#networking

Then you should be able to go to: Port Forwarding

and open the port there

Thats what I do.

But it forwards for the wrong IP

When I go to whatismyip.com on the server its definitely on .196

did you select the right interface and ip address?

Yeah

I'd show you but teamviewer has blocked me out of my server again for 10 mins. Incredibly annoying.

I´d legit recommend that you use something else than teamviewer

very sketchy company

Yeah logging into my domain controller now using remote desktop instead

Can access the router from there

Here

You can see I have ports forwarded for both the main network and my server

Main network being 192.168.0.x and my server being 10.0.0.25

and the router forwards it to the wrong subnet?

Yeah

Like I have a map for my game forwarded to port 8123

I should be able to use 196:8123 but its on 195:8123

are you talking about your public ip?

yeah

Its forwarding to the wrong public IP even though the server is on .196

Try removing the extra nat rules you have

is this a static ip address or are you using dhcp

External?

Yeah a block of 8 static ips

Internally DCHP is disabled outright. On the main network we have the domain controller which handles DCHP and on my server I just set the IP in the ethernet adapter properties. Static

I only have two NAT rules

And those are needed to give my server it's internet

https://cdn.discordapp.com/attachments/387022787480387605/651858483095928842/unknown.png

Are you still using this? Because if you are then the server isn´t on the right subnet

I created that vlan as a test

Its not doing anything

But yeah eth2 is what i'm currently using for my server.

and can you ping the router from the server and can you ping the server from the router

Yeah

If I go to 10.0.0.1 on the server it brings me to the router control panel

port forwarding would forward ports on both IPs yes?

Thats what its doing for some.

For example my game on port 25565 is accessible though both external IPs

But not other stuff

I think the safest thing is to put in a second router so you don't muck around in a business critical router

How would I hook that up?

Gateway > switch > both routers?

you really don't want to be that guy that messed stuff up

yeah

messing stuff up= learning ;p

assuming you can cable it as such

messing up a business for a personal server = trouble

I mean i'm doing it from home on off hours

And I have a backup of the config

So I can easily restore

you can lock yourself out accidentally though

Yeah if you don´t lock yourself out

I get that

The number one scourge of networking

it's easy to mess things up

lol

But I mean I can go in the morning and restore it manually

that's why there's a serial cable

I mean assuming you don't happen to get robbed overnight and have all your IP cameras not working

it's a poor risk imo

I don´t have a count on how many times i´ve had to reset my home network because i locked myself out

Nah those are all hooked with coax to a DVR.

But yeah I get the point

But can I connect two routers to a single gateway?

Sounds like it shouldn't work

No you would connect the routers together

I was suggesting two parallel routers

but the question I'd have is how are you getting two WAN connections atm on the existing router

I´d legit get a switch

Do you have two lines to your home?

or are you connecting through a vpn

it's a business not a home

Yeah but he is at home?

what I mean is that, are you getting multiple external IPs through a single connection to the router from the gateway atm?

Yeah

Like that at the moment

what about the 2nd ip?

can we see your interfaces?

Yeah just a sec

thanks

hmm is the gateway the ONT?

lol yeah I guess that's easier @shadow shoal

))

ideally the red is already a switch and it's fiber to SFP lmao

And under routing you can see the gateway

this is weird

This is just the default config of the edgerouter

Only thing I added which you can see in those screenshots is the second IP the wan interface

yeah but having two wan ips is weird

on the same interface'´

he has a /29

Yeah

so actually the 193 is assigned to the edgerouter

ahh

ok i see

193 - 199 is the /29 I think

I'd say so.

Thats what i've been told

Under settings gateway is set here

so nat overload should work then

https://help.ubnt.com/hc/en-us/articles/204976494-EdgeRouter-Source-NAT-and-Masquerade

I think I was suggesting he'd first VLAN off the personal server

but yeah and then take one of the IPs for the vlan

Yeah i´d recommend that

I was trying to suggest that if it's hard to do that he could plug a second router in parallel into the gateway, but I guess it's already assigning multiple addresses to the router so maybe that's a non-option in terms of mucking around with more config settings lol

instead of VLAN of course. since it's easier

yeah not a great setup for a beginner in networking

totally lol

Its very confusing haha

No worries i was very confused when i started

is there anyone at work who actually maintains the network?

because for them to set it up shouldn't take that much time

or is that you? LOL

Yeah the IT manager. But he knows about the same as me on networking haha.

I mean it's a bit weird to have a /29 yet only use 1 IP ever

at least to me lol

and I assume there are no VLANs already

Yeah as far as I know.

Flat network baby

yikes

I don't even flat at home anymore

lol same

and I have pretty bare bones level understanding xD

I mean we don't really manage any big servers or anything. Like I said we are small company.

We just have a few ports forwarded on our single IP and thats it

Our domain controller server does DCHP for the network.

Yeah small companies are understandably not making a huge effort in their networking system

It´s how it is

Well small office I should say

We are a global corporation

But each office handles their own stuff

yeah

We moved our file storage etc into the cloud.

The only server we actually have which is used everywhere is our sage accounting server.

lol computer security is quite poor for most things

it'll take 1 randsomware attack for your business to go under

that's how I see businesses die these days at least

i hope you are making backups securely

))

Well like I said. Everything is stored in the cloud.

We use google drive for everything

We do take a backup of that though.

What i would do in regarding to the server is: put it on a vlan, not vlan 1 btw

secure it by making firewall rules that disallow traffic to it

Will that stop the wrong IP port forwarding issue?

I don´t think you need both destination and source nat to the server btw

You can try removing source nat rule

you would just route everything in that vlan out a given IP

see this: https://help.ubnt.com/hc/en-us/articles/204952274-EdgeRouter-Policy-based-routing-source-address-based-

vlans are love

except no inter vlan communication is desired in your case

Okay

I'm assuming other lan is the connection directly to your server?

