#networking

hard to say what to do but really you want to cut back on complexity if you can't determine what's causing you problems

So, have you ever used the controller itself?

yes

I've used local ones, remote ones, and cloud hosted ones

The ip it list for the device in the unifi controller is it a random generated one or the one for the device itself?

the controller sees devices?

the IP of the device is generally handed out by the DHCP server (usually the router)

do they already have other unifi stuff?

The controller sw sees the AP and the switch, and lists ips under them. However, they don't match the default ones that unifi told us to use...

so is that one that the router is sending out?

are you just installing an extra controller on their network? lmao

default IP? o.O

what default ip?

Well, we have fios and their hybrid router/modem thing. It's in the basement, and from the basement is a long ethernet cable going into the switch 8 60w. Then through a POE cable out of that thing's one POE port goes into the AP.

I'd start with getting the switch working first

well, apparently there's default IP address for both the switch and the AP according to the company.

huh?

I'd plug the computer with the controller into the router, then the switch into the router

adopt the switch. make sure the switch is running nicely. then plug the computer into the switch. see if that's running as you'd expect. then plug the ap into the switch and adopt

or the ap into the router really

I mean I assume the switch should just run without adoption even (but I don't own one so I haven't tried that part)

So, there needs to be a physical connection to the switch itself to a computer? You can't just have one on the same network? Cuz if so then I'm going to slap my brother in law.

huh? it can just be on the same network

I'm just indicating what you could do to test that things are working. just do it as simply and piece by piece

So, he's trying to tell me to do it on a computer that's not on the same switch just on the same network.

you can do it that way too but clearly things aren't working lmao

just eliminate complexity if you can't figure out what's causing problems o.o

I mean I can go into the laundry room where the switch is and hook my laptop up to it directly.

maybe try that and see if there's even network connectivity

all the devices should be pingable and you should be able to ssh into them

assuming that you want it working and not firewalled/routed into oblivion of course

Well, I think the two problems we're having is the screwed up way my brother in law altered the rest of the network plus the fact that other than my second switch and the hybrid thing in the basement there's nothing directly connected to the switch or AP

@strong tusk perhaps your brother in Law should of created documentation of it

How everything is connected and some ip list

and if there's any vlans and what not going on

or black/white listing

really though if it's home use without someone who knows how to manage it around, I'd suggest making the network topology as simple as possible xD

well we managed to adopt the AP and not the switch, but honestly I don't care right now as I had to fix some settings in the AP, not the switch. <.<

Why do I have 664 ping to google.com (through cmd) 20 download and 80 upload (no clue why my download is way less than upload)

@warm bramble Because your connection is routed through a satellite?

?

If there's a satellite link in the mix from you to google, you will have ping times in that range.

Oh

k

It could also be any of the other 100 explanations for high ping times...

Also bandwidth and ping times has absolutely NOTHING to do with each other. You can have a 128 kbit connection, with just a few ms ping, and a 10 Gbit connection with high ping. It depends on a LOT of factors.

A satellite link, is most likely not the reason, unless you are using an actual satellite connection yourself.

Hey guys quick question does anyone know anything about configuring a vpn with dd-wrt?

What about it?

I'm having some trouble finding a good callback service

I want a number to call me back and then let me type in the number it should dial and connect me

Some telephone providers have a special number you can call which calls you back as soon as you hang up but I have not heard of any 3d party services

@fresh copper aww

So my other option is to simply get a second phone and root it

@little schooner The normal way those services work, is you get a card with a code, then a toll free number, that you call. When connected you enter the code from the card, then the number you want to call. However, I don't see what problem you are trying to solve.

@little schooner i miss my personal conference bridge

@craggy parcel call recording

It doesn't work on android 9

It used to work great on android 8

And android 10 is further restricted

Lots of services using the conference calling feature from your telco, exists.

@craggy parcel like sprint?

What does sprint have that works like that

Like add call? The problem with that is, once I add the next line, my touchtone pad stops working

They probably don't have the actual call recording features, but a lot of 3rd parties does provide a recording feature, where you dial a number, that records the conversation. You just add the recording service to the call you wish to record.

Basically every call recording app for iPhones, work more or less in this way.

@craggy parcel hmmm thanks for pointing that out

I guess I will give Rev call recorder a try on iphone, now knowing this

After lots and lots of troubleshooting, I finally got the lab with hyperv servers in a cluster, configured with constrained delegation and enabled high availability of two VMs.

Now it should be as simple as turning off one of the hosts for the live migration to happen automatically to the next available hyper V host

The performance of saving virtual machines to a network share is really slow

@little schooner how are you liking hyper-v? I've never really strayed from the VMWare path, although I've thought about trying to set up a server 2016 instance to try it with.

@thorny vector it's great until you need to manage it remotely. Something about setting up constrained delegation which was driving me crazy when it wasn't working.

Other than that, Hyper V runs fast and good. The biggest advantage of using it is that there is no licensing for using hypervisor and automated virtual machine activation for Windows Server licenses.

I recommend using 2019 because 2016 has a real problem with applyinf updates really... Really.... Slowly.

I'm fighting a new problem with live migration now. I know it's permission problem or a step I missed.

No issues if you are just using it standalone on a single server

@waxen scroll You can tell I am fairly new to cluster stuff

I really want to put it into the lab badly, because of that last disk failure we had

@waxen scroll that day also had vmware workstation licenses expire

so the teacher had that and the students telling them nothing worked during lecture. it must of been painful

I don't think I could use any other live migration other than Vmotion. It's pure magic

@little schooner how does school let that happen

most of these licenses are deep discount

@waxen scroll Dunno. I guess they forgot to renew or pay

Professor did say he was going to pay with his own money

but backed out of that

i would too

sometimes i do pay but i dont let the company use it directly

like... they give everyone shit monitors, so i buy my own

or... i want this screenshot / editing app, so i buy my own but use it more than just at work

VIRL... same thing

current job is so cheap that for monitors you get whatever. they'll be mismatched, sometimes not wide screen

im known as "that guy with the ASUS monitors" for people who dont know me. lmao

heh I would totally do the same thing. I dont like being given the bottom of the barrel stuff. Our lab started out exactly like that anyway

also, he wants Hyper-V because he doesn't want to deal with the license expiry stuff but

I mean a calendar reminder would be a good option too

thankfully they at least give us copies of secureCRT even if its outdated by 3 years

CRT doesnt change that much anyway

yeah. its pretty great

I actually use Royal TS myself now

its served me well for holding like 100 connections of rdp, sftp and ssh

but not as fast, since its based on .net

but its very functional

if i need 100 connections i just script it

oh the connections are there just for me to quickly get an idea of how many of them have services enabled

i dont connect to all of them but they are in a folder that tells me "okay, these pcs have these remote in capabilities enabled"

i stopped working on multithreading, i have to pick that back up so the next time i need 100, its done in 5min versus 40min

Thats a dramatic reduction in task time

yep

i dont know why, but getting python to ssh things is slow

so while it waits to send commands i can begin a new connection somewhere else

i have to build protection in some how too so that it knows if my login is valid

i cant blast 100 devices with a bad login or i will get locked out

yeah, need to implement some checks there.

also I just finally figured out why my hyper-v cluster was having issues with live migration

it was the dang firewall in action on the file server

🤯 !!

