#networking

USB only SUCKS in a lot of cases such as a data center or lab environment

There aren't any native USB comm servers that I'm aware of

@ChanoAndersen what's the purpose of screen?

@craggy parcel

screen just lets you not have it taking up your main terminal

and so you can detach/reattach

kinda like tmux

https://en.wikipedia.org/wiki/Terminal_multiplexer see bottom of this

oh sweet summer child. i see that @little schooner has never used IRC/Shells before

@craggy parcel I have 2 Cisco routeurs with usb, 2 switches with USB but this damn layer 3 switch has this weird RJ-45 connection ant this is extremely annoying

@craggy parcel what's the purpose of screen?
@little schooner Screen is a perfect terminal program on mac and linux. 😉

@craggy parcel I have 2 Cisco routeurs with usb, 2 switches with USB but this damn layer 3 switch has this weird RJ-45 connection ant this is extremely annoying
@sturdy mirage Old or new switch? I think the 2901 was the first cisco product I saw with a USB console.

There aren't any native USB comm servers that I'm aware of
@clear igloo ANYTHING with sufficient USB ports will work. Perhaps powered hubs will make it great as well.

@craggy parcel When you have over 600 devices in a small lab to deal with you need a proper console device

No idea how those so called console devices works.. So perhaps you're right, perhaps it can be archived with a linux box with LOTS of USB ports.

When I can get 32 ports in 2RU for console connections and don't have to troubleshoot some powered USB hub and just plug RJ-45 into a patch panel, it's so much simpler 🙂

It's just a 2801 router with 4x octal cables to a patch panel

You just SSH or Telnet to a single IP/port similar to how the USB stuff works but you don't have dozens of USB dongles everywhere 😛

I suppose you can make something nice, also you can have a much higher port density with USB. 😉

Actually, you should be able to make a USB->RJ45 cable, as USB are only what? 5 wires?

it's an old one, I haven't used it for months, idk the référence ...

@craggy parcel usb have 4 pins, 5v, 0v, data+, data-

@craggy parcel

Nice, that makes it possible to have 2 USB lines in one RJ45 port. 🙂

Don't know if the lines will interfere with each other, though..

@waxen scroll I guess I'm very used to just using Ctrl Alt F<1-3> keys changing terminal sessions

But wait, screen doesn't work if there's no GUI right?

How am I going to deattach it to a blank space

CTRL+A+D

i think its screen -x to reattach

I'll have to try it

you can run many of them at once but theres other commands you need

@little schooner screen is a text mode application, similar to tmux, that seems to have become more popular. I've never had a need for features screen didn't have.

screen -r r for reattach

If it will even work. 😉 But in that case, there's -D -RR never had that fail.

if you ever get the chance, use a terminal without a monitor

@fervent brook And that would be done how? Blindly typing, and hoping for the best?

Or old mainframe style, with a line printer and a "typewriter"?

i mean, the first option works if you're good enough

I'm quite New to Linux shell and the whole idea of typing commands blindly is frightening 😭

Well, I've shutdown a machine blindly once. It had a CRT screen, that has become so dim, it was impossible to see anything. Had to shut down the machine, before disassembling and adjusting the monitor.

just pull the power cable 😄

The machine was in the way. 😉 Unless you meant, to the machine, without shutting down.

was the monitor attached to the System?

o.O I wonder how long until we start seeing WPA3

@vapid dune is it already cracked?

https://www.zdnet.com/article/new-kr00k-vulnerability-lets-attackers-decrypt-wifi-packets/

I mean among other vulnerabilities

I've been using VPN on my phones and laptops mostly

maybe I should go WPA2 enterprise but it's annoying to run multiple auths (for devices that don't support it)

was the monitor attached to the System?
@fervent brook Yes. Via a VGA cable, that was not detachable on the monitor side.

@vapid dune I tried using wpa2 enterprise with unifi ap but the way they implemented radius client, it stops working for no reason

So I had to give up on it because it was causing many calls from family

Unifi doesn't implement it right

hmm I've been using mac assigned vlan with a radius server. no issues so far

Using a Cisco AP never has failed me. I tried that at the school I volunteered at

I'm too lazy to set it up lol

if the radius server were built into the ui it would be nice...

It's worth it if your vendor supports

Yeah a UI built in would be nice

like I'd probably consider one of those rack mounted routers if it had more features

That got me thinking, how safe from corruption are virtual disk files if I am running them over iscsi?

I tried running VM over network with workstation pro and it corrupts so easily

if you have workstation pro, why not just add an esxi server ?

you cal litteraly drag n drop VM's between servers and workstation ?

@sturdy mirage well, I'm trying to centralize where all my VMs run from

How to make sure that another server can read the VM? iSCSI I presume but I don't know it's reliability

I tried SMB and it was failure

That got me thinking, how safe from corruption are virtual disk files if I am running them over iscsi?
@little schooner I've had production systems run from FreeNAS machines with iSCSI for a few years, with no problems.