Yeah

So I need to do something like this?

regarding the dhcp server, I'd just use a static IP for the server since there's just 1 device lol

Yeah I am. Currently using 10.0.0.25 for the server

Set manually in the ethernet adapter

oh wait

it's a different port on the router

you don't need vlan do you o.o

just realized it LOL

usually you do vlans like this: router --> vlan aware switch --> devices / server

and then you put things on specific vlan as appropriate and muck around the rules

what you have is you two lines into the router on eth1 and eth2

Yeah

195 to eth1 for the main network

196 to eth2 for my server

Thats what the 1:1 NAT guide told me to do.

I think all I'm saying is that you don't need to add VLANs since you can just do the entire interface

Okay that simplifies things.

My goal would be to put in some kind of isolation between eth1 and eth2

And to also fix this wrong IP port issue

ok try removing the destination nat rule and only leaving the source nat rule

Okay

No that broke my server

Cant connect to it now

Yeah people on the server were fine. But anyone trying to connect couldn't when I deleted it.

I put the rule back and all is fine.

so what's the remaining issue? isolation?

also that port forward isn't right either right?

Yeah

yeah its choosing the first ip always

ignoring the firmware version issue see: https://community.ui.com/questions/How-to-properly-set-up-multiple-WAN-IP-addresses-with-port-forwarding/6df70aba-0ae9-416f-b5c5-4cc07163f800

having multiple wan ips confuses me tbh

isolation should just be firewall rules

Yeah isolation is my second priority

yeah its always firewall for layer 3

I figure that can be done a lot of easier

The main problem is the port issue

Yeah I checked that link you sent Blue. Doesn't seem to be a fix in there. Just people trying to figure stuff out like here haha

What the dude said about there being no Original Address in port forwarding makes sense though. It seems like in another router this would be a lot easier.

edgerouter can be clunky sometimes

I bought it because it was recommended to me here haha

No worries i have one too

i´m currently using it with a bunch of vlans and to route my own ipv6 /48

works like a charm but configing it can sometimes be weird

I see

hmm? the guy at the end said he got it working

oh

yeah by going to an older firmware

btw never update firmware straight away

So that is what I need to use?

I'm on the latest stable firmware right now, not the beta.

EdgeRouter 4 v1.10.10

like I said

just ignore the version lol

That screenshot I sent is what I need to do though right?

I´m on 10.09 because 10.10 broke ipv6

nvm that wasn't the dnat thing

I think I'm on 10.10

what broke about ipv6?

It just wouldn´t route

oh nope. I'm on 10.9 too lol

lol

ipv6 working

yeah 10.9 is solid for ipv6

So which part of that forum post is the part I need to do then?

I think the part you highlighted or maybe the jumbled config

I already have two NAT's though

Thats the same thing no?

I didn't have time to read it past that he got it working

and that it's what you want in terms of functionality for the public ip

I dont think everything is there in that forum post tbh

i kind of feel like your current config should work

but i´m not sure

I dont think I should be putting ports in the port forwarding section

Its opening ports for both IPS it clearly

So I need to do port forwarding using DNAT and SNAT I think.

Thats what I make from that forum post anyway.

You can try and see if that works

trial and error

Well

Just read in the forum post and he said 1:1 NAT doesnt seem to be possible.

So I think thats what he is trying to do

Which is what I have done already. I followed a 1:1 NAT guide to get to this stage

This is my current config for DNAT

yeah you seem to need to use dnat rules for dnat

because the port forwarding windows doesn´t let you control which WAN

Exactly

So DNAT is inbound information

And SNAT is outbound?

yes kind of

Or Destination is inbound etc....

Okay I get that part

So I need to create a rule forwarding both?

But since I have specified no port shouldn't all ports be open?

not if you have configured firewall correctly

Oh yes the firewall policy

I added a rule to WAN_IN

but yeah you should include the ports in the nat rules

I added a rule to the WAN_IN firewall policy to accept all protocols, with a destination address 10.0.0.25 for my server. Default action for WAN_IN is to drop btw.

I didn't add one for WAN_LOCAL though.

Not sure what that rule is doing.

You don´t need to configure for wan local

What is the purpose of that rule?

if you for example want to be able to connect to the router from the internet

It´s only to the router and not to devices on the lan

so only to interfaces on the router

So its configured correctly?

https://www.youtube.com/watch?v=YRWnkEUkfs8

This is what I followed originally.

Exactly to the point i'm at right now. Maybe you'll see an issue.

the same as this? https://help.ubnt.com/hc/en-us/articles/115009504308-EdgeRouter-How-to-Distribute-Public-IP-Addresses

Not quite

They didn't do the firewall rule in that article.

But everything else inc the NAT stuff is the same yeah

Ooh ohh ooh

Its forwarding ports to both IPS

So if I put a blockade between eth 1 and eth2 would that stop it?

Because on the main network I can write 10.0.0.25:8123 and it also shows my thing.

So maybe its cause both networks are connected

How would I go about setting up some separation?

Dose anyone have a good modem recommendation?

i want to buy the XR450 router

but i need a modem

NAT to the rescue

?

@fluid meadow I was replying to the other guy

Who is your ISP @fluid meadow

xfinity @clear igloo 1000mbps down and 45 up

NETGEAR CM1000v2 or CM1200

or the Arris SBG8300

Yes i know

wait

nvm

thanks

is the ISP provided modem just shit or?

Comcast charges $10? a month for theirs

lol

So best to bring your own 😛

yeah understandable

So whats the worst US ISP?

boost mobile hotspot

@shadow shoal Comcast

Prices go up drastically every year

strong contender for the top spot

They push all fees to customers

They have bad negotiators

They give only 5mbps for a 300 mbps connection

https://www.reddit.com/r/sysadmin/comments/e5ng0u/sprint_blocked_all_of_cogent_from_accessing_their/

This is also hilarious

Sprint has awful download speeds on 4g

Also why is it so hard to get a sim card with like 20 bucks worth of internet data without doing a contract

If i´m visiting for a week or three i´m not gonna sign a contract to get data for my phone lol

@shadow shoal but that was months ago. I did a test now. Looks like they finally Improved

Comcast is fi e

:bless:

Fine

Frontier is far worse

@edgy pasture Comcast reminds me of the worst in people

Frontier is even worse yeah

You have never met frontier

lmao

Frontier made me apprieciate comcast

frontier

support

Pick one

Frontier is a trap. I guarantee it. You see their trucks servicing neighborhoods more than any other isp