Wasted so much time and no answers online really led me here to this conclusion of firewall

doesn't make any sense why it works this way

@waxen scroll Words cannot describe my frustration right now. Windows randomly decided to change its network profile to "Public" and caused live migration to break again. It didn't even let me know it did that when I made port exceptions just for Live Migration traffic

Ugh windows keeps wasting my time lol

Surprise! 😄

never had that happen except maybe if you add it to a domain

It is domain joined but for some reason, network profile isn't switching to DomainAuthenticated

@little schooner In my experience, the domain profile will only be applied if the domain controller is accessible through that interface. So if DNS was out of service temporarily, or the machine did not manage to login to the domain for any reason, even though the user does manage to login to the domain without problems. 😉

@craggy parcel yeah. Well it is accessible through that interface (and now functioning okay) but is still stuck in Public Profile. I am not sure if it was the fact that I had to switch out eth0 and eth1 NICs to be VMXnet3 ones when it was originally Intel NICs. I joined the domain using the Intel ones and that's when I noticed the network profile problem

I think it still has old references in device manager of the older NICs being configured with IP settings and remembers them

But that's just a theory

I tested Hyper-V live migration and works as it should, but it is not fault-tolerant

guess you'll be switching to vmware

Yeah...

or get rid of all of it and switch to azure

Would be faster

@waxen scroll if I understand this correctly, fault-resistant means that multiple servers can take ownership of a role (like, serving files from a SAN share) if one of the servers currently hosting it goes offline. It would fail over to another server and no downtime is observed

However, if the SAN were to go offline, the cluster of servers doesn't do anything helpful, since the file storage would still be offline

I got that right so far?

i dont speak hyper-v, however in general terms yes

Okay, and then how I understand fault-tolerance in a general sense, I can say that I have two SANs that have duplicate data and a cluster of servers serving files from the SAN share. If one SAN goes down, fault tolerance comes in by the 2nd SAN taking over what 1st SAN was doing: storing shared files.

That I guess is fault tolerance?

so in terms of SAN im not an expert. its difficult for me to assign terms to different types of SAN

a SAN unit has multiple supervisors/cards/etc

then you have the option to maybe replicate it to another SAN

but i cant speak to if you can active/active that way

if its not active/active then you might lose function until the other side can take over

ive racked and cabled SAN units but networked storage is one area i have 0 experience with

im kind of thinking that people dont actually replicate SAN LUNs

its possible they might make the LUN redundant on the same chassis with different sets of disks

think of how much pain that is to replicate a LUN to another datacenter as its being used

how much bandwidth is required

when i managed esxi in a lab which was set up for me already it connected to one SAN and each LUN was presented as a different hardware disk to provision VM disks on

current job is that way too... i dont have access to production vmware though

@waxen scroll well, I was just using it as example. Maybe I should of said, a file share was being replicated and both servers can serve the files, but if one of them goes down, the other will continue to serve the files on the share

Not necessarily with SAN, more like smb that's duplicated with dfs

Lets see if you guys can help what xfinity cant. Put my SBG6900-AC in bridge mode, connected pfsense box to port 1, tried my archer c7, nothing

Because these "techs" are half ignorant

@severe wigeon Well what exactly is the problem, is your pfsense box actually able to reach out

Im not getting my ip from their dhcp server

Check the interface stats on the pfsense box and see if you are actually getting, hell, sending request

Well pfsense was just to test, im trying on my archer c7 because im getting rid of pfsense, but it does request, i attempt to renew, nothing

Called Arris they said my config is right, its literally just xfinity

Ive even plugged my pc in to port 1 tried renewing nothing

Its probably just a lease limit. They dont let multiple leases exist on a single connection and if you changed to bridged, plugged in pfsense you already chewed through 2 leases.

Hmm

It should work though? Its worked on ATT and mediacom

You'll have to call to clear them or wait it out. But if you throw your modem back in router it should get its lease, at least should point out if that is the issue

They refuse to believe its their side

Just tell them you pulled multiple leases. They follow scripts and search via topics

It might point them in the right direction

Told them

Finally got to the "floor supervisor"

See how this goes

🤞

Whole lot of nothing... "Advanced Technical Support" doesn't know what a dhcp lease is.

DOCSIS needs reset stupid cable modems.

I have Comcast and how I managed to finally get dhcp lease was a forced renew or reset the cable modem

I killed its power for 5 minutes

And if that doesn't work, wait it out if they set some kind of time limit

its normally a 2 hour lease

Guess ill head to the gym then

Whatever they did, i cant login to my modem anymore

Ssh gone, gui gone

Can ping it though

Fixed it

Yeah... nothing

@severe wigeon did you try another modem?

Dont have another

And yeah i considered it could be modme

Ill reset it entirely when I get back and try again

or uhm get a cable pcie card in your pfsense box and get rid of the modem.

Thats possible?

nah guess they do not make a pcie cable modem card anymore. can still find old pci ones though :p . stuck with an external modem for cable. (been looking)

cisco makes a module one for their router interface go figure. but not seeing any kind of converter for it.

cisco makes servers that go into their routers

@clear igloo does the network person blame the server people or do the server people blame the network person?

@waxen scroll better yet, just blame the cloud for all problems

i worked for a place that ordered them in their routers and they just randomly decided not to do anything with them

I've been asked to add 214 firewall rules to a core router...

All of them blocking individual ports on individual IPs.

............

whoever asked for that deserves a special place in hell

So what happened to block all, allow necessary? Are they back in the stone age

Why aren't the firewall rules being put into the firewall

👩‍💻

Plot twist, there is no firewall

heh

@hollow marlin generally in these situations I tell the person asking no

When I get overridden it's in email and saved for exploitation later

😘

Big brain, thats how everything is done in my world

I don't have to say no often, but it happens maybe once a year

Lucky

There are a few hard heads that will fight till the end and I gave up and archive the emails and say well good luck. Then when the meeting for "what the hell is going on with x" comes I just search and throw the email to the projector

Kek

Yeah modem reset did nothing

lol

heh weird bot.

anyways find a decent replacement for the crappy isp modem.

it's not an isp modem

oh what modem is it?

It's a SBG6900-AC from arris

Certified for use with Xfinity

Are you trying it without bridging

No, because I don't want to double nat

Troubleshooting 101

?

You should be trying it without bridging to see if the modem even comes up

The modem has full connection, and to answer, I have actually tried before, and the router gets a private ip from the modem

So it CAN get an ip

Im talking about the modem getting an IP from the WAN

Modem never gets an ip in bridge mode

If the modem is bridged, it should not get an IP on its' own, since that IP will be given to the first device connected. (or multiple devices, if there's a switch involved and you have more than 1 IP provisioned on your account.)

it's not suppose to ^

No crap, not talking about getting an IP in bridge

and It does release my dhcp lease when I go into bridge mode

Take it out of bridged, login to it and see if its getting a WAN IP

It does

The modem works fine out of bridge mode

Ok, thats essentially what I was asking

Horrible wording

spooled up a pfsense vm giving it its own nic from port 1 of modem, it doesn't get an ip

for shits an giggles, can you do a wireshark

why not

wait

that wont work

If you spun up a VM, you can capture the NIC from the host

out of curiosity did you disable the wireless portion of the modem? if not check your wireless devices for a public IP.

yeah wireless is off

I thought of that today

and you are using port one as the pass through?

wait wtf

my pc got it

so bridge is running fine

that's progress

wait... it just hit top of hour

yeah its working in bridge mode now

to my pc at least

you can only have one device connected to it in bridged mode. the one you want to get the wan ip on.

Yeah ik

Curious if you can view the lease timer on your PC

Idk how on windows

ipconfig /all

^ 😄

I released it and connected to router

Oh yeah lol

Yeah releasing and renewing works fine on windows

its a like 50 minute lease

Is that about how long since you had your modem not bridged?

Its bridged still

My pc got the public ip

Because i plugged it i to port 1

So modem is fine

Im just trying to point out that I still think this was a multiple DHCP request problem

Funno

Dunno*

Release it, plug it into pfsense, reboot modem and then reboot pfsense

I stopped pfsense

Its not meant to be what runs anyways

Well try the above steps with your archer

Just sent reboot to it

This is why im glad my tablet has data

It rebooted, no ip yet

Ill give it a minute

Rebooted archer as well?