How to make sure that another server can read the VM? iSCSI I presume but I don't know it's reliability
@little schooner I don't really like the idea myself, but a lot of people uses NFS. However, a proper SAN would be the right way to go.

@craggy parcel NFS because it doesn't require a thin or thick provision?

And easier to configure?

Or for a different set of reasons?

@little schooner No idea why people like it. It's old, and insecure. (I think some authentication has been implemented by now, but still.. )

I think it's just the fact that it's well supported, and easy to setup, and works quite well for multi host access, with stable networks.

NFS is really only insecure if you set it up insecurely, just have to do it right. Plus it's not like NFS hasn't actually gotten updates to make it better i.e. pNFS

iSCSI is way easier to multipath if you need the extra performance at the host level but the down side to iSCSI is that since it's block based if you have deduplication and compression on the backend storage the space savings are not shown at the datastore because storage controller isn't the one doing the filesystem

NFS you see all space savings directly

@jaunty talon did you work dreamhack anahein 2020? i see theres a video from JayzTwoCents on the network there

I did not, my last event as CTO was DreamHack Atlanta 2019

😦

=)

they were confused in the video on why juniper switches blink 3 times

they meaning DH staff

an enterprise gave me a server (dell PowerEdge T320) and there are 3 SAS drives in it connected to a raid card. For some reason the don't show up in VMware. The drives had windows server and other files on it. Do i have to do something particular so that they show up in VMware?

you need to make a virtual disk using the raid card and after that, initialize it

@subtle glen and if you want them to each show up as a separate disk, you need to create a RAID 0 for each drive

@waxen scroll Cisco sent me a 200 level badge on acclaim

I don't know what to think about it

oooook

@waxen scroll what I do know is that my prof just told me he purchased yet another NAS

That we don't need

I'm a little disappointed

lmao

like i said, ill take his money

How do you make the virtual disk?

Depends on the hardware. Also, if it booted with windows, that part would probably already be done for you.

Also, some times you need a vendor specific version of VMWare to get the needed drivers.

Oh so like this os?

Yes.

The HPE servers we use at work, needed an image from HPE, and I even think that was the drivers for the storage that were missing.

Does the internal raid card (drives connector on mobo) counts as external raid card?

Cause I've tried that and the hdd's weren't turning on at all

I'd say no.

Maybe it was disabled In bios idk

I'll try the special iso then, thank you

@subtle glen CTRL+R on POST unless your dell doesnt support that it should say "press ctrl+r" during raid card post

Seems like the latest version don't have a dell ISO yet. But 6.7.0 u3 does. Also make sure your server is actually supported by the VMWare version you try to install. That makes it so much easier. 😉

@waxen scroll yeah I think I saw something like that during booting. I'll check

@craggy parcel yeah maybe that's a goos idea

also some servers dont power up the drives until after raid card post, not sure if thats why yours arent on

The drives do power up when using the pcie raid card

It's just the on board connector that seems disabled, but I wasnt gonna use it anyways

@little schooner lets run the "Implement MP-BGP EVPN VxLAN Control Plane Lab"

@waxen scroll I'm ill prepared

😦

@little schooner You need to learn on the fly

@subtle glen
you probable have à PERC H710 on a PCi slot in your server, the correct combination is ctrl+r, you should connect the drives backplane to the PCi card, because it is way more powerful than thé onboard raid controller, if you have any question, just @me I work à lot with Dell raid controller, I know them by heart :)

TBH i dont know how hes connecting them onboard, usually dells use those trunk cables to the cards and theres no individual satas in the drive bays to bypass it

< owner of an R710 / H700

lol

@sturdy mirage yeah I think that's the model name. I will probably pm you 😄

@waxen scroll I'm but a wee CCNA candidate. Nothing like enterprise advanced networking stuff

I'll get there though. With time

Or maybe something in Cybersecurity

"CCNA candidate" thats a first

i only hear it with CCIE

Heh

Right now I'm asking prof to see if I can fix the quote for the synology NAS

To see if we can exchange it for another qnap

I really want the money to be well spent and have everything connected well

Whether that's with backup or single pane management

They have apps that work really nice if Nas brand is the same

@waxen scroll I only have up to ccna cert

xeon

you're more network certed than I am

grats bruh

😄

So, when on public wifi, vpn's can protect you from hackers. But can 1.1.1.1 protect you from hackers on public wifi?

no

Does anyone have Win10 updates to do, and access to iperf? I'm looking for samples to test my theory that WIn10 updates overwhelm a networtk

@waxen scroll prof said order can't be changed

So it's set in stone

lmao

I would just use vpn on public wifi. well actually I wouldn't use public wifi at all

I end up using public wifi at trusted locations like my university

And they have a proxy that does malware and ad blocking

I wonder how they are doing that

It's stupid fast

maybe some sophos or fortinet stuff ¯_(ツ)_/¯

@little schooner

Could even be openDNS or something as well @little schooner

Yeah hmm...