They have a infrastructure problem

They lied, added random things on, and took 10 days to install my internet which consisted of them plugging in a wite

They charged my dad from 100 bill to. 298

Yep

I would like a monthly plan

Sure

@edgy pasture this
https://arstechnica.com/information-technology/2019/07/frontier-customer-bought-his-own-router-but-has-to-pay-10-rental-fee-anyway/

Bill shows up 2 year contract with extra 70 install, 20 a month for security

They force it on you

They lied

Straight up

I asked for thing

damn they are squeezing every penny lmao

They charged me for more

Worst than Comcast

Would you like this? No... on bill anyway

Far far worse

Comcast is actually fine

also

the couple pays $90 a month for a 150Mbps

wtf

that is terrible

Thats fine

Fronier ended up after fees and bull

150 for 100

90$ a month is redonk expensive for 150mbps

At least y'all aren't rural schmucks like I am, paying $60 for 6Mbps down on AT&T DSL

Comcast i paid 60

god pls why

For 250

@vernal gust it's abuse that's what it's called

Wasn't internet declared a human right?

No

It should be

Paying 120? ish for 1gb down/up in Euroland

Eh

Where around 80% of the people in my country have fiber

You can live without internet

Maybe.

But it makes a lot of stuff easier

I pay 60 for 1gb up down

No contracts

No fees

You plug in router, it asks you 100 or 1000

Also no contracts or fees here

And your done

@edgy pasture I'm waiting for the new fiber isp to come to this area

The price will be like 50 flat for 150 up and down

Frontier fiber isnt fiber

Dont believe there lies

No. It's a different company

lol its not fiber all the way to the home?

They are building it out in my town

It is but they cap it

wat

70 up down

@shadow shoal AT&T pulled the same lie too

is that even legal

It was fiber to the neighborhood and then dsl to the home

Legal or not, people do not have ability to fight an is0

Isp

Trace down their management and hold em hostage

yeah and its often that that certain ISP is the only one in that city or whatever?

Yes

so people can´t change their ISP even if they wanted to

Yep

which is just terrible monopoly

Im lucky as i have i fibersphere

Best isp ever

Only like 5 ISPs in my country, most are pretty good

haha i only have 3 isps in my country

i hate isp monopolies

discourages innovation/competition

competition is always good

While some ISPs do fuck customers over, people generally do not understand how expensive it is to be an ISP

@hollow marlin but the big players really scam more often

Comcast wants $109 for internet only service for 100 mbps

But if you bundle it becomes 69.99

With price increase to 99 and then 150

Stupid

I would easily pay $100 for 100Mbps if the company business practices were upfront and fair

@vernal gust hah, the upload speed was 2mbps

Even more disgusting

Part of it has to do with legacy billing systems and consistency

@hollow marlin gets me more excited to finally switch to fiber only isp

Where it's 50 flat

They use newer systems

You'd be surprised how hard it is to keep track of all the billing and plans

Yeah it must be challenging

We cover almost 2 full states and its a chore. I cant imagine having to manage the entire US

Im in the process of closing a house and I cant wait to get fiber again

Im in the one location we cannot get fiber to

The people who own the poles on the street are being ass hats and not allowing anyone to lease more space

@hollow marlin and that's probably what Comcast is doing to prevent this new fiber company from entering our neighborhood

Or something

They tend to not own the poles, the electric company does. People like to point fingers at ISPs but electrical/sewage companies are actually the most impactful on where service can be provided

I see

Anyone here have a Security+ cert?

Was just reviewing with a buddy who is taking his on Sat

Is security + hard?

I don't have money to go for it

Need to ask company to pay for me

Based on the study guide, no

I have the money, just wanted to know if it was worth it

Network+/Security+ are worth it for people getting into the field

actually very good starting points

I have the network+

Yeah I'm a late bloomer

Ahh I'm missing the security plus

I dropped put of college after a semester because I didnt know what I wanted to do

I stopped at my associates for the same reason

23 and I've been doing Tier 1 IT for a couple years and networking seems like something i actually enjoy

Heads up, IT and networking are two completely different worlds

Im doing it for fun now but get employed soon

Hopefully by next year

Like I said, if you were in the NY area Id take you under my wing Xeon

Yeah that would be cool

I know I have a lot to learn

It's been fun so far. At least with the prof projects

I've taken a strong liking for powershell scripting

Still have to do some python though

I started Python but then couldnt find a single use for it in production

I know, I've done some glimpses enterprise level networking when I worked for the local school district

Glimpses of*

@hollow marlin yeh if anything, powershell was being used like crazy in my prof classroom

Hate powershell

For deployment and software pushing or inventory gathering

Like wow it's a lot of fun

Thanks Bill Microsoft

Even to the point where it makes vms ready for every student account as soon as they log in

I know I'll have to use it at the server level though

@leaden flower I do have a c# background and it made it easy to understand

But a good book is " Powershell in a month of lunches"

That taught me a lot of powershell

Programming in networking doesnt come into play unless you are in mass SDWAN deployments

@hollow marlin ohh. So I still have ways to go

But even at that point there are dedicated programming teams for custom programs

Yeh

That's good to hear.

Definetly looking into that book

@leaden flower it's like the best book for it

Idk

Like, I always had a fascination with computers, but I was into it in highschool like I am now

Networking just seems high demand and interesting

Security is more in demand than pure networking I think

Like route and switch is not in demand

It still is but the market is starting to demand more rounded employees

Cybersecurity is

You need to know route/switch, security, little bit of wireless...etc

Yeah

Which is why Security+ peaked my interest

That's the new topics

A little of everything

Honestly the expectations are becoming unrealistic for a lot of employers

lol

Just be an expert in everything

Duh

That's how the big bucks are made

@vapid dune but then what kind of life is that? Focused full time on work and learn?

Big bucks? Entry positions are asking for 10years experience with professional level certs

Yeah, its crazy

@little schooner My life is almost all work and study

@hollow marlin I think that would be very hard for me

When I was a truck driver it was the same.