No, the modem is running fine

My macbook can get public, my pc can get it

Seems openwrt just isnt happy

I thought you said you were running your archer C7 after the modem

I am

Pfsense vm gets public

Its just the c7

You should reboot it as well. Consumer devices are turds when it comes actually doing its job. Tends to timeout after initial discover

could be a bad openwrt flash. try an older version.

had a few of those with my buffalo ac1750hd which I just turned into an AP and started running a pfsense box that I built myself from an old i7-950 x58 system.

So I found my issue

I just cloned the mac of my pc

instantly fucking connected

-_-

bandaid fix - still think there might be a problem with the openwrt. but if it works it works.

I went in the pfsense vm and it was using my nic mac

odd with my macbook though

¯_(ツ)_/¯

Now for ddns

Works

Well, if I remember correctly, in my case with Comcast, they could only lease out an IP to 1-2 Mac addresses. I remember calling to activate my modem but now they use an online wizard to process this.

But I also noticed that my chromebook was also able to get a lease somehow, so maybe my limit is much higher than 1-2

hello,

We have been having problems with our network

the ip adresses always giving problems now - cirtian websites will not load because there is a problem with the DNS server address or sub-net configuration

this is effecting all of our computers on the network.
the only way we have fixed some of them is by giving the computers a fixed ip address instead of dynamic

what is causing this or how do you fix it?

there are no other DNS or DHP services going on besides one that i am aware of. maybe i need to check that but not sure how to do that.

also, could have something been injected into the network and its just taking time to flush out the bad addresses?

thanks

on a computer that has a problem. what do you see?

"sounding-based beamforming"

each computer says the same thing - "your not on the same sub-net"
the only thing that fixed this was to give the computer a static ip rather then a dynamic ip address

What address was the PC getting

what do you mean?

What address was it getting before you put in the static

Anyone got any recommendations for a modem that can replace the one Xfinity provides for me? I've got a gigabit connection, and really tired of dealing with Comcasts bullshit
@sturdy chasm

From #tech-chat-2

Utah, if you end up on a different network, you pretty much have to just set a static address in the right network

I dont remember - it was on dynamic ip before it was changed to static

Utah, if you end up on a different network, you pretty much have to just set a static address in the right network
@fervent brook are you refereeing to the computer? or the modem device that assigns the ip addresses?

I mean, if your isp tells you which ip to use, you can set a static ip on your modern

I'd ask why your modern is setting your ip addresses, but I know why...nobody should ever use those, but you can't really help it since it was probably your parents decision

@elder stag check your router settings seems like each port is a subnet. which is what pfsense does to a 1 port, 2 port, or 4 port pcie cards. you can bridge ports so they are the same subnet.

Every night I get packet loss like this and download speed gets reduced to 4 - 6 Mbps, whereas upload remains 60 Mbps constant. I don't use to get this before when I purchased my connection since 2016 and my Internet was stable asf. My ISP haven't been able to fix it and this problem is occurring since 29th December, 2019.

The IP is default gateway.

Can anyone probably say what might be the issue. My ISP uses ONU and distribute the connection via Netgear Switch to other home users, they have replaced the Switch to check whether it was that causing the problem and it isn't, even after replacing that Netgear switch the problem still persists.

My friend used to get similar packet loss problem on his side on a different ISP, his ISP replaced the Load Balancer and it got solved.

I have talked to same users of ISP in different city and they say they aren't facing any problems like I'm facing.

If anyone works in ISP here, would love to hear something back from someone

@clear igloo dejavu? ^

@hollow marlin dejavu ^

Wasnt this a post here or on the forums?

Yeah I remember it too

ISP fault and nothing consumer can do

Anyone have encountered something like this before?

I'm pretty sure I explained the reasons behind what you posted

In the forum post

You also explained it here juan

@little schooner whats the order of operations to check a bad network connection?

@rocky badge whats the order of operations to check a bad network connection?

you work at an isp and a customer calls in asking for engineering to blame the load balancer. you have access to smart switches, ONTs, whatever. whats the order of operations when the user blames the load balancer

🤔

The cold weather is slowing the load balancer down thats why its slowing down in the evening. The heater must have broke in the previously replaced unit.

Should immediately escalate to engineering to cuddle the unit ❤️

yes, that can happen. thats why newer load balancers actually have ASICs which are engineered to compute useless calculations with their spare resources whilst the temp sensor of the unit reports under 50 F. Its way more efficient when warmer. It uses an internal ethernet ring to quickly kill useless calculations once customer demand spikes. This eliminates tail drops.

i think The_Saviours ISP must be on the old load balancer and having many tail drops due to cold

i think its pathetic that these ISPs who make insane profits off bandwidth cant even use spray foam in their outdoor cabinets

you can get a can of "the good stuff" from home depot for like $5/ea

Yes, you need to keep the cabinets air tight to keep in the heat

@waxen scroll
By bad, does that also mean no connection?

1. Check physical cable at station
   1.1 check station nic
   1.2 check if nic is disabled in software or hardware
2. Check switch to see if it lost power
3. Check port on switch that leads to station to see if it has activity light
4. Check if switchport triggered port security

It was worth a try.

But for diagnosing network problems, Wireshark is a good starting point

No, I mean ping loss at second hop

The home router being hop 1

That happened at the college. What it ended up being is a filter of some kind blocked access after we used the port for about a month. They didn't want it to be used because it was on the production network that isn't in Prof's control. Then, we tried using a laptop and it brought up a broken https web filter page that was empty. But we were being redirected. At that point, then, all ping hops ceased to work for us and it was totally shut down

@waxen scroll well maybe the router is busy or firewall on it

So it might be the the Load Balancer which is getting cold 🤔

During day time I don't get packet loss however download speed remains between 40 Mbps - 57 Mbps.

Instead of constant 60 Mbps and at night it crawls to 4 Mbps.

If it happens at night consistently, totally sounds like a configuration thing. The temperature at night doesn't always dramatically drop from day time Temps

Even if that configuration is with hvac systems or other policy and electronics stuff

Ive only done it with cisco, but has anyone her setup a network failover system in PFsense?

https://store.ui.com/collections/routing-switching/products/usw-flex-mini

29 usd and it can do vlans?

I wonder if they have a 8 port version at that price point

@vapid dune Thank you for the option, but i think I'm going to stick to my plan of PFsense if i can find a way, because my r220 has x2 4(gb) cards in it, and if i don't have to spend 30 bucks that's always a plus, because it wont run in failover forever

oh I wasn't replying to your comment lol

I just saw a new product launched xD

@vapid dune blue lol. it fit well enough that i considered it because i believe they can do it :p

VRRP is the word you're looking for

@waxen scroll Yes it is, its going to be sort of like that, but different in certain ways

actually that's having 2 routers that failover, mine in 2 WAN inputs to one r220 running PFsense

its more of a HSRP like cisco has

Hi guys, I have a standard Virgin Media hub 3 (came from isp) (https://www.expertreviews.co.uk/wireless-routers/1407886/virgin-media-hub-3-review) on my ground floor. On the second floor is my pc which requires a wired connection. atm, I am using https://www.netgear.com/support/product/EX2700.aspx on my floor and taking a wire to my pc but if I ever game or download something, I need to set my fan on it or it overheats and crashes. I can't get a direct wire to the pc from the router and I can't move the pc to the ground floor. Any better solutions to this, preferably ones that aren't too expensive, are welcome. Thanks 🙂

@plucky juniper you are looking for a new router/ modem combo then? (i think read your message right)

Yep, and a good extender like thing to place next to my pc to connect a wire @plush mica

do you have a set budget to work with?