Because it works so well

https://support.opendns.com/hc/en-us/articles/227986647-Can-I-Block-Advertisers-and-Ad-Servers-

Or maybe not opendns

by public wifi I usually mean unencrypted / open

fwiw I run pihole and haven't noticed any adverse effects on dns blocking

Can anyone tell me why the Aquantia 10G-Pro cards have disappeared from the earth for nearly a year.

My home wifi wont let me connect to certain sites and especially discord doesnt work. Does anyone want to help me find the issue?

DNS not resolving websites properly or a particularly restrictive firewall policy come to mind

Either way you'll have to tell us more

which sites do work & which don't

ive tried changing dns to 8.8.8.8 and 1.1.1.1 but didnt work at all

Pay attention to HTTP or HTTPS being used in the sites that work and those that don't

ooh okay

HTTP uses destination port 80 & HTTPS uses destination port 443
If only one particular type of website works then you could be looking at a firewall related issue

okay thanks, will check out after my game

so my home wifi connection has a router with a usb stick with a sim card in which supplies us with mobile broadband since we dont have any internet cables coming in from the street. for some reason that one blocks certain websites. i bought my own usb stick with a sim card in for mobile broadband and everything works perfectly with it.

Which sites are blocked
And your own usb stick you plug directly into your computer, without the router?

ah yea ive tried taking the router usb to my pc and discord wont work either

If so, look at your routers settings panel, check firewall settings or possible parental control website filters
I'd also try turning off your Windows Firewall and seeing if the websites connect (then turn it back on again)
Different connections have different firewall profiles & yours could be restricture.

In that case it could be a restrictive policy on your ISPs side & you should be contacting them

i think i need to run a permanent vpn for it to work

Is this Firefox DNS-over-HTTPS really as useless as it looks like to me? Like sure, the first time you access a website, you get its in an encrypted way from someone else, but after that the IP is cached on your computer, so you don't use it anymore, plus your ISP or whomever through you are connecting to the internet will see the IP of the site you are accessing and can get its domain with a simple nslookup

it's not quite so simple with stuff like cloudflare @trail trench

https://www.cloudflare.com/learning/ssl/what-is-sni/

I'd say there is a benefit but you're probably not too far off that it isn't that great a benefit

What can cause a home sever to just Power off

power outage

evevery was still up i can down to sever off and my home pc still up @vapid dune

so cant be power outage

@raw timber What's installed on the server?
If it's a GNU/Linux distro you've got logs you can look at you know

proxmos

I think proxmox should still have a /var/log/ directory?

how to find it would have to do it some time later wokr soon

work

How to find it through the webUI I wouldn't know. I've never used proxmox.
But you can probably ssh into the server & navigate to that directory through the shell

oh i see, havent heard of SNI before 🤔 that definitely makes a bit more useful, but still isn't super convincing

Best to get a VPN if you're concerned

It's not like a DNS server is especially hard to set up at home either lol. I use pihole backed by DoT to Google

You guys think you could help me explain some file transfer speed results I got?

Here's the relevant hardware

The machine with the user Swift
Intel i3-380m @ 2.53GHz
SATA SSD
The machine with the user Media
Intel Atom D425 @ 1.8GHz
5400RPM HDD

They were connected via Cat 5e cable on a gigabit connection (confirmed through iperf3)
I performed file transfers of a Windows iso (tar.gz'd) 3 times in both directions for one set of settings.
The results in picture related are as follows top to bottom
Swift -> Media @ MTU 1500 (default)
Media -> Swift @ MTU 1500 (default)
Swift -> Media @ MTU 6000 (max of Media)
Media -> Swift @ MTU 6000

In both cases the transfer speeds are faster in Media -> Swift direction, presumably because the mechanical drive has better read than write speed?
However once I bump up the ethernet frame size to 6000 the ratio becomes even more drastic. Swift -> Media speeds tank, but Media -> Improve.
One thing to note however, before doing these tests I performed one file transfer (same file) with MTU 6000 in a Swift -> Media direction & the transfer completed considerably quicker, with a time of 01:52
I'm wondering what the reason for the MTU 6000 speed tanking in that particular direction this time around, because otherwise keeping the frame size at 6000 makes more sense, correct?

@dire flare at 6000 MTU, more data is going over the wire. More data incoming means increased delay for the hard drive to write it to disk. Since those bigger chunks are coming in so fast, the hard drive is probably falling behind writing those bigger chunks and takes longer whereas 1500 bursts are handled with ease

And yes perhaps your drive is read biased

Any mikrotik lovers? How to reset a ccr router to factory defaults when I know zero creds on it?