Everyone wanted 5 years+ experience

The networking job market is starting to crash because of the dumbass requirements

dunno I'm in software. I'm always learning

As the requirements and overall knowledge required is increasing, employeers are upping the baseline which is cutting off people trying to get into the space which is fucking reliable network engineers for the upcoming years

It's by the very nature of software and technology

You always need to learn

Sure, you have to. But to expect entry level jobs to know route/switch/programming/SDWAN/firewall is plain asinine

Know all the things!

@hollow marlin i had this issue in 2009. its even worse in your space cause all the NANOG types have these "im better than you" attitudes and gatekeep jobs. ive been burned multiple times because im not in the club

the last burn was "oh you dont know MPLS from a provider perspective?" [goes and hires a DCtech friend he knows instead who doesnt know MPLS anyway]

they write you off for not knowing topics that take less than a day to learn

as for python, the only use i found was as a crawler where you need to make custom reports for a project that is too slow to use existing tools for

I only have an education as a web developer. 1 year and 9 months. And then I have 2 years of experience. Last year I got offered a job as a senior test specialist after 8 weeks of testing and training. It can sometimes be difficult to measure competence within the IT field because of all the aspects of it. But a general understanding get you far. And if you can show that and a willingness to learn, then finding a job becomes easy.
That is at least my experience.

@waxen scroll that is 100% correct as I see it

@shrewd marsh whats your expertise ?

nodejs/php

or anything else?

So my residence for uni has decided to overpopulate the place with APs and my phone really dislikes that. I'm getting constant drops and I'm wondering if there is a way to force it to one AP (the one in my room) or just disable wifi roaming all together.

Currently on a rooted Andriod phone.

complain to them to see if they can adjust the minimum rssi?

Not really, the phone decides what to do, you can try complaining to IT about their wireless performance

Why does your phone drop anyhow?

Would a VPN help?

Already complained to IT and they cant do much. Phone drops when looking at all the connections with such similair strengths and gets confused between all of them. So it constantly switches between the different APs

@inner bloom if only there were an app that could look at the specific mac address of the wireless access point and filter out the others

or get a phone that has better roaming capabilities

Well if it's getting the mac address of a specific AP then IT could probably help me with that. So long as there is a way to force my phone to connect to that one AP

they can fix it

wireless survey + making the levels less

@inner bloom I think with root that's possible

Since you control the whole os at that point

And run some special code

To conditionally check before changing aps

did you teach your professor about /31?

I assumed there was a way. I just need to know how to do it is all

@waxen scroll not yet. I didn't mention it the last time we met since he was more razor focused on getting grant money responses emailed to people

Next time I will mention it

I did mention to him that we should charge like 30 for our work though

my times worth about tree fiddy

But he didn't take it too well based on lack of response

He said he didn't want to burn bridges

i dont know how you havent figured out how to bill the uni for your time

use the budget

@waxen scroll I'm not that good at leading action

But I'll get it down someday

When I start working for real

Right now I'm just thinking about passing my Chem and physics class

Chem is really brutal. One exam I got a 45

@little schooner you need none of that in the real world

real world implies you pass the fake world

you need that piece of paper at the end of it

@little schooner guns won't help you pass the exam

@waxen scroll I know. I just need the paper because a lot of jobs here have it has the pre-req

Dat paper

https://youtu.be/DT3SInHr9ck?t=514

cringe

did you mean #audio-tech lol

no

it jumps to the relevant part

isn't there a way to save the access point closest to you so that way when it comes within signal distance it give it priority?

they're all under the same SSID and the AP is responsible for the roaming I think

ie if you're in between 2 APs it might pick the one you were already on to a certain extent

"good enough" lol

then it's up to the AP config to determine how good is good enough

at least for unifi it's this: https://help.ubnt.com/hc/en-us/articles/221321728-UniFi-Understanding-and-Implementing-Minimum-RSSI

Minimum is best used if there is a lot of downward facing access points on the same floor or something

When you start adding multiple floors and different ap orientations, minimum rssi backfires spectacularly

I´m just surprised they didn´t do a proper survey before, or paid somebody to do it

@shadow shoal guess they paid people who didn't do a great job

That happened with my towns selection of contractors too

man that sucks

They said they would pave the whole road, and the town wanted them to pave it this winter

But they only patched and they were angry

And they fired them

good on them

at the uni I was at they had the IT guys driving around campus to detect rogue APs

Put them in...APVs

building a home automation rack for my new house, if all that the rack will have is 4 sonos amps (250 watts per amp), a 600 watt multizone amp, some apple tvs, unifi cloud key/usg and a 48 port poe switch should i be concerned about cooling? Its going to be a 25u rack so I have plenty of room to split up the amps for ventilation and 99% of the time only 2-3 amps will be running at the same time on low load. The room is air-conditioned with a small closet vent and seems to get good flow, we keep the house around 74 because we live in Florida. This is my first time building a proper media rack for a house as this is our first time building where we could run cat6 and speaker wire everywhere, I'm fairly experienced with A/V gear and have done tons of research on UBNT stuff but I just want to make sure I shouldn't pay more attention to cooling everything.

I would say give it a shot. If it starts to feel a little warm back there, definetly look into getting one or two clip fans

https://www.amazon.com/s?k=clip+fan&ref=nb_sb_noss_1

I forgot to backup my unifi controller before formatting my PC. Oh boy getting my USG set up to work with my unraid server and all its Dockers again is going to be fun.

I'm sure I'll find some use for it...

Oof

I'm not completely sane

maybe you can practice fiber splicing new connectors on

they dont really make stuff with that connection anymore

the orange stuff has been mostly phased out with aqua

true, i was also hyped when i got my cables, however beside splicing panels, ST are kind of obsolete ....

btw, if some one is interested, i got MTRJ cable tha i don't use

¯_(ツ)_/¯

https://cyware.com/news/vpns-emerge-as-new-channel-for-attacks-as-security-researchers-uncover-multiple-security-issues-a9dd4cda

Hello, do any of you know if in this world there is a switch that have 1Gbit ethernet ports and at least TWO SFP+ 10Gbit connectors (ideally tree or four) that doesn't exceed 100€ ? I think there isn't but if it exist i might try it.