@plucky juniper

@plucky juniper I think a Unifi Dream Machine could be a really good choice for you

r/homelabsales should have some i can check if they have some used, because the cost new is about 300, and its a router AP combo and can control a Unifi environment

netgear also sells good products

also google mesh

https://store.google.com/us/config/nest_wifi

I am in the uk, around £150 probably

Thanks for the advice, I'll check em out

mesh was quite expensive when I checked it out, coming out to around 250

I might push the budget up to 200 actually

Hmm, i would definitely reccomend you check out r/homelabsales i found a r730 server with 20 cores and 288gb ram with 8x 10gb fiber ports for $350 USD. there is a community quite active in EU/ UK.

they often sell networking gear as well for cheap

Yeah, I'm just checkin em out now, they are rather nicely priced there

Cheers for the tips

I trust almost anything i buy from there

I don't think you can post discord invs here

yah

I've been having trouble connecting to my wifi for the past week on my pc

I'm running on Win10 1803 (for some reason I couldn't install any new updates since in the first place)

but I've tried changing the adapter, usb and wifi card both, and they both works on my dummy pc but not my main

updating and installing stock drivers didn't helped neither

1803 is out of date. Did you try to upgrade install using Microsoft media creation tool to bump your version to 1909?

@sage heath

xeon-sama~

alright i am completely clueless with networking. im trying to do this port forwarding thing to fix discord audio from this tutorial https://www.reddit.com/r/discordapp/comments/7rqxro/discord_users_experiencing_voice_drop_out_after/ and idk what goes in the source target or local port box

that's a ridiculous number of ports

thats the ones discord uses apparently

nah they probably use one in that range

it also means that only one computer can use it at a time o.O

https://www.asus.com/ca-en/support/FAQ/114093/

"**If you want to forward a port range, for example 10200:10300, to a PC which is using the same port range, enter the service name, port range, and local IP address, but leave the local port blank."

you can just leave the source target box and local port boxes blank

i dont understand what they're trying to accomplish here. the post says port forwarding... select desktop/laptop/bla bla bla, but you cant forward the same ports to different devices

it's a really dumb fix

not unless you're changing port numbers in transit

this is a completely stupid fix i agree

I mean they should use either a fixed port so you can forward it properly

or upnp

or: not use inbound connections

why does the xfinity tech not simply escalate the issue with engineering rather than put in an oddball hack

idk what any of this means but i switched the server and it works ok now. The only problem i have left is that i cant get minecraft lan multiplayer to work. even though it worked perfectly fine last night now he says my world isnt show ing up

i have now spent an hour and 45 minutes of my life that i cant get back trying to play minecraft like I did maybe 14 hours ago without having changed anything

100% definitive proof that god hates me

i noticed you are on an asus router.... are you double stacking routers or is this XB6 modem in bridge mode?

the comcast router is in bridge mode

thats messed up. i dont see why you would even have the problem then

thanks comcast!

corporations :)

they really have your back

are they charging you for that thing?

idk

if its in bridge mode you might as well just buy your own modem with no smarts to it

wouldnt help me with my sudden inability to play minecraft

i tried this and it was just an error

Comcast gateway was the problem for us when the dentist office reported everything went down

Somehow Comcast gateway reverted it's state back to router mode

And the solution was to re-enable bridge mode again

it might have done that but i forgot the password so i cant change it back lol

The minecraft multiplayer worked after he restarted his computer so idk

no issues here

Yeah and that's what also happened to us. The password was never saved anywhere and we had to factory reset

But the funny thing Comcast gateway does is it keeps the old credentials and IP on reset

Stupid, defeats the purpose of having a reset button

Never again do I want to see their gateway

Bridge all ISP provided modems and install competent networking gear of decent quality. Problem solved.

I need serious help with my xr500 router

Can you explain your problem? @analog forum

My netgear xr500 router isn't going through the setup wizard properly. Saying that there is a problem detecting the Internet connection. Even though the Internet light is white. I've tried rebooting both the router and the ont. And I factory reset my router aswell. Still nothing. I don't understand whats wrong.

Idk.. @analog forum sry.

Darn

I really need to get my Internet back up. I have work to do

@analog forum Has the router ever worked? Is it new?

@pseudo blade yes. It's been working for about 6 months. I factory reset it. And now it just doesn't want to connect

Why did you factory reset it?

What did you do to the router last, before it stopped working?

Because I'm stupid 😂

Last thing I did was factory reset it. And now it just won't get a connection

The Internet light has gone back to orange

What is the next device towards the internet from this router?

Have a modem?

It's an ont

And yes I've reset that multiple times already

What kind of ONT? Does it have any settings of its own?

No. Hold on.

https://www.chorus.co.nz/q/model-type-200

It's this

Ok. So your cable goes from the first ethernet port on the ONT to this router?

Yup

What happens if you plug a computer straight in instead of the router?

I don't think itll work at all

But I guess I'll try

It actually should work - routers are just specialised computers.

Curious.

Right-click the start button, and select command prompt.

Already have it up

Then type ipconfig /all.

All ready have that cmd up 😂

See what IP you have on that interface, if at all. Make sure to run the command again now it's been a minute or two.

Know how to read what you're getting back?

Mostly

You can DM it to me and I will read it if you're uncertain.

True. Was just about to post it here. Bad idea 😂

Here's a question
We've got a somewhat shitty NVR for our CCTV system. Today I've noticed that it actually has port 554 open (rtsp) meaning I can get video streams out of it in a neater way than the horrible activex webUI.
How can I go about exposing this rtsp stream to the internet when you consider I'm behind a CG NAT and can't simply forward the port

Generally for SSH-ing into my network I rely on services like ngrok to form a tunnel to my machine, but since I clearly cannot run ngrok on the NVR, what do I do?
I've tried running ssh -N user@<myLocalMachine> -L 1337:<NVRIp>:554 but that did not seem to work (even on my local network, without adding ngrok into the equation)
While this command does function when referring to something like CUPS running on loopback (1337:localhost:631) it didn't seem to do it in this case.

Can I even forward the connection to the NVR in this manner

@analog forum if you are still around - do you know what type of service you have? pppoe , dhcp , etc? you may need to go into the router and set up connection credentials.

@primal ice yeah. I did that. I'm now trying a different router

mhm Kay

@Drako other router is working perfectly. Just plugged it in and it worked

dhcp then 😄 yeah ISP equipment is crap. :p

built by the lowest bidder \o/

The isp provided one is the one that's working 😂

It's the one I spent $500 on that's not

what model?

The working one?

Or the one that's not

the one that isnt but nvm I scrolled back up.

Yeah. 😂

I assume you configured the settings or anything else for authentication from the ONT to the new router? Who is your ISP? I know for example in the states with AT&T you have to use their router but you put it in bridge mode to bypass it but you still have to use it for authentication to get into their network

technically you don't you just have to know pppoe information. account name default password . cause that is all their router is doing is setting up that connection. verizon/frontier was doing that here in washington when frontier took over from verizon.

then they went back to dhcp

With AT&T they use 802.1x authentication and while you technically can get around it its a huge pain in the ass to do so

@analog forum how did you factory reset it? with the reset button on the back or inside the web interface?

https://www.reddit.com/r/networking/comments/f3sdd5/cisco_took_down_my_router_but_how/fhl4h0z/

brutal

lol, I like it

thats basically @hollow marlin posting to LTT forums

i love the "stop spreading misinformation" rants

Anyone use Synology? Failing to get SSL certificate wonder if anyone could help

we only support networking here, you're better served https://linustechtips.com/main/forum/84-servers-and-nas/

Thanks

@waxen scroll why can't US elections get electronic voting done right?

It's frustrating to see them abandoning the system again because one state didn't know how to use technology

Idk. I never had issues with my area

cause government lowest bid wins and then goes overbudget by $250 million.

See healthcare.gov

Hi guys, is there a device which connects to a 5ghz network and outputs the internet connection via RJ45? I want to connect a MoCA to a room with no reception but I don't have a coax port anywhere near my router. It's just a streamer so the degrade because of a wifi connection doesn't matter to me

A router/access point or computer with a wireless & ethernet NIC set to bridge the interfaces?