Anyone use PIA and could give me some anecdotal results in regards to ping time in game and overall speed?

It would be prudent to list the exact make and model of router you have. Why? Because some makes and models are absolute crap, overheating whenever they can't handle the load anymore, causing the chipset to reboot internally, which may explain why your wireless is dropping.

@tawny fox maybe you can change the registre by pressing break on your key board while it reboots, thiss way, you May be able to delete the old config....

could anyone help me find the problem with my mobile broadband router? the usb that goes into it works in a pc but it wont work while in the router. can anyone dm me so we can talk about it? would make me glad.

And the router is compatible with the USB device?

I hate when ISPs apply CGNAT on your network... Now i can't play online games because my NAT type is strict..
Do you guys know any other way to fix this other than VPN?

Unless you can convince your provider to give you a static IP (they sometimes will but it usually costs more) then not really. There are a few things that you can do for LAN games but not much that you can do for normal online games. There are things that the game companies could do (and a few are starting to try) but nothing on your end

@fresh copper welp, no forza online for me it seems

:(

Help

I factory reset my router

And now I don’t know what to do

And I’m going to die

How the frick do you freset a router

@tropic leaf i need answer, from you

I pushed a pin

In a hole

And boom

i, dont know what to say

How do I sign in and stuff

I watched like a dozen tutorials

and now I’m even more clueless

@tropic leaf make sure youre connected to your router and type 192.168.0.1 into a browser. Then look on the router for an admin username and password.

@thick minnow What if the router doesn’t say what the username and password are

I see what the password and username are supposed to be online

What when I type them in it says they are wrong

What router is it

Try this.
admin
password

AR-5381u

Is the model name

admin
admin

nah

Is it ISP supplied?

If so, contact them

It is

And Alr

One site I just saw said leave the username blank, and try admin as the password.

And to use 192.168.1.1

Still nothing

Well I'm out of stuff

Alr

Thank you

which combinations of user & pwd have you checked so far?

This site is brilliant

Lmao

https://fccid.io/L9VAR-5381U/User-Manual/5-Users-manual-1-2010249

30 seconds of googling

tbf, I only did 30 seconds of googling as well

Being able to read & search for information truly is a lost art

Try in the browser, typing in 192.168.0.1 this could be your routers address. username: admin password: password

If answered please @ me.
I'm having trouble with my router. Every few months or more I have issues with wireless devices disconnecting and taking multiple attempts to connect manually. I've used the cycle button on the router each time and the problem sometimes goes away. No idea why this keeps happening. On only channel 11/12 and next to no one near me can access it, so little traffic.

Anyone here use Cloudflare as their domain hosting?

Is domain hosting in this case them as registrar or their DNS services?

DNS services

I bet many uses them! (including me)

As they're free

Basically, every month or so, my main A record reverts from "proxied" to "DNS only" . . . is this happening to anyone else? Is it because my account is the free tier?

I just got 1000/100 internet, should I change from Cat 5E?

Why would you need to?

I'm just asking if I do ¯\_(ツ)_/¯

I don't know

Cat5e is good for gigabit up to 100m or 2.5Gb up to I think 55m

Ah

Thanks

Yah, sorry if I came off like a jerk

It's good for up to 100m?

Thought it was a lot shorter

100m is the spec for ethernet cable length

100m = 328 ft, that's correct

faster speeds on the same spec lead to shorter distance before issues though

I just wondered cause I rarely hit the speed, but I guess there's a bottleneck somewhere else then

What are you getting, average?

About 350 to 400

It keeps fluctuating all over the place though

Weird, what router?

Err let me find out

Better cabling is necessary in situations where density of cabling (multiple lines) causes interference
And well, really long runs

Sagem Fast 3890

You should do some iperf tests within your local network though and go by that

It takes out some variability of it all
If you're going by speedtest.net speeds, you could simply not have the adequate connection runs to the speedtest server you're connecting to

My cables are pretty separated but pretty long

None are over 50m though

It's not just speedtest, even if I do multiple downloads from different places its the same

Just do an iperf test and you'll know for sure what you're working with

I mean it's fast internet anyway but

Sure, just going to google that

You need two computers, one on each end of the network
Download the iperf3 program on both (make sure it's the same version)
Open cmd, navigate to the directory the iperf3 exe is in then do iperf3.exe -s on one side to set the server & iperf3.exe -c <ip address of server>
That'll test the connection one way, then modify the client command a little to iperf3.exe -R -c <ip of server> to reverse the test and check the uplink speed

Ah alright

@rocky badge When you power off your dock by accident and it takes 10 minutes to get it working again x.x

rip

and it's a brand new laptop 😦

first one

now the reverse one

@clear igloo

reverse

@dire flare

@rocky badge 👀

90W, USB C

Ethernet, USB A, HDMI, mDP

@random void That's kinda uhh, not a gigabit
Confirm that both your NICs are running at gigabit speeds

But it's pretty much pinned 100mbps

they both say 100

Assuming your network adapters are capable of gigabit, you need to set them to operate at such speeds.
Autonegotiation of ethernet speed can at times fail

theyre both gigabit nics tho

hm

(though keep in mind that autonegotiation failing can sometimes be an indicator of cabling issues)
But not always, for now just manually set both to gigabit, see if the connection stays up & run iperf again

Set it to 1 Gbps full duplex

Which made the connection drop

But I dunno if it just takes a bit

@random void are both test computers plugged directly into that router of yours?