Depends, do you want managed, unmanaged? How many 1Gb ports? New or used?

I'm trying to have a new one, unmanaged one. For Gb ports i think 4 will be enough

I'm seeing no switches in that price range unfortunately. Those that are are all copper based 10G ports, not SFP+

copper ? you mean ethernet ? Well it's even better (for 10Gbit ports)

@median ore copper is the medium, ethernet is the standard

I've corrected my errors since I joined the discord lol

@little schooner sorry i'm a little bit lost sometimes, what is a medium?

@median ore it's the physical cable that the network travels over. Like the rj45 cable or coaxial cable or phone cable rj11

Or not a cable like wireless

OK so when someone say that a switch is copper based what does it mean?

@median ore in that case, they mean that you connect to the switch with copper-based cables like the RJ-45 cable that you know as Ethernet

People say ethernet but they usually mean its rj45 cable

Fiber is not copper based

So you wouldn't call it copper switch

Because it may support fiber and copper connections

And ethernet is the way it's wired?

But if it's just rj45 ports, yes, it really is copper only switch

Ethernet is the rules to how data is formatted to be transfered over network

If it wasn't standard, you couldn't communicate with one brand of switch with another. Or in worst case, the US internet not being able to communicate with internet in China

It is there to help everyone agree on a standard to follow and be open

I'm generalizing a bit

OK thanks

If you want to get super into technicalities, the copper cable you use is probably cat5e cable, the connector is an 8p8c connector and ethernet is the network technology (which can run on copper or fiber optic)

rj45 is another connector that 8p8c is compatible with but not vice versa

since true rj45 has a key

and we use the rj45 wiring standard in the 8p8c connectors

Pedantic bunch...

I’m happy that there are a few plausibly priced 10 G switches at least, SFP+ or otherwise.

Hey! I'm planning on setting up my own mail server again, but I'm at a loss as to what I used before to mitigate the whole dynamic IP problem.. Anyone have ideas that aren't just "get a DynDNS account?"

@mental shard yeah, buy a block of static IP

lmao i was gonna make the same smart ass comment and decided not to

thx xeon

the real answer is dont run a mail server, its too much hassle

europe is out of ipv4, i belive

@little schooner That can be quite expensive, last I checked, people expected up to about €50 per IP, with €20 being normal. Same goes for the spam I receive from IPv4 brokers.

For residential connections the price for a single static IP, at least in my country, can easily be about 10-20 eur/month, depending on the ISP. In many cases that'll be the same as the monthly fee for the connection itself.

@waxen scroll I agree with the point of it being to much hassle. However, we still need people with the skills to actually setup and run mail servers, unless we should trust all our mails to entities like Microsoft and Google. So if people are NOT setting up and running mail servers for fun, because it's too much hassle, or always get's told not to, we could come to a point were all mail in the entire world will be controlled by a few large entities, like Google and MS for most of the world and one company for China, and another for Russia. I'm not sure if that's the way I would like e-mail to go... (And for the record, I'm using Google apps for my personal mail, and use office365 for company mail. 😛 )

@craggy parcel what do you mean by Google apps?

Like Gmail? Or gsuite?

Oh yeah, they changed the name to gsuite some time ago.. 😉

Oh

I didn't know the old name

I switched to it because it was free back then, and easier than running my own.

I think the full old name was "Google apps for domains" or something like that. Ahh.. Wikipedia says it was "Google Apps for Your Domain".

I like how easy they make it to spin up custom email domain

Hosted email is so fast to setup vs manual

Yup, depending on your DNS provider, when doing the initial owner verification

My DNS provider can take up to 1 hour, before they've synced all servers.. The one we use at work, take only about 10 sek. (Self hosted)

Wow fast

Yeah, we host it ourself, and have a small timeout, due to frequent DNS changes.

That's cool

The last place I setup email was at dentist office. They were small and they needed office too. They had money so they went with o365

But now we have to go back because they don't have enough users purchased

And they just only have one person using it in meantime

Can you have too few users in office365? Didn't know that..

Yes you have to pay per user

To be complaiant

Compliant

Yeah, you pay per user, but what I understood, was that there was a limit as to how few users you could pay for. (Like say, no less than 5)

But yeah, you need a license for each person using the subscription.

Nothing like that for O365 yeah

Yes every user

We have the extra licensing bonus of having a number of office licenses, along with 365 licenses. So some users will have no office access, and others will. Kinda confusing, but at least I know that the MAC users NEED Office with their 365 subscription, as the licenses we have, are windows only. 😉

Really? It isn't for Mac version?

And yes you have to assign them the office license too as you like

That's nice feature to conserve office license I suppose

But in regards to o365 users I think were the opposite of that dentist.. We have too many. We actually have a number of shared mailboxes, that are setup as regular users.

I got a question for you

O365 licenses with desktop Office are 5 devices, windows or mac, mix and match. But the standalone Office licenses we have, are for the windows version.

Well, we have personal mails too, and shared mailboxes is really an old exchange feature, and they are FREE compared to a user account for the shared box.

Yeah. How I would I go about this? :

They have one user account in O365, and it is an administrative account. I want them to check their mailbox but not have the power to make Administration changes by accident

I was thinking that they have to make another account in order to do it safe

But is that thinking correct?

Exactly. You make another account, that's the administrator, but assigns not license to that account. Then you revoke the admin rights for the daily use account.

Okay, so as long as it not assigned license, it can technically be created for free

For use?

That way the admin account can login to the portal, handle payments, and all admin stuff, but will not have access to anything but the admin portal.

I see

Exactly. At least, that's how I understand it. That is actually the situation you have, when you create the 365 tenant in the first place.

And I'm guessing that shared mailboxes don't actually need licenses right?

I've also accidentally removed my own licenses, and only warning I got, was the loss of data, that would happen after 30 days. 😉

I can make 4 users and they can access shared mailbox?