@pliant kelp

@dire flare For your NVR - I'd put a VPN server in some cloud, tunnel to it from your local router, then portforward whatever you need.

I used to offer such a service for various purposes, including for a company stupid enough to want their main webserver to be on a remote property in the middle of nowhere off a consumer 4G connection.

Well the SSH tunnel thing isnt working because RTSP seems to require both TCP and UDP port access and SSH only lets the TCP portion pass through. Though apparently there are ways to force it to only run through TCP, but I havent explored those options yey

yet*

Yeah, a tunnel ran over TCP :P

encapsulation intensifies

We ran SSTP or OpenVPN, masqueraded and port forwarded on cloud routers.

But in your case... perhaps you could just connect to the VPN server on the other end too. So that way you're not exposing RTSP to the internet.

So local network router with NVR > vpn through cgnat to public vpn server > vpn to your remote laptop you want to view your NVR from.

I pay like $3.50/month for a little VPN hosted in AWS so I can portforward.

They need to fire the network Administrator of the British airways website.

The latency is disgusting

Could be crappy web design

Yeah I should amend that

Hey guys

I'm in a dilemma here. I have a pppoe internet connection which uses a username and a password from the middle man (ISP) which connects me to the actual provider. anyways, I used with him two types of ISPs A and B. A using a service name, HH and the other FNS. Currently I'm using the HH service name for the bundle i have from the isp. however, my router (Synology RT1900ac) gives me the chance to write anything as a service name or leave it blank. at one point i forgot to enter the HH and left it blank. i started using the internet and my internet jumped from the 5 mbits/s to 7 MB/s. i was blown away and it still is for now. when i use the HH again goes back to the normal 5 mbits. when i speedtest without the HH it shows that i'm using B's ISP which should necessarily need a service name, FNS. however, even with the B's ISP i was capped with them to 12 mbits not 45 mbits lol. What's happening here? Go technical if you please. i don't mind.

sounds like they are using QoS to limit/shape your traffic by service name and when you leave the service name blank it is bypassing that QoS (quality of service).

Yeah, sounds like the network admins were stupid and haven't locked down the underlying network properly.

Hahahaha nice I'll take advantage of their stupidity than hahaha

they will notice sooner or later and lock it down :p

¯_(ツ)_/¯

Meh if do it from time to time maybe they won't notice as much lol

Guess you can always play stupid if they ever complain - not like leaving it blank's something you couldn't do by accident.

Lol

Bro had to download a update for call of duty which is like 45gbs took me from 12 hours to 2 hours to download it lol

If the network admins have any monitoring you'll stick out like a sore thumb and they'll see your historical usage at some point.

They do but they only see my usage as well as I can see it from A's ISP. B is more of a startup ISP which I stopped using them because if their connection inconsistency. So I think most probably B aren't on a very professional level in their infrastructure like A is.

Someone's being billed for your circuit.

Someone's paying for backhaul you're using.

They'll notice eventually, even if it takes new staff to do it.

Honestly I'd leave it misconfigured myself until they noticed.

Still tho, It's their problem for not making a server for most application and games out there. Which would make no one actually pay for the traffic I'd be using...

Easy fix - no gateway for underlying network = nobody can bypass the pppoe server.

Could be left open for various business or political reasons, or just plain incompetence.

most likely the latter

small town isps are pathetic

apparently running an ISP is tough work for the average IT guy, who would've thought? xD

Anyone able to recommend a good guide or tutorial on how to setup a NAS?

I have a spare computer and I want to have more storage

got any Linux knowhow?

I prefer it for programming, but I'm not very knowledgeable.

how much storage are you kinda hoping for?

So I just want storage for my photos and videos

I currently have 1.5TB

I was hoping to set something up with 4TB or more

I have a laptop and desktop and would love if my ShadowPlay would record directly to the NAS so both have access to the same videos regardless of who recorded them

If that is even possible

Should I just buy those premade NAS' from WD with like 6TB?

if you don't have like a buzz for homegrown server setups like r/homelab's or anything yeah probably

will save most likely hours of hassle

The reason I was thinking of setting up my own NAS was because I have a spare desktop and would just need to buy it storage. I don't have much money so if it was a lot of saving I'd do that

but it seems like those solutions from WD are like $150 when I'd be spending at least $100 on building my own NAS... So doesn't seem like it would be worth it

Right?

Idk, I'm also happy to learn something new

yeah plus the old desktop hardware isn't really rated for NAS-duty type loads

Hmmm

Any recommendations for one?

a standalone solution?

Synology have a good rep but cant speak personally about their products

What are your thoughts on this?

https://www.amazon.com/Elements-Desktop-Hard-Drive-WDBWLG0080HBK-NESN/dp/B07D5V2ZXD/ref=sr_1_16?keywords=western+digital+home+nas&qid=1582124821&sr=8-16

The rest of them are like $300

I can't afford that so I might need to build my own just for the simple reason of not being able to afford anything

see what you could do with that is just take tit plug it into your pc or laptop and be set with additional storage

windows does have a sharing option where you make make your files available over the network which works along as your pc is on and the drive is connected

I want a solution that'll let me set ShadowPlay save locations for both my desktop and laptop so regardless of what I play on, it saves to the same place

and if possible, I'd like to be able to access those videos from anywhere

Is that possible with this?

I just realized, that if I set the save location to the NAS and I'm not home, that could be an issue...

So would I need to manually transfer them?

there's a couple of forum pots on it with might help but they all seem to be workaroundshttps://www.nvidia.com/en-us/geforce/forums/geforce-experience/14/258324/how-to-i-record-videos-to-my-nas/

From reading this - https://www.techradar.com/news/the-10-best-nas-devices-reviewed

Looks like the WD $150 Personal Cloud could be good right?

That is in my price range

I just can't afford the $300 ones

I'm an idiot

That is just for the enclosure

No storage

why not actual cloud?

$7/m gets you 1TB and access to the core office apps

@little schooner if you remove the switch and just connect two 10gb network cards together, can that cause collisions?

I have a pfSense installation. Its Domain name is set to "ths28", Its name is set to "pfsense" So when i Type into my browser "http://pfsense.ths28" i get to pfsense Backend. This also works with my printer. I Type "http://hp2600.ths28" and get my printers webpage. (arp Table ?)

I dont know how this is called sorry.

Now i installed "Active directory Domain services" on my windows server 2016 and i am stuck on this screen.
The server is called THS28Server. So if i enable above mentioned feature for the server i would end up at its IP when i enter "ths28server.ths28"

Is active directory a seperate thing from pfsenses "ths28"?
Can i add this to "ths28"?
What do i click what do i type?
Halp`?

The domain it is referring to is an Active Directory Domain

So this is a seperate thing and should get its own name? I create a new forest and type "THS28Server.mylocal"? @paper rampart

You can use the .ths28 for your AD domain

I could do that but a few problems with cloud services

1. How much would it be for what I need (4TB or more)
2. What happens if I can't afford it for a month or even longer?

@waxen scroll

hey does anyone know how to set policy for ChromeOS using terminal

anyone know how to make my laptop keyboard and mouse send info to android phone?

how to use laptop perph as android controler?

@mellow heart you have an old system - install ubuntu and samba and some remote access software. when you are on your home network you can just use samba to access the drives and then when you are away out in the cloud you can use the remote access software to access ubuntu and then save your shadowplay captures.

i've been thinking of setting up a VPN for basically that purpose

esp since you can't really put an SSH port on the internet

but it's literally laziness holding me back, and interest in other projects

SSH is fine-ish if you apply proper protection,
That is a good strong key pair for authentication, non-standard port & port knocking
And perhaps more 🤷

for the life of me, I cannot remember how to prevent the management panel of pfsense being accessible to WAN, ideas?

I use to have that set

You really should set your firewall that only allows traffic in that you permit. And then you would lock down the http/https to the firewall.

