second time under a special template as well, but like i said its dynamic length and the (0.0.0.0/0) can be anywhere

textfsm doesnt seem like it can handle either of those two things

ive only seen textfsm templates for data thats always in the same spot and same-ish length

@little schooner please run that VRF lab

i cant tell you how much further ahead of like 70% of "network" people you'd be just knowing that

@waxen scroll alrighty.

thats the spirit

draw the diagram and let us have a look

Not right now, but I'll get to it eventually

@waxen scroll I'll look at it tomorrow when I'm in front of my work computer, my brain is fried right now

Right now I am fighting supermicro support

They dont want to support email alerting

snmp

Dont I need a server setup to analyze snmp data i get?

Also, it looks like their IPMI refuses to make a connection request to gmail to send the test email message

yep. and that server emails!

I don't understand this behavior from the IPMI

lol true

I think they broke email functionality with the latest IPMI revision

I see no traffic in vlan 99 from it attempting to access gmail server

what did the packets say?

;p

Nothing. It doesn't even send any packets

As if its broken functionality

FW is disabled for it

I am in same vlan

port mirroring activated BEFORE it hits router too, so not getting blocked

Its dumb, how could it just suddenly die?

did you power cycle the server?

drain the juice, plug it back in

That I did not do. The only "power cycle" that I've done is simply to the IPMI interface itself.

I can't power off the server until like 11pm though, its being used at the moment

I was hoping maybe resetting the IPMI interface itself would cause it to work again

but it might result in having to power off the whole server.... something that is devastating to productivity in a business environment

sorry... to a enterprise environment lol

well maybe they shouldnt have one server for the whole business

That is true. I wonder why they only budgeted for one server from supermicro

dell? you said its supermicro

My mistake, I am thinking about dell right now lol

Im supposed to go to the dentist again tomorrow

they have a dell server there.

but the dentist is your professors client

Yeah. But this one is paid.

We are working together

The meltdown was wednesday

IP phones were not getting IP or able to get phone calls

That was the one with Comcast fixed it. I still cant believe they lied to my professor about the modem not being true bridge mode

@waxen scroll With the new ban on Hikvision and Dahua cameras being sold in the US, do you think places like Amazon would stop selling them?

I buy a bunch of their IP cameras and really like em. I am not looking forward to buying american made cameras that are like 3 times the price

yes, however some 3rd party sellers may sneak through

That is really disappointing :(

But yeah, have to depend on 3rd party

https://www.reddit.com/r/sysadmin/comments/dfqg4r/just_bought_a_certified_refurb_macbook_pro_and_it/f35g7qe/

omg louis should totally get his hands on that

No one answered my question do I then I will take the answer as no, there is no difference between WiFi 5 and 6 that makes any noticeable not small difference.

@lean pollen
Up to 40% Max speed jump from 5 to 6.

That's about it afaik.

Don't know what WiFi I am on, but my internet connection is the bottleneck anyway

So, so what

(150/20)

Does anyone know how to portforward an ipv6 for hosting games like rust or minecraft?
Do i set a static ipv4?

@thick minnow Usually you don't have to make any port forwarding for IPv6, you already have a public address accessible from the entire world. (... World of IPv6 connected devices that is) But most routers do not allow inbound connections, for security reasons. Look for some sort of firewall settings in your router, and make the appropriate rule.

@craggy parcel How do i allow friends to connect?

Say i portforwarded, do i give them my ipv6 or ipv4?

@thick minnow I don't think we're on the same page here...

@thick minnow Consider this logical layout of your network...

The blue line is IPv6 traffic, the red line is NATed IPv4 traffic..

The IPv6 traffic is NOT passing through NAT, and therefore you would NEVER need to make port forwardings for IPv6 traffic, it is usually filtered by the router, so that only responses to traffic you initiate is allowed through. You need to configure the router to allow IPv6 traffic inbound to the game server.

The IPv4 traffic is passing through NAT, and you will need to make port forwardings to make things work.

What IP you need to give to other players, depends on wether you need them to use the blue, or the red route. If at all possible I would play over IPv6, as that will give totally bypass NAT and all it's mangling of the packets.

@craggy parcel The problem that i encountered first was while i tried to play minecraft with my mate

He couldn't connect regardless of me adding exceptions in my firewall and shit

My router doesn't even offer a portforwarding option

Do you mind if i talk to you about this when i am home?

You seem to know a lot more than i do

@thick minnow I have no idea what timezone you're in, so I won't promise quick responses. I will however, look at direct messages, and messages where I'm mentioned.