That's correct. However, when using outlook, users need to be aware that mail they send, from the shared account, is actually put in their own sent folder. I've not yet bothered looking for a solution, as my boss would rather pay MS for the extra mail accounts, than me to figure out how to solve the issue. 😉

Hmm

That's good tidbit to know

@craggy parcel but wait, if it appears in their sent account, how can they see it if they don't have their own mailbox license?

Yeah.. It was quite a show stopper for our customer service people. As everone knows, no customer knows how to quote a mail. 😉

That depends on wether you use webmail or outlook. In webmail you click your profile image at the top right, then select the option to open another mailbox (I guess that's the english name, I use the webmail in danish). In outlook it's a little more annoying, but only needs to be setup once.

But setup for free?

Since they don't need personal mailbox

No to access the shared mail, you also need a personal account, to my knowledge.

Oh

Drat lol

But the advantage is, that you don't need to pay for both the user, AND the shared account.

Right. The shared account is a free thing

Which paid users can be assigned to to see its mail

If I got that right?

Correct. You just assign the users full access to the shared mailbox, and they have access with either outlook desktop outlook web.

In outlook you configure it under advanced settings for your own mailbox. At least in the windows version. Don't have a mac handy at home.

great. Yeah because I have to go back over there to finish some things that we didn't have time for.

My prof gave an unrealistic finish time

And we rushed a bit

He didn't want to burn bridges with the dentist since he's good friends with him

But still he should of been more realistic

Unrealistic deadlines.. Love them.. I get them all the time.. Either that, or I'm too slow. Who knows. 😛

Most of my work is development though, it's a bit harder to estimate.

The game plan was to:
-remove old desktops
-open new desktops and slide in
-make system image of old
-put system image on new
-make any changes/upgrade to windows 10
-image system
-push image over network to all new desktops
-upgrade router to pfsense
-install one unifi AP

But we discovered that they had one serious network problem with their switches. Dlink brand but it was causing everything to go at like 23mbps and imaging was failing every attempt.

Rebooted and nothing. Time is going by while troubleshooting. Ended up having to replace the dang thing with Cisco branded switch from Amazon. Another day past and we couldn't wait for imaging. So the last resort plan was to go to each workstation and configure individually.

It was probably the worst thing ever during the job

Because it went against everything I knew about automation

If he would of brought me to inspect their network first before we started the job, it wouldn't have played out this way

Nothing that iperf or Microsoft ncttp couldn't figure out

So I learned three things:

1. never be fixated on one way to solve problem
2. Don't panic so it looks like you know what your doing
3. actually say realistic times to complete a job

Sounds like the switch was quite old, and needed replacement anyway. Even my el cheapo home switch can deliver 1gbit between multiple stations, at the same time.

Hah... I'm quite an expert at number 2. 😉

Even though I'm in a situation, where I have NO IDEA what I'm doing, it looks like it to everyone around. 😉

Yeah I gotta work on number 2 😂

But it was because I've never seen such layers of problems stack on one another

Heh.. I've been working professionally in IT for 11 years.. Plenty of time to practice. 😉

Yeah I don't got that experience yet

I'm still newbie

Yeah, keeping cool when shit hits the fan, can be hard... But when your colleagues run around like beheaded chickens, someone has to take it easy, and start analyzing the problem. 😉

All in all, a good learning experience. I've never done it in a setting where it was critical to have everything working by a strict deadline (where it could then cost ten of thousands of dollars each day it's not working)

I've only done it in college lab setting

Heh.. Yeah, it's a different kind of stress, when you need that someone will have a company that's at almost a standstill, until you're done. We provide telecommunications solutions. Imagine how satisfied customers are, when they have to send their entire call center staff home, because the phones ain't working. No outbound sales calls that day.

I'm sure, however, that the people that didn't get the cold calls, were happy though. 😉

True

I don't know what the hardest part is... The fact that you know the customer is loosing money, and is annoyed about it, or ignoring your impatient boss... 😛

oo yeah tough decision....

Yeah, but after that long in the same company, with the same boss, you know when it's just because of the potential loss of a customer, or he really IS annoyed and angry.. 🙂

Also my boss and I tend to disagree on how to solve a problem. I like to identify the cause of the problem, and prevent it from happening, and he wants to treat the symptoms first. But sometimes the cause of the issue is no longer present if you eg. restart a service or reboot a server, and it's just a matter of time before the issue comes back. And whenever I remind him of that, it seems to change his mind on the priorities.

But then again, it's him, not me, that has invested money in the company, and his reaction is actually understandable.

I'll assume this falls under networking, but I might be upgrading the speeds on my fiber connection and I can get 1000 down/100 up Or 300 down/300 up for the same price. I am not sure if I would ever need the 1gbit download, nor do i upload soo many files that 300 mbit upload would be substantial.

I am just curious what people's suggestions are

@errant hazel if you don't see yourself uploading big things in near future, you'd probably like the 1000 down more

Even 100 up is still good

I backup a lot of stuff to cloud, so I prefer more upload speed

I'm already at 250 mbps down, I don't even need more than that tbh

Comcast is stingy and only gives like 8 mbps up

I have been considering cloud backup solutions at some point, I only do a time machine backup to my hard drive

Well, with a high up speed, your cloud backups will get done fast

Me I have to wait 10 whole days

Good point

Also I am sharing iso files with others time to time

And virtual machines

So they benefit a lot from upload speed

I wish I could get fiber service here today

We got it about a year ago in my place, its a lifechanger. At my parents they have 30/5 on copper adsl

i have 100/20 atm.