@primal ice, Thanks! That's a good idea that wouldn't cost me too much

@severe wigeon change firewall ruleset on WAN interface to have nothing

Also if you ever run into the negate sg3100 appliance, do not run pfblocker on it. It suffers from out of memory issues

Though if they fix that (or maybe the hardware is just too weak for it) that statement will get amended

I don't know if I got lucky today, but three different websites spit out detailed HTTP or oracle database and environment errors in my web browser. Talk about good timing for all of these

....

lots of stuff empty too

well at least they aren't exposing everything

stop hacking, thats illegal

No, all I did was hit the logoff button

and it brought me here

today the web was broken, at least for my session

@waxen scroll no no, but this one is my favorite

deadlock victim xD

There's quite a bit of vulerabilities with oracle fusion version 11 they are on, but the webpage didn't say what subversion they have https://www.cvedetails.com/vulnerability-list/vendor_id-93/product_id-19105/Oracle-Fusion-Middleware.html

Hopefully they are patching their server

i knew it. look. i told you no hacking

Im just pointing it out

uh huh

This is what my prof would show us in class

practice researching

against LTT discord rules.... lttstore.com

hmm.

heh

@little schooner has nothing on it

still accesible

Oh strange

I can access it it by public ip INSIDE my network, but whenever I grab like my tablet that has lte, it's inaccessible

yeah thats normal

because your inside network has allow rules to let traffic go out to any ip address

which includes your PFSense WAN IP

@waxen scroll just when I thought I couldn't run into another problem on the web, I did. This time, its the Google Keep extension that no longer appears to work in Chrome

;/

dead chat

Anyone know how to set policy on ChromeOS (Chromebook) using terminal

@static drift That's done through google admin console, which isn't a free product

@little schooner I mean using terminal

I forgot that part

Linking the CVE database is against TOS? That’s stupid

Lmao. Yep. This place is too woke for that and other things. The block list is quite big

CVE?

We can't have no CVEs up in this place telling us how vulnerable we are 😛

since i started calling them woke, im expecting "woke" to get moderated soon

@waxen scroll I don't like how my university's IT department defers any responsibility to computers that coexist in a lab environment to be the responsibility of a server admin, even when it was the IT Dept's Windows image and workers that made the lab computers operational in the first place

Ask a question about the monitor being too bright? They say Sorry, that is not our responsibility. Ask your professor (who is the server admin as well) to change the screen brightness for you
Server admin said I can't change it for you because IT department put a code to lock changing display settings

If I didn't mention the room number, suddenly they want to be helpful and ask me more

it doesn't make any sense. Just tell it to me straight that you don't want to look through your documentation or tell me a real answer.

;/

When I worked at UofL I hated working with central IT. They were mean, rude, and extremely lazy.

@little schooner i love global IT

We had to change our modem/router from the ISP today, but because of this we are unable to connect to a dns record containing our own ip, it's not allowing local requests to return.

I have read somewhere you can set up your own DNS server to overwrite the ip from our domain to our local IP destination.

But does anyone know a DNS server that is very easy to set up into a docker container?

did you enable dns on the new modem router? normally like Dnsmasq

i feel like @little schooner had this same issue and we discussed dnsmasq

Is it still redudant if i connect my host and my switch with 2 network cable?

with redudant configuration

exept if the swich dies

no, not unless the switch is smart and your host supports LACP

lacp is supported

then yes, technically redundant at that level

like the bare minimum level of redundant lmao

but between my router and the swich is only one cable

still?

@primal ice not much we can configure on the isp router .. and the interface is so slooowwwwwww

if you want actual redundant you need a host with two cables, two switches (hopefully with a LACP spanning technology), two routers

ah

VPC or MLAG are two spanning technologies

normally you can only LACP on one switch, the spanning tech lets you use multiple

[Router/DHCP]-----------[8 port switch]========[Host] my topology

kinda limited

yup

but is there any feature i can still use with this limited equipments?

whats your usecase? what are you trying to prevent?

well lets say one port dies of the host

that topology is super small, im thinking just shrug and go oh well lol

@zenith ridge sounds like you need to just put the isp modem into bridge mode and get a router with dhcp and dns setup. 😦

the host runs my vms and my nas

vlan networking is prob my only just to link to my home network between my server network

like media sharing

@waxen scroll yeah dnsmasq was the solution. I was able to forward certain domains that needed a resolution to a different internal DNS server so they can be properly resolved

This way, if the server goes down, it doesn't bring the whole home internet down with it

That was such a massive problem before and glad I made the change

there you go, teach it to them

This link helped me out with that https://stackoverflow.com/questions/29004054/dnsmasq-forwarding-on-specific-domains

Edit dnsmasq config file, put your domains, restart service, profit.

tigerblood

My 8700k is getting maxed out from indexing file contents

Ugh 100% for the past 5 minutes

Time for the 3950x

I need to buy a motherboard is all

i was thinking about a 30+ core threadripper but just the board/cpu/ram is like $4,000

Yeah that is definitely out of my reach

its 256gb ram

non-ECC

Well, not bad I guess that is a lot of ram

I'm barely using my full 32GB

I would like windows to cache more of its stuff

So it doesn't feel as wasteful

I want many VMs at once for when I lab new IT tech

Giving only 4gb each is crap performance

memory manager hax force windows into ram

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Memory Management
DisablePagingExecutive 1 permitted systems, load kernel directly to the RAM
ClearPageFileAtShutdown 1 yes 0 no
LargeSystemCache increases the size of system cache 1 yes 0 no
NonPagedPoolSize / PagedPoolSize 0 system controlled
NonPagedPoolQuota / PagedPoolQuota 0 system controlled
SessionPoolSize 64 decimal memory used for the allocation of video drivers
SessionViewSize 64 decimal desktop heaps within the active session on a server or workstation
PoolUsageMaximum 70 decimal usage of total paged pool before trimming starts

@primal ice no bridge mode option, best i could do is to put a router we have and put it as dmz, but that router can only point to dns servers, not overwrite them itself to keep the request local

DMZ just bypasses the firewall from cloud to internal network.

yea, but that's all i'm able to do, add portforwarding and set the wifi ssid/password on their router

what is the model number of this modem/router?

@waxen scroll if a linux utility is named gunzip, does that mean it supports America's second amendment?

yep

u mad?

I'm speechless lol

don't you dare try take away its permissions

heh

it probably DEFINETLY is prepared to use that right

Is it possible to have 2 router on one isp with 2 diff public ip?

Yes

im have 500/500 connectition will it make any difference if i setup a Link Aggregation configuration with my router?

like bandwith

putting a second pipe into my router

----fiber in----[modem]====2 ethernet====[Router]====[Host]

no

you need a second fiber and second modem with a second account with 500

there is a unused extra fibre in the box still no diffrence if i use that?

im saying that your provider is throttling to 500 over that fiber and theres nothing you can do to speed it up outside of paying for more service

ok

its not 500 per public IP, its 500 per physical link

so both of my fibre is capped at 500?

prob womt make sense anyway

Unless you pay your provider for more speed, you won't magically be able to increase your speed...

im still confused why do i have 2 physical fibre out of the box and only use one of em

If it's gpon, it's most likely because the fibers are already in the cable anyways, so why not just terminate them?

ive tested both fibre

both has connection

take a picture of the box

both of em are single mode

brb

Does your modem even have two fiber ports on it?

Just one

Looks like one for TX and one for RX...

It's likely a redundant connection in case one breaks or something or a second run for something else but regardless how do you plan to get it to authorize on their network?

^^^ That, or it can be for a secondary suite / rental unit in a residence.

No ISP worth their salt will just see a new device and say "whelp, have some bandwidth random device"

2 fibre moden and then connect these 2 moden into my router with lagg wont be any difference in bandwith but just fault tolerant?