@craggy parcel Alright, thank you; it's 12:24 pm for me atm

That means you share my timezone. 😉

Anyone online wanna inform a noob on VLans and DHCP?

VLAN - Virtual segmentation of a physical network into multiple logical networks
DHCP - Dynamic Host Control Protocol - Host broadcasts a request and the first server to respond with valid information will then give the host various information including an IP address, Subnet Mask, Gateway, etc.
VLAN + DHCP - Uses a helper address per SVI (layer 3 gateway) to redirect the DHCP request to the DHCP server(s)

Expand on what you want to know and I'll deep dive on that 🙂

So what I was wondering was is it possible to have a DHCP server running on both the LAN and VLAN without them conflicting?

Like if I plugged in a server, how does the server know whether to get an IP address from 192.x.x.x or 10.x.x.x?

I have got all unmanged switches in my network btw

If it's not possible, what's the best way to assign addresses to devices on the VLAN? Does it all have to be manual?

What kind of DHCP server? Windows? Linux?

PFsense

Ah, so on the router then

I'm not looking for exact steps . . . just a general overview/best practices

Yeah

Then, depending on the design, you would assign a DHCP server per each sub-interface on pfsense which corresponds to the vlan I believe

Robsch . . . you've been typing for a while now, making me nervous 😂

But you mention unmanaged switches, are you just grouping the switches without actually doing VLAN tagging?

Would an example sub-interface be the parent LAN interface?

@austere scroll lmao

I was typing up something for @waxen scroll

But I just DM'ed him

My switch configuration is very basic tbh

But i can see that the VLAN has a tag of 1

A sub-interface is dividing a physical into multiple logical interfaces based on VLAN. If you're just grouping the switches and plugging them into different physical interfaces on pfsense, then you would just do it on the physical. Assign the gateway IP to each physical interface in PFSense and then have it do a DHCP per interface

So if you had:
PFSense----Group/Switch A
|
Group/Switch B

Then assign a different IP address/subnet for each interface on PFSense and setup two dhcp scopes

That's what I was thinking, so for example:

PFSENSE
|
|
WAN
|
|
LAN (192.x.x.x) via DHCP
|
|
VLAN 1 (10.x.x.x) via DHCP

Is this correct?

Only if LAN is tagged with VLAN 2 or something else

I see what you mean

Well, I guess it depends, if there is no VLAN tagging on LAN and the LAN
switch will pass tagged traffic then technically it could work like that

untagged could be put in a different VLAN

@clear igloo that reminds me, I tried having a non-subinterface setup with the Edgerouter and I could never get it working. Packets kept saying they were Invalid, retransmitted over and over and never was able to ping outside network.

Once I enabled subinterface mode on just one Edgerouter port, suddenly everything started to work. I was reminded never to buy hardware with beta software after this experience

My next router will not be from ubnt

ooof

@clear igloo because I tested multiple router port connectivity in packet tracer first and it worked just fine

One interface in one subnet and another in a different subnet

No issues. But ubnt? Total issues non stop

Lol supermicro support website didn't disable the default IIS page https://webpr3.supermicro.com/

lul

I have never had a download bug

Can anyone help me open a webserver port on 8080?

@waxen scroll should I RAID1 OS drive and RAID 6 the last 4 or 5 drives?

I ended up deciding on 10 for data

RAID 10 is best raid imo 😛

@little schooner https://linustechtips.com/main/uploads/monthly_2019_10/image.png.73abc43f982dc2e176436ff0d513d761.png
Please 😄

i decided for xeon he is going cloud instead

outsource drive failure worries

@everyone

LOL i pinged everyone

if you did i didnt get notified

@little schooner .... @rocky badge outsources his home lab to AWS so why are you still dealing in physical?

@clear igloo hahah

@waxen scroll I like to play with the server physically and through software

Also, I don't have money for monthly fee

Finally, having my backup local will save me during apocalypse

but you have money for physical hardware?

@clear igloo what do

Buy all the things!

its like when my work tells me "oh shit we have $50k to spend in 3 weeks but it CANT be for reoccurring costs, even licenses where you pay for 3 years and it expires!"

thats not enough time to buy mostly anything you arent onboarded for

you'd think lab gear, but you still need to have a bunch of sales meetings before you can even get a quote

@clear igloo someone on my team is talking about T-Rex

they want to get a server with one or more 100G NICs

i'd rather have an ixia or spirent

I mean, I guess if all you're doing is bit blasting

Yah, exactly

but i get thats its too costly

most of my testing is only ping testing TBH

if i was PoCing new gear on my own, then i might want a traffic blaster

@waxen scroll well my server was only like $500 not including tax

Off the shelf parts

@waxen scroll I ended up not having to go to the dentist for some post Comcast work. I guess the free time wasn't there for the doctor to let us do it. So it's been rescheduled.