That's a lot better than mine

But with a scholarship its cheap to upgrade the speed a bit

Mine is 250/8

the upload is the culprit here

Even at 20mbps, the time to backup is cut to like 3 days

yeah

I will definately try the middle tier first which would be 350/100, I might not even need to go to any of the ones listed in the end

IMO if they're both the same price, then the 1G down would be better, since you're more likely to throttle that (e.g. watching netflix, downloading games, etc. all at once)

But both are kind of more than most people need

Well I am literally the only one who would be consuming the internet at high speeds. my two roommates arent techy or anyhthing and youtube 1080p doesnt take anything haha

and only my laptop has an ethernet connection 1gbit, the rest of the devices are on wifi so the 1gbit is irrelevant to them

thankfully its 5ghz ac

Yeah it's more when you have multiple devices

I would stick to whatever is cheaper

at maximum 3 video streams and whatever i download

i might be happy with 350/100 in the end and this is irrrelevant, but I am uncertain yet

If it were me, 100 down, is plenty and I'd take the up for my workload in particular

fair

I think you can throttle 100 Meg if you have people like streaming multiple 4k streams

I mean it's a rare case

And probably never happen

4k streams can eat like 28 mbps

i do have a plex server that has 4k stuff on it at 70mbit/s, haha

350/100 is great

Ahh so the 350 would do you justice

but yeah, thanks for the cloud backup point, i will definately consider that

You could also just backup over night

i am in no position to complain anyway

At that point, who cares if it takes 6 hours

so this is all just for comfort 😛

true

@finite schooner well it takes me 10 days

Overnight 24/7

but a macbook running fans at anything higher than 3500 rpm makes it hard to sleep

In the meantime, my data is vulnerable until it finishes

so the overnight is a no-no

Yeah so fast upload speed mean you upload during like work hours

And can turn it off each night

If your data is that vulnerable, consider a better system

@finite schooner throw me some suggestions

I have NAS and cloud backup to two providers

Depends on what the data is.
Development/Text = git + repo
Documents, Images, etc. = Plenty of cloud storage

I rather just backup everything

¯_(ツ)_/¯

Backblaze even says that

how do you upload the data? do they have a client or do you rsync or sth like that?

Back it all up they say

Like really

They hate it when you selective backup

The software doesn't even let you

@errant hazel yes, usually a client exists and you use that to tell it what data to backup

Like I use crashplan and idrive

They both have client

I have been thinking of just using sth like cloud archive storage from ovh and just rsyncing the data daily to it, its cheap cuz its cold storage

I guess that works yeah

since after the initial upload rsync will obvioulsy do just the diff

They would only charge for the download

Right?

i have a full hourly backup on my 4tb time machine drive anyway

Upload is free

notsure i think upload is also charged

but once uploaded its real sheap

Yeah

thats in gbp for some reason

have the wrong site but you get the point

1 tb of storage is like 2$/month after its uploaded

it is cold storage so you have to wait a few hours or days to be able to download the files then

but as a secondary backup thats doesnt matter

Wow not bad

Yeah good for cold storage

I'm backing up my nas to an unlimited google drive I get through university. But I'm not sure if it will be done uploading before I graduate.

I read somewhere that gsuite is unlimited, even if you have 1 user

But Google can knock down that ability at any given time

I have over 3TB on GSuit with just one user

It is extremely slow though

What part of it is slow?

The uploading? Downloading?

Upload and download

Like slower than 50 mbps?

Download is not too bad but upload is pretty bad

Oh

Yeah upload matters to me

Give me a couple of months and I'll have almost 7TB.

No, but crashplan is SOOO slow to download from

Never count on them if you need a lot of data back fast

I'm currently uploading at 11Mbps.

The daily upload limit is like 2TB or something so if you can get it to go fast enough then it works

how much is gsuite?

@fresh copper what about the download speed? 2TB locked?

They have increased the price a few times. It was $10/mo when I first got it, I think it's about $12/mo or so now

"Either 30GB, 1TB per user, or unlimited storage, depending on the plan"

@vapid dune so basically it's all the above lol

nah the lowest tier is 30

The download speed seems good, it's not as fast as the connection but seems good enough for me

business is 1tb if you have < 5 users

> 5 is unlimited

It's supposed to be 1TB if you have less than 5 users but they still let you use more anyway for some reason

I'm currently using idrive

I looked at backblaze. Tested both. Both use full speed of my connection

It came down to backblaze being hard to configure exclusions

isn't backblack cheaper

They don't like that

60/year sounds good

Yes, but limited exclusion rules

oh? what rules?

Meaning if you exclude something, it excludes for all drives in your backup set

And you can't deselect C drive

oh

can it do freenas?

What can?

oh you need to use b2

Ohhh

And that's what it was.

It can't be installed on server os

Stupid restriction

hmm that's dumb

They want you to use b2

I'd have to install a windows vm via iSCSI lol

Which is highly expensive

I could use a client windows but I have roles installed on server that I use... Or maybe I should look at that again

I do all of my backups with rclone which can use most storage things. It can only use backblaze b2, not the standard though

You know, actually I probably could migrate my server OS to client windows but I need more server licenses

The backblaze could work but

Why would I go through all the work for one app

Doesn't make sense

This reminds me that I need to reconfigure some of my backups

also and some backup services don't allow network shares to be included

Hello Guys, I’m looking to improve my home network. What is the pros and cons of this? I currently run BT router with a mesh system and want to upgrade my network. Is it worth getting my own router and access points eg a ubiquiti system. Or build up a rack. What would be recommended.

Pros is that you can:

1. Have a faster network
2. Have more control over your network

Cons:

1. Adds complexity if changing to managed network
2. cost of managed gear
3. some learning curve of managed gear

faster is in the eye of the beholder

if you're already getting max speed test and you have no home server its debatable lol

@waxen scroll oh. I was coming from perspective that I saw at the dentist office. They were still on 100mbps hardware

Yes so it depends on the current setup

Anyone know any free decent software to monitor all devices on network?

@random nest libreNMS

Splunk

Is it a software not os

to install

Both are yeah

Need Linux or windows in order to use those

good

There's prtg too

All with their own learning curves

I have windows lol

whats a good one for windows

I don't use any now, but I liked what splunk had to offer

Since basically it's highly configurable with search abilities

Oh mk

I didn't really need to monitor anything here

Does it mess with the network when I need to turn off my pc or

is it just fine

To turn on whenever and run

If it's off, it simply won't be monitoring anything

It will start again once on

@waxen scroll I've finally decided that looking for 10G router is unnecessary and that I will just put devices that need 10G onto a 10g switch and the rest will stay as is

and make use of host-based firewall to protect it

how much is a 10G switch anyhow

as cheap as https://mikrotik.com/product/CSS326-24G-2SplusRM

Yah, 10G routing is much more expensive

I really dont like how mikrotik switch is configured though.