Yes

Waiting for reconnect

If it doesn't reconnect soon, replug the ethernet cable
Otherwise I'd say you definitely have an issue somewhere in the cable run

One of them reconnected, the other didnt

Be sure the NIC port isn't dirty and the RJ45 connector makes proper contact
Had a dumb issue with corroded contacts on my ThinkPads NIC yesterday that caused more or less the same symptoms you're having

If you have switches between computers A and B I'd suggest you just bring them closer & test each line of ethernet cable individually, perhaps there's only one bad egg in the basket

hm yeah, it connects just fine in 100 mbps full duplex but fails to connect in 1000

im going to try the same cable but with a different pc

Same thing on the other computer, except it runs at 100 even if I set it to do 1000 full duplex

while the other pc just disconnects if i force it

Seems like it might be this cable then

Do you have a shorter ethernet cable laying around to test just computer to computer?

Yeah somewhere

Just to eliminate the dumb off chance that something might be wrong with the NIC

then we can conclude that the cable run is problematic

Still runs at 100

With this cable

Even if you manually set them to gigabit?

that's.. weird?

if I manually set the desktop to 1 gigabit then it wont connect

To confirm, this is just a relatively short cable plugged into Computer A NIC directly into Computer B NIC, without any switches or other network hardware?

yeah

That's extra weird then

they run at 100, if i force 1000 then the desktop wont connect

the laptop can run 1 gbps fine

If you were going through a switch I'd assume you might need to configure the switch to run at gigabit ethernet or something like that, but directly NIC to NIC things should just work

You've got a 3rd machine, right? Can you run gigabit between those two?

Sooo laptop & whatever the 3rd machine is

yeah let me test, its an older machine but should still have gigabit

Here's just a quick disclaimer though before we start ordering new components
I've only ever done NIC to NIC connections between Linux & Linux and Linux & Windows, never between two Windows hosts
Soooo if there's some arcane button you need to press to get Gigabit between two Windows hosts I'd appreciate someone telling us

yeah they show full 1 gbps

Ah alright

the two laptops

Well use these two machines to test the long run

the desktop is the only one that doesnt run it

hm ok

If the long run shows up fine, then I'd consider shopping for a new NIC in your desktop

and this was linux to windows

ah

yeah both laptops run at gigabit

with the long run

desktop does not connect to anything if set to gigabit full duplex, only 100 mbps

which is odd, newest drivers and it should support it

oh well.

Guess the NIC isn't doing alright

Maybe try to revert to an older driver? I dunno

I'd do a few web searches on the particular NIC and see whats up

well its a very common one, I219-V

I mean, if you ||google|| the NIC model with "failing to run at gigabit" you get a few articles

Yeah I know

yeah it seems to be common ish problem

maybe i should just get an actual card

Well a gigabit NIC should cost less than the cabling lmao

lol yeah

and a third of my monthly network bill

blessing in disguise
way less effort than pulling new cables too

pcie 1.0 hm

oh well should be fine i guess

@clear igloo Spinny wheel of waiting https://blob.pcmr.rocks/5e358e32.png

@rocky badge spin spin spin 😄

https://blob.pcmr.rocks/2c7e56eb.png

i get about 600 mbps on the laptops in speedtest, so i guess thats the max to that server

If it's more stable than the stuff you were getting before then yeah, I guess so

@clear igloo https://blob.pcmr.rocks/5e44ace6.png

and it broke

ooof

@random void Oh & did you actually do an iperf test to confirm the long run is a proper gigabit? Wasn't entirely clear
That's the only thing I've got on my mind still
In general though you'd have losses at one point or another on gigabit ethernet, ideally you'd have an order of magnitude faster networking at home to make full use of the gigabit, I wouldn't really expect more than ~800Mbps
850-950Mbps is what you can expect an iperf score to show on a short cable between gigabit NICs

I did iperf with the long run between desktop and laptop, but not between the two laptops

If you've got the time & will I'd do that, just for the heck of it.
iperf is cross-platform anyways

Bloody hell, they must be reading chat

https://www.youtube.com/watch?v=wYVBNGhIs-Y

Very appropriate

Any reasonable switches to buy lol

The mikrotik switches are pretty good

If you can find them in stock

Anyone here used ubiquiti APs?