LAG is for redundancy or multi source/destination aggregation, it's not a combination of bandwidth for a single stream

The second fiber is just another strand in the splice

You can get a 2 port modem but your ISP will NOT let you just plug in another cable for free, it will cost money to activate it

Nothing to do with lag

So just a split?

Yes

Ah

Drops tend to be 12 count at the minimum

@hollow marlin I assume that's some form of PON which, iirc, uses a single strand for both TX and RX? It looks like they just ran dual strand fiber to the prem but I'm not as familiar with all that stuff 🙂

I don't know of any PON that is duplex. All bidi

My first taught was it goes to 2 diffrent switch at some sub station in the appartment

Usually at residential with the fiber going to the modem without a bulk head will have 2 or more terminated because if the customer breaks one they can quickly swap instead of re splicing.

Horrible way to do it though

Basically a spare

scrap this idea https://i.imgur.com/PYC4fE0.png

@hollow marlin our datacenter people wouldnt run me new OM3 without doing 12 minimum

Yeha no MM for residential 🙃

does windows support link aggregation in software between two NICs?

not sure

but windows server have nic teaming

NIC teaming AFAIK is only useful direct connect to other windows boxes

is deticated nic better than onboard?

No ISP worth their salt will just see a new device and say "whelp, have some bandwidth random device"
@clear igloo If the ISP can identify the customer based on the line alone, then why not?

PON uses device registration, just MAC addresses, to allow a device on the network.

That's what's used to assign it a time slot

You cannot just plug in a second ONT and have it work

The actual fiber means nothing in PON. It's a shared medium

here there is a splitter box on the actual fiber line and they just plug a line from the splitter box to the ONT.

above ground on poles.

well...it would seem "NIC Teaming" is a Windows Server only thing

I've had 4 port nic cards go bad 1 to all 4 port just die

belarc

@fervent brook Microsoft only supports NIC Teaming on Server editions of Windows

Vendors support NIC Teaming through their own driver support

Intel comes to mind with this one.

Intel is also slow at patching their drivers when new feature versions of Windows 10 comes out

Complaining to intel doesn't make them work faster, even when intel admits the driver is broken

Lastly, they use the very slowest waterfall model for software development

when I searched windows for "teaming", a random document popped up. I think it was a help file from the onboard nic supplier

Microsoft if one of the only people that calls it “Teaming”. It’s more often called link aggregation. Usually set up with LACP but there are a few options. You might also hear it called port trunking (though this can get confused with VLAN trunking), link bundling, Ethernet/network/NIC bonding, channel bonding, or port channeling

@fresh copper do you think it's better to use LACP or Static trunking?

You should generally only use static trunking if LACP is not supported

But there can be conditions for both

Laughs in 5mbps

Help me

My internet is just getting shittyer and shittyer as time goes on

I have some bandwidth to spare.. How can I help?

@little schooner Always LACP when possible, $+_#$ STP

@hollow marlin i see our NAS supports LACP, so does the switch and server

Open standards are nice

But Cisco wifi proprietary implementation of wifi roaming is also good

Can I link aggregate my motherboards built in 10G port and a 10G 2 port NIC together?

In that it doesn't affect devices that don't play nice with k and r standards

@native kettle yes but it works better if they are same nic model

ok

@craggy parcel I have some spare also!! :D

idk, the ping is a little high for my liking.... @jaunty talon

haha

Can anyone recommend me some books about CCNA

Cisco netacademy or any of the Cisco press books

I see

How's the market for CISCO Administrators?

Is CCNA good or MCITP?

It heavily depends the country

some countries use heavily cisco, others not

yeah, i also gotta be honest the market is pure luck if you have no work experience doing networks every day (not IT generalist)

i had a hard time getting my first network job and let me tell you, even with working at a company in multiple countries, 2 data centers, 80k employees, etc... i was still having places pass on my resume when i wanted to move on

i understand the arguments on why its like that, but its shitty for new people trying to get in

@jaunty talon how about in your country?

Hell I would even state to not go for network specialisation. Designing and setting up networks are getting easier and easier

im not sure about that statement. i feel like with the "ease of use" tech out there its actually getting harder and harder. i think once you work a business that needs more than one building thats when the easy solutions arent going to work

but for sure, you'll be limited to medium and large companies

Is it possible to do career change

from what to what

From Law to Network Engineer

yeah. i mean, i see people with art degrees and no degrees doing IT

the fact that you have some sort of degree at all, thats all they care about mostly. but you'll have to study hard with networks because you dont have an IT degree to supplement your lack of experience in their eyes

I am pursuing Law out of parent pressure my Interest is always computers. It's hard to get networking job

ive personally found that doing network on a contract basis is a good way to start. in my country we have staffing companies who help you get contracts at other businesses for 6-12 months or so

The problem is, danger, that the amount of companies having multiple sites is serious low

the hiring requirements for those are looser because its only a limited contract

also products like meraki make it way easier to set up the needed VPNs

I have certificates with me from a private institute on System Admin, they taught us CCNA basics like VLAN, Types of Routing: OSPF, BGP, ACL, EIGRP, etc.

wow. teaching bgp? they didnt when i did my ccna

they didnt teach advanced ospf either

;p

@clear igloo do you think meraki actually makes networks easier so that a non-network person can get it going?

i didnt get that sense when i used it

Wrong ping 😛

no thats on purpose

he has experience

with Meraki?

with many things cisco, i would assume hes tried it before

Well the thing is, the configuration itself is not that easier

however the first set up is really easy

hm

ive only admined meraki wireless and it was fully set up before i got there

so not sure how first run is

make sure the device is connected to the right tennant (IIRC this is an order possibilty with certain suppliers)

and let some guy/girl who understand wires and wire diagrams install it on side

and then you can easily configure it from your own office

this means you need less time for configuration

also expending is easy, just add it to the correct group

have you tried ACI yet? good lord

I worked at a MSP who could admin way more networks per administrator compared to the "older way" because of this

That's their CISCO own cloud networkingstuff right?

its datacenter software defined network

Nope

i think they're moving it into campus now too

only the "basic" cisco or meraki gear

if i thought my job was going away due to automation, my worry was gone when i saw how much harder ACI made it

😄

LOL

thing is, SDN only starts to really work at bigger scale

But I am going home

all this crap is why its harder for @thick minnow to get a job with no experience

Hmm...

now the hot thing coming up in job posts is ansible, python, and bash scripting

i'd like to know what they're using bash scripting for

ive done it for very specific situations, but in most cases why not python

Because why script when you can bash it into submission

Meraki from an overall perspective isn't too bad to get going but it's a lot of clicking. I haven't really done any BGP with it or anything too advanced but it's definitely a lot lower learning curve over CLI for first timers 🙂

ACI isn't as bad as people make it out to be, it's just a different approach and a lot has improved. I remember when it used to be hot garbage but now it's really solid. I haven't used it a lot, yet, but what I have done has been pretty straight forward compared to the days of old

If you ask me the first cert that might have some worth is CCIE or higher

Anything under that it's more worth with just working experience

And CCIE or higher is mostly worth for the company and not you, as most companies uses that to get into different tiers at Cisco

@jaunty talon im not certed right now cause they are priced for Other Peoples Money(tm) and nobody wants to pay

I am too lazy to cert, and I have so many friends who are CCIE or higher who have made it quite clear that it's very small amount of the CCIE cert you will use in your daily work!