All that we would be doing is fixing up some issues with their dentist database software thingy. It would struggle to make connections to server sporadically but for no ryhme or reason

As the environment had been working for 2 months

Good. The weekends are for Jesus anyway.

At Chick-fil-A right meow

@waxen scroll I really like their chicken sandwiches. I was close to ordering it on doordash

xeon, no. dont support on demand companies

get it yourself

😄

i dont support native delivery driver either if it means a delivery fee. BOO

@waxen scroll it's okay, I didn't tip since that's an American thing

@waxen scroll also, what to do if my dell poweredge at school doesn't want to install OS from IDRAC 6?

During windows, it says access denied 0xc000005 error, but usually that meant that the drive or media is inaccessible

But this never happened before on other iDRAC hardware

I feel like I won't get my networking bachelor degree all because of dumb chemistry

Out of 70 people, 31 got a failing grade on first exam

@little schooner On their chemistry exam?
Yuck x.x

not much of a person who dwells in the networking world, but thought id dip my fingers in a little,

dunno if this is much of a basic qustion, but is it worth flashing your routers firmware, if so which one to pick from? what are the benefits?

• DD-WRT
• openWRT
• Tomato

Honestly, the gain is very little unless you're an advanced user. The router still works the same, but you are presented with about every option that should be tweakable but isnt in the factory GUI. Most likely you wont do anything more than you do now except have more pretty screens to look at.

I personally have used DD-WRT and can recommend it

no harm in installing it with no goals.... click around and maybe ideas will come to you

Personally, DD-WRT works if you need to replace a provider box that uses a different VLAN such as Google Fiber

@thick minnow If your router is still under warranty, you should NOT flash it with anything but original firmware, as doing so might make warranty service problematic. Also, unless you need an additional feature in your router, I'd say it's not worth it.

i see - got it, my router is the regular router provided by my isp, not that great tbh,

If it's a router/modem from your ISP then flashing it is almost always out of the question

ah,

guess ill leave it be,

@clear igloo and for comcast, isn't it illegal to do?

Since the modem is part of the combo unit

Maybe not illegal, I don't think, but more ToS breaking at least and you'll definitely get your butt taken to court

Oh right. That's more accurate

There might be a law against it, probably tampering with non-owned devices or something, but I can't say for sure

There probably is

Just got rid of my tp-link consumer gear and went enterprise gear for under £1,500 if you're interested in what I got I made an amazon wish list
https://www.amazon.co.uk/hz/wishlist/ls/RQ1OKPMB23XR?ref_=wl_share

And i just set it yo now

Ubnt is enterprise lite. Enterprise stuff is like enterasys, rukus, Cisco, Aruba, etc

i'm planning to buy a 30$ dell optiplex with pfsense to replace google fiber because their wifi router and vlan translator is terrible (the modem is seperate)

i feel like that would be worse

how fast is google fiber

1gb technically

The wifi cuts out constantly though

DD-WRT worked on a test router that cost 6$ to bypass the router

well, let us know how that goes. i know ive seen gigabit tax a laptop CPU and im sure an optiplex is not much better if its a crappy little dual core or something

the processor in the normal router can't be very fast anyway

I think the main issue will be finding a decent PCIE wifi card

i believe the router is mostly processing using an ASIC

its kind of an ASIC, however it is included in the ethernet chipset

i might start after folding month because one of the folding computers might be a fine router and I don't think OpenBSD goes well with Ubuntu

ASICs are made for one task. A folding ASIC will not know what to do with routing

ASICs in the ethernet chipsets dont do anything other that packet processing. Routing and switching are all CPU in all non-router hardware

Folding Asics are gpus

Still useless for routing

GPUs are also not ASICs

They haven't made any asics for folding yet, and it seems like a gpu wouldn't apply to routing anyway as the nicer consumer home routers have low-end arm CPUs

i'm just going to see what happens

@waxen scroll not sure how I would even test 1gbps with a 4790k pfsense system. I want to see what are the limit of all-cpu routing

In something like that

Unless it has already been done somewhere... I should probably Google first

As far as I can tell, the CPU is usually used for routing

I found one link on negate community forums

And it's not all that great for 4790k

@little schooner I thought 1gig was pretty easy to hit with pfsense?

@hollow marlin GPUs are apparently excellent for routing.

I remember a research project done on the matter. I think they called it "packet shader"

GPUs are ASICs, it's just that their "application" is "do all the stuff necessary to render stuff".