Trying to find the lowest latency/most stable small-home wifi setup I can

Wifi 6 is an option, location is fairly crowded (apartment building), need to find someone who actually knows what they’re talking about lol

Trying to upgrade from a shitty ISP-provided wifi router, first time in my life wired connection is not an option 😦

Well you can count ubiquiti out for WiFi 6

They don't have APs that have it

Right...

So I guess the question becomes consumer grade wifi 6 vs ubiquiti AC?

Unifi AC if you want SSID tagged vlan support

Consumer if you don't need that

The mikrotik switches are pretty good
@little schooner 3XX only
MikroTik trainer recommended only 300 series switches

Only go 300 series because better hardware and their "simplified" vlan configuration. 1/200 series shit the bed when l3 gets involved with vlan routing

PSA: TP-Link C7 can't even handle PPTP (Yes I know that it's insecure, but OVPN just don't work) and 1Gb/s downlink

https://i.imgur.com/zUc3NRF.png

my subnet with vlan seems not able to resolve the dns

even if i added a rule for the interface to allow all traficc

Whoever said it was a good idea to have PiHole be the DNS for adblocking and for AD domain resolution... Yes, it works really well.

@stiff panther well what does the routing table look like

#doubt @little schooner

DNS based filters are crap compared to a solution like ublock and you should feel bad for mentioning them

@hollow marlin turns out it worked after i waited

@waxen scroll oh, I just need the basic DNS blocking just for one mobile phone

And from that, it does it very well

How come? Ublock is on chrome and ff for phone

🥰

ublock doesn't block ad servers in games

I mean really pihole is just blocking stuff that isn't in a browser for me

@waxen scroll I use Chrome for android

My life is basically on it

so I need some advice on networking

anyone who can help?

Can you judge multimode and singlemode fibre by the amount of strands?

@buoyant plaza not reliably. If you are dealing with a bundle then most likely is SM. All you can go off is the shielding color

Agreed. Yellow in most cases is SM and Blue or Orange is MM

depends if you're looking at a patch cable or trunk

if it's a trunk it can basically be what ever color

but then you would likely be able to say that from the patchpanel the trunk is connected to where blue would be SM and grey connectors would be MM

thats good for 2.4ghz

I get around 60 Mbps out of my 100 Mbps on 2.4G with Ubiquiti

@clear igloo Only DM gives you the ability to deliver standalone and hybrid solutions that mix 4K60 HDBaseT®, 4K60 fiber, H.264 streaming AV, and 4K60 4:4:4 HDR over your existing 1Gb Ethernet infrastructure. bullshit lmao

LUL

Hey guys, how bad is my connection to the net,

Specifically the Attenuation and noise

Aussie nbn (lol)

Rip

@thick minnow attenuation means nothing without distance but you margin with rates looks fine for DSL

Time for the first PoC :)

One missing device tho, since I am waiting for a beta of QFX5120-48T

Nice @jaunty talon What are you proofing out? Just new distro stuff?

A new 10GBase-T network for our new office!

Built with DC setup

Oooo, very nice :3

So spine-leaf setup but for access network

Going to be interesting =)

Yah, that's fun 🙂

redundant links for all the hosts with vPC down? 😄

nah, each workstation gets one 10G port

aww 😦

Dont wanna have problems with loops and shit

Yah, I can see that in a user network more 😛

Since I dont want to have IT connect each cable every time a colleague moves desk

Fair enough

And it's for sure not needed with 2x 10G to each workstation and then setup LAG's etc on WIn10

Yah, that's a big pain setting up LAG in Windows

a lot of potential problems for very little gain

100Gb spine I assume? Or are those 40Gb links?

100G spine with 100G uplinks

2x 100G from each leaf to spine

Very nice!

to start with, and then just add 2x 100G more if ever needed

Yup

QFX5120-48T in this case comes with 6x100G QSFP28

Yah, I was just looking at the picture and was about to say

But the other is good for a POC for now

the copper switch up there is a EX4300-48MP which will be used for WIFI6 setup

mmmmm, WiFi 6

still waiting for the beta of QFX5120-48T

beta? psh

supposedly it was sent to me yesterday

indeed

it's not released yet

only QFX5110-48T is released, but I dont want 40G uplinks :)

Should have gone with a 93108TC >.>

or is that switch mGig capable?