I rather just work with fun stuff and learn from that, rather than read my head off for a year to get a paper that some firms care about since they see platinum partnership with cisco :D

or juniper, or any other vendor

we passed the first 2 chapters of CCNA at school, however, knowing by heart commands to configure a router on a stick is not really a good idea...

this is not the "quickfix thing" it should be well thought an planned before hand instead...

i mean you should know though. at least the basics. i expect people to forget exactly how to config NAT/QoS, but routing protocols, static routes, vlans, ip on interfaces

v_v

since you're only 2 chapters in i get it, but you'll know how after the book and should memorize it. theres not a lot of steps

@jaunty talon Going for my CCIE in May. There is a ton that most people will never use day to day or even ever. But my studies helped me overall to be a better engineer. It does have its value outside resumes and bragging rights.

yeah but whose paying for it

I am

Also it's just a goal of mine. Really time intensive and expensive goal

why not skip CCIE and take the architect exam or whatever above it

dunno if its still invite only

I would like a "network architect" cert that is made by a 3rd party where you have to be able to build networks with X different vendors

CCIE is really only worth anything if you work with Cisco

@waxen scroll there is à différence between configuring Nat, QOS, or specific things about OSPF and declaring a vlan, a static route giving an IP to an interface...

ASAP you start working at a company where they use HPE or Juniper most of your cert is useless

There are so many differences!

especially when you start putting VXLAN, EVPN, L2VPN and other "new" protocols from todays stack together.

If there was a cert like that, even I would probably take it. As then it's worth "something" for you!

True, plus compagnies rarely have ONLY Cisco stuff, there is always that de vice that got a weird CLI or interface and is causing trouble...

If you look at most Tier1 ISP's today, non of them has CCIE/similar as requirement for their architects. And this is because in 3-4 years they might throw out all Cisco in favour for Arista or Juniper.

Therefor certs are almost only worth for Vendor partners, who gets higher partnership tiers based on how many certs they have!

The big issue is they are making it so vendor specific when it used to be technology specific. Part of that is due to the massive amount of cheating though so they constantly have to change things =/

ther is quite a lot of cheating in my class...
some learn the answers by heart...

That you will always have problem with. Them who reads the answer but doesnt understand it, but that problem you have in school also and everywhere else where tests are made in that way.

Yah, making a test with a specific answer and not going through the process is always going to be subject to cheating and even a process style test will be subjective to some extent but probably cut down on cheating a lot

i know, some got even better scores than me trough cheating...

Sure, which makes sense I guess? :D

The problem is that the questions cant be too "random" as then some test for certain cert will be easier than others

Which then brings in quality issues

the main purpose of cheating in my context is to bypass the looooong courses by learning the 40 questions...

Yup, and if you bring in subjective questions then it throws bias or proctor issues into play

indeed

we got sooo much other stuf to do that investing time in the CCNA makes it hard to be confident on other subjects...

Damn it takes some time to figure out how BIRD's import and export policies works :D Havent touched BIRD in at least 5 years

@sturdy mirage I studied basically the entire netacademy modules for ccent and ccna and was super prepared for the exam first time

Granted I'm still the only one from that class that got ccna

For that professor

Now, as @waxen scroll knows best, the prof just needs to pay me wages

i'd rather he paid me

I needed a stable vpn so rather than get just that I found a server with dual xeon 5670's so I figured why not. I'm going to try to get it set up tonight with pfsense and eventually I will run that a plex server and a storage backup. Should I start off with virtualization to make it easier for me down the road or will I be able to take my pfsense config once I've completed it and drop it on it's own vm when I do everything else?

@knotty tartan yeah you are easily able to transfer pfsense config

how'd you manage to do that?

thrift store

"do not use this product in a location that can be submerged in water"

ummmm...technically...

this...is one of those things you'd never think to ask for...but I love that they included it

ERL is like 5 years old tho

@waxen scroll why do they require many interviews?

it doesnt say how many

2-3 is standard

usually 2 phone calls, 1 on site

what did we do in the last 5 years? invent RIP 3?

@waxen scroll how much would you pay for an ERL?

nothing, i'd get an edge router 4

i like how they lie to sell the job

OMG imma work with NASA all the time

i wonder if amazons super shitty office culture follows their cloud team

i usually tell amazon recruiters to take a hike

Thats a different interview im not used to

@little schooner theres a bunch of network engineers on my linkedin making fun of tesla offering $250k+ for a neteng job and saying how they wouldnt take that... lmao. i love when people see through the BS of these companies with bad cultures

but yeah they sell it like its incredible

My career teacher is urging me to get linkedin

but I dont really want one

plus F living in CA where my house would cost me $3,000,000

Yeah, very expensive down that

you need one. sorry not sorry

no other website does tech jobs better than linkedin

Now what would be awesome is getting a job that exists in one state and living in a cheap cost-of-living state with that expensive state's pay

doing remote work

cali wage in florida for example

im working on that myself, its hard. companies like that are smart AF and because they allow 100% remote, they know they can pick top 1% of skill level

very elitest

also a lot of them are startups, so shit culture

80hr work weeks, whatever

one time I refused to sell someone alcohol because they were drunk, and when I told them to leave the property, they proceeded to stand outside yelling, "I work at Amazon"

someday, I wish to attain that sort of pride in my job

is "CA" California or Canada?

California, but I'm sure parts of Canada aren't far behind

at this point, im so used to the laws in my state/state, im worried that if i accidentally wonder into another state/state i might have to utter the phrase "what do you mean it's illegal to talk rudely to someone, even if they're trying to stab me with a knife?" unironically

Ok so i've got my pfsense config up and running and the first package installed was pfBlockerNG. I've tested it out on a few sites and it's working well but am I wrong in assuming it would block ads on youtube videos?

I recommend PiHole for ad blocking. Haven't used the pfsense for ad blocking

But im sure it exists as a different package on pfsense

I haven't seen a package for pihole but everything that I've read is pfBlockerNG uses the same lists as pihole

but I've got ads on my youtube

use ipv6 as an adblocker. works great. :p

have all my browser traffic through a ipv6in4 tunnel. ever site thinks I am using an ad blocker.

https://tunnelbroker.net/

is there a place all the cool kids buy their com ports?

Idk

damn

ive got like 2 rollover cables, and my motherboard has a connector, but i need to buy a com port. at this point i might just buy a com port board and take the port from that

https://www.amazon.com/Cables-Go-02882-Serial-Adapter/dp/B00005114T

So is a com port just the male connector for vga cables?

no

VGA as you probably know it use DE15

https://upload.wikimedia.org/wikipedia/commons/thumb/9/92/SVGA_port.jpg/1200px-SVGA_port.jpg

https://upload.wikimedia.org/wikipedia/commons/e/ea/Serial_port.jpg

try and plug them into eachother. i dare you

Eh, just bend a few pins

I'll try tomorrow

if you have a computer with a CGA port, you'll have better luck

that uses the same pin layout and number

I just had a really stupid idea.

Buy an RJ-45 keystone jack, wire it directly to my RS-232 pinout on my motherboard, use that for Console access

So long as it's not over 50 feet then you're good

the dumbest implementation of à console port I have seen is on alcatel switches,
there is an RJ-45 console port with a proprietary pinout, you need à crossover cable to connect this port to à DB9 adapter, then you need an other adapter to connect to à laptop in USB.

why not just use the Cisco pinout ?
or even put à micro USB, like HP/HPE...
no one will ever know...

@clear igloo baby, hi

we did that hack in the datacenter and i believe it works way over 50 feet

its been years tho, dont remember

putting console through patch panels

@waxen scroll I just did a quick google search and that's the first estimate that came up 😛

why not just use the Cisco pinout ?
or even put à micro USB, like HP/HPE...
no one will ever know...
@sturdy mirage Cisco has also used USB for awhile now. Don't remember if both routers I have access to are miniUSB, or one is micro.

putting console through patch panels
@waxen scroll Looks funny when you plug in the console cable in the wall jack.. 😉

i tend to use USB when available, however other equipment hasnt caught up, so you have to carry DB9 anyway

Yeah, I also use USB when I have the option. No need to worry if the USB->RS232 dongle will work with that particular device, they picked a chip that just works. 😉

Bonus is, the driver is already available on my mac. 🙂 Just a matter of screen /dev/tty.usbsomething 9600