The cli is much different compared to other vendors

also the concept of making bridge is a little confusing

I guess I am spoiled that every other vendor handles the bridge for me

https://www.newegg.com/p/0XP-000A-000U0?Description=10g switch&cm_re=10g_switch-_-0XP-000A-000U0-_-Product

lol still expensive

I dont want a unifi switch

they have buggy firmware

but that one has more than two sfp+

cost gonna go up expontentionally

https://www.amazon.com/NETGEAR-Ethernet-Unmanaged-Multi-Gig-Protection/dp/B076642YPN/ref=sr_1_3?keywords=10g+switch&qid=1575932519&sr=8-3 theres cheap unmanaged ones

again just two

Im actually tempted to buy this one with the connection between upstairs and downstairs though https://www.amazon.com/MikroTik-CRS305-1G-4S-Gigabit-Ethernet-RouterOS/dp/B07LFKGP1L/ref=sr_1_5?keywords=10g+switch&qid=1575932569&sr=8-5

ugh why does mikrotik the only one making these

oh huh how much are sfp modules?

isn't the netgear 2x 10G 8x 1G?

I did mention that.

and sfp+ modules as cheap as $18

specifically, i would use it to bridge the faster unifi AP downstairs to 2.5g speed back to server

I have 802.11ax in the surface laptop, so it will be able to saturate more than 1gbps

@vapid dune does discord search work for you?

Its not working for me

what the heck, is discord search down?

nope not working

guess it's down

great, just great lol

oh I you're doing it over fiber and not ethernet

nvm I just couldn't find any lol

so 130 + 18*8?

the $18 i found was from fs.com

yeah it would be something like that

but I already have copper cabling installed so....

trying to see if its worth re-running or not

the copper sfp+ i would have to get it from amazon.com for cheaper instead of fs.com

Hey guys I just need some help rn with my modem/router set up

So I got a new CM1000 and realized that it only one Ethernet port

And I didn't buy a wifi router

So can I just connect that Ethernet port to one of the ports on my cable provider's all in one router?

Although it doesn't have a dedicated LAN port

Just to temporarily give the house some wifi while the router is on its way

Usually, you would connect the one port on a modem to a wan port on a router. This is because the modems with one port are only media converters, not actual routers. Depending on the provider, it may or may not work to connect it to a lan port of a access point. It would be quite dangerous in terms of security to do that even if it did work. I can't really recommend much in this situation

Also, to go back to the GDrive thing from a few days ago, here is what rclone says as the limitations

Limitations
Drive has quite a lot of rate limiting. This causes rclone to be limited to transferring about 2 files per second only. Individual files may be transferred much faster at 100s of MBytes/s but lots of small files can take a long time.```
I'll also note that the default API key that rclone uses is shared among all people using rclone for GDrive so I would make sure to use your own. While I can't say exactly what these mean for speed, the limitations are 1,000,000,000 API queries per day, 1,000 API queries per 100s per user, and 10,000 API queries per 100s overall

I believe that beyond the API limit, there is some sort of speed limit as well but I'm not sure what it is at I don't often transfer large files (one of my current backups is going at about 100 kBytes/s because it's a bunch of small configuration files for the most part)

@little schooner discord staff are working on fixing the search function since the partial Google crash over the weekend

oh nvm,it works now! or from what i've tested

I have Ethernet through outlet like wall plug and it is a lot slower than normal Ethernet, I have a gigabit connection and the adaptors are rated for 1gb but I’m getting around 300 mbps is there anyway to increase that to closer to the full capacity? Please @ me if you do have a fix so I see it

good to see someone else using a "wire" rack https://images-na.ssl-images-amazon.com/images/I/7188FkFUaeL.jpg

I love those little SFP+ switches. I am thinking of getting one but I have not decided yet

@fresh copper I am still on the fence with them, only because their cli is very different compared to other vendors

I didn't like it the first time with the cameras

I dont know if i'll like it this time

but it is an otherwise capable device

those led lights sure looking BLINDING

thats a 4 port sfp switch?

sfp+

10g?

yes

how much?

133

ish

$133?

i have to double check

i linked it above

https://www.amazon.com/MikroTik-CRS305-1G-4S-Gigabit-Ethernet-RouterOS/dp/B07LFKGP1L/ref=sr_1_5?keywords=10g+switch&qid=1575932569&sr=8-5

i can get a 48 port one for not 10x that price, god damn

this one was perfect for me to throw in a in-between point of upstairs and downstairs

I have it hidden behind couch

i mean, ok, but thats expensive as shit

at least, by my standards

i got a $50 48 1g + 2 10gb switch

that would be too big

physically to fit where i have it

honestly, I was really happy to find it, because I was about to consider running new cable to downstairs

this will save me from doing all that hassle work

yea, this is going in a rack, so i didnt give a fuck about much

I lack a rack still

I have wire rack if that counts lol

size, ehh, so long as i can mount it, power, ehh, noise, ehh,

Note that it can also route at about 1G so it could be useful if you wanted to get into a little bit of 10G and route a few things

i wanted a pair of 10g sfp ports, 48 port rj45, and all of those are managed, so i can use vlans.

not that i need to

mikrotik sells other switch like that

for $50?

no.

didnt think so

where did you get it used for that price

or did you?

new?

ebay

sounds about right

Quanta LB4M

cant say ive heard of that brand

i hadn't before i bought this

it was the cheapest that met the above qualifications of what i wanted

happens to be dual PSU

also happens to be L2 only, dont care

well, it may be L2 only, im really not sure, there is conflicting info there

really this is just temporary, at some point a Ubiquiti US-48 is gonna come in, no clue when thats gonna happen though

it was ordered months ago, and it seems its still months out, yay

that reminds me of how the 3950x is still out of stock and bh was taking orders and they say they dont know when they will ship

this is government shit

@fresh copper why is SR fiber sfp+ cheaper than copper sfp+ option?

I thought copper was cheap to make

uhh, wot?

how long?

300m