QFX5120 isnt

Ah, so just pure copper 1/10

cisco fell out of the process due to their super high price on optics

conf t
service unsupported-transceiver
😛

juniper and arista are left, and doing PoC with both of them

I kid though, I understand the desire for full support

yeah, but problem is both juniper and arista offered with extremely good prices on original optics

Fair enough

so there is really no point to not go with original if you can

Yah

if all of them would have been crazy with the prices as back in the day, then cisco would have been in the process still

and cisco is also missing a good mGIG product with 100G uplinks

Soon :>

they only have 40G uplinks

catalyst 9300 or whatever its called seemed OK but only 40G

Yah, there may or may not be an mGig N9K on the horizon

interesting that it would be in nexus productline

Yah, BU has waffled on it a bit though so not set in stone

Wonder what market they would attempt to go with there, as not many servers comes with mGIG, its either 1G or 10G

Yah, it's weird, I heard there is a PoE N9K too which is just bizarre to me but it's out there

that's strange indeed

one would think there would be a new version of the c9300 with 100G interfaces

Yah, I don't really work with catalyst stuff too much so I don't get all the juicy insights into that stuff

aye :)

But I am getting more 400G boxes soon :>
Got my Spirent all ready to blast them

for spine also or?

or peering boxes?

Yah, spine and border

i was out drinking yesterday with the telia ic guys who built the new 400G network for as1299

That's awesome. That's some extra fancy ISP stuff

their new backbone is cool as fuck

I'm sure, and Verizon just tested a 800G single wavelength with Ciena too recently I saw

a lot of testing of that indeed

but verizon has too crappy fiber in US to be able to fully deploy it

I'm not surprised, lol

a lot of fiberwork needs to be done to deploy even 400G

telia has done so much work with changing suppliers and vendors and new routes in order to get all up to 400G

Yah, I'd love to see some production 400G deployments some day

bbl, time for food

I really like how extreme networks have become, super High quality fiber, ultra precise wavelength

this is really interesting and cool...

meanwhile I'm here with Dlink 10gbps and dac câbles

Verizon is also ass and only offers tv and internet near major cities

Well fiber hasn't improved much and we can already push the boundaries for wavelength, the biggest hurdle we need to overcome now is power and heat output for these SFPs. 400gb has been around for a while but only now have they been able to keep the power and heat down enough for deployment. They were previously testing years ago with SFPs the size of switches

With 800gig I'd assume they are using a dwdm type solution where the biggest issue is fiber bends and wave shifting

Were the actual fiber bends cause the light towards the edge to take a longer oath and cause sync issues due to it taking the light 1000th of nano seconds longer than the rest

Indeed, but cuts in fibers are problems also as they add db's for every fix they need to make to the cable

True but that is not an inherent problem with fiber

Blame heat seeking backhoes and drunk drivers running into poles

OpenWrt/

is anyone familiar with rooting a router with openWRT ??

Sort of, I run AdvancedTomato on my Netgear R7000 router, used to run DD-WRT. What router model do you have?

@ornate jungle
I have got a DGN2200V4 (N300) & a CG3100D-2BPAUS.

My ultimate goal is to get USB tethering to work along with 1 Ethernet port, hopefull ythe wireless network as well.

Doesn't appear to be on the list of OpenWRT supported routers, and v1 / v2 of the DGN2200V4 are listed as having VERY little flash / memory, so they're not recommended. https://openwrt.org/toh/netgear/start

yeah i had a read through all that stuff before on their page. I was just hoping that i may have mis-read or been mis-informed about me actually being able to do it if that makes sense..

so even if i have a V4 it is still not recommended to flash it and give it a go anyway?? because I honestly don't mind if i end up bricking it if that happens i will just go and buy one of those "travel routers" that have it enabled by default in a couple weeks time

erm i mean, its up to you. i don't own one so worst case it bricks, best case it works?

are you able to assist me with the process at all?

I have got no idea on where to start with doing this

I have never really been into rooting devices etc

Basically, you just find a flashable firmware update file and flash it as an update.

so just as if i where to update the firmware normally to a new version? because from what I read it involved a heap of command lines and a bunch of other stuff

are you able to link me to the proper firmware I need to download so i have the best chance of possibly getting this to work

probly not, because there isn't anyone making it for your model, it seems

would using the firmware for the V1 or V2 not work??

usually it won't, but you can try.

is openWRT the only option?

this is seeming to be more and more difficult the more i look into it lol

OpenWRT is usually the source of all the other WRTs in some way shape or fashion, so if they don't support it, chances are neither do any of the others, but you can certainly keep looking if you like.

hmm

yeha I give up..

yeah*

just gonna wait a few weeks and buy a travel router

which of these 3 would you recommend?

https://www.amazon.com.au/Tp-Link-Tl-Wr902Ac-Wireless-Travel-Router/dp/B01MY5JIJ0/ref=asc_df_B01MY5JIJ0/?tag=googleshopdsk-22&linkCode=df0&hvadid=341791782377&hvpos=&hvnetw=g&hvrand=15162541788645770054&hvpone=&hvptwo=&hvqmt=&hvdev=c&hvdvcmdl=&hvlocint=&hvlocphy=9069263&hvtargid=pla-305065855628&psc=1

https://www.kogan.com/au/buy/kogan-n300-4g-lte-cat4-modem-wireless-router/?utm_source=google&utm_medium=product_listing_ads&gclid=CjwKCAiA44LzBRB-EiwA-jJipGma4p5ziP8I1xsW1F1YpEqbXuouB_repW4MjMCwh9RkgMZRtJBbPhoCvL8QAvD_BwE

https://www.amazon.com.au/NETGEAR-modem-Gigabit-Ethernet-LB2120-100AUS/dp/B07BLY113Y/ref=sr_1_3?keywords=mobile+broadband+modem&qid=1583414929&sr=8-3

I've actually owned a very similar version of the TP-Link one, the others I have zero experience with. Never tried supplying it with internet via a cellular USB modem / phone though, so not sure if that works.

the tplink one? it has a dedicated 35/45 USB tethering port.

3G/4G**

so it should work for me, and it is coming from amazon (AU), so it should theoretically be unlocked to all networks I hope.

@hollow marlin Spot the issue before it disappears :D
https://linustechtips.com/main/topic/1162489-issue-10gbits-ports-not-working/

And it's gone...

Lol, yah, mod removed it I see

For what reason?

It was a bot post

They tried to be sneaky, posting about an issue with a Catalyst 3850 with a link to their resale site tucked away in the post. They failed to realize that an X2 transceiver doesn't fit in any 3850 module 😛

Haha...

It helps when the username is also the name of the site they posted a link to

Those spammers will NEVER learn...

Nope, they are trying to get sneaky but most fail pretty miserably

Yeah... At least it makes it easier to get rid of them.

Hey guys

I just got Fios for my home, and now my pc gets about 900mbps on download and 800 on upload, but whenever im downloading something off of any game platform on my PC, and keep in mind nothing else in my house is using bandwidth, I get about 30 or 40mbps with steam, and the most ive ever gotten is about 100 with origin. Is there anyway i can get my full download speeds on these. I have looked in the settings and the downloads and uploads are uncapped

Let's get the dumb thing out of the way first
You are aware that Mbps & MB/s are two different things? I'm asking because the 100 with origin would be just about right for gigabit internet speeds

Did you change how Steam displays things by default? By default it's MBs for Steam and Origin iirc and you have to change settings to show in bits/sec instead

@clear igloo when i ran phpbb for friends I made a script which got inserted into the application process

If you put anything in the QQ box, the script killed the application submission and added you to the ban list

Every spammer had a QQ and no legit users did

Haha, nice

DocumentRoot /home/*/public_html

How would my apache config know wich user to pick?

userdir module?

Erm, normally apache should not be using a public_html folder inside the /home directory unless you have multi-user mode enabled.
https://httpd.apache.org/docs/2.4/howto/public_html.html

Then again, it's been a long time since over configured apache on Linux because I'm lazy and prefer running Lightspeed on CloudLinux with cPanel.

@stiff panther What exactly are you trying to do?

To setup Grafana in a free way, is it best to use Telegraf, influxdb and Grafana packages?

Also, if I am creating a VMware esxi cluster, is it best practice that each Esxi server has their own iscsi datastore connections and then add them to cluster?

Also, if I am creating a VMware esxi cluster, is it best practice that each Esxi server has their own iscsi datastore connections and then add them to cluster?
@little schooner What would the alternative be?

@craggy parcel I don't know, it's just I didn't want to waste time when I was on site

Last time it felt like time waste

@little schooner hi big guy~

by waste of time, I meant searching it up during the actual job time

Because there is never enough time to reschedule it

@waxen scroll hi hi

@clear igloo https://learningnetwork.cisco.com/s/question/0D53i00000M1qq5/virl-20-update-feb-2020

smartlicensing v_v

@waxen scroll I don't see that mentioned?

last comment

Ah, interesting

i want it bad

i cant buy it cause its gonna tick away with no version 2 out

Smart licensing can be permanent licenses too, not just time based

please

you really think they're not gonna make virl time based?

xD

im sure its a small team and they need income to happen in order not to get shitcanned

I doubt they will but if they do it will likely be 3 or 5 years. They are converting over v1 keys so that makes me think it's not going to be time based

@craggy parcel I don't know, it's just I didn't want to waste time when I was on site
@little schooner Well, if I don't remember wrong, once you've setup the iSCSI connection on each host in the cluster, you add the datastore once, and every host automatically picks it up. No additional configuration needed. But you will have to configure the iSCSI connection on each host individually.

@craggy parcel thanks

Someone here?

no

Not today

crickets.wav

Back in 15, gone fishing.

Ever since the release of TNSR by Netgate, they've mostly ignored regular pfsense releases

Instead they release more TNSR than anything else.

muh xeon

I am hearing rumors that some students aren't quarentining here but idk if it's real or not

I hope the guy was joking. He did say he had drinks in his bag

@little schooner cough that guy

@clear igloo

@waxen scroll gonna steal that one and send it to the older prof

10/10 xD

pfsense will not talk across vlans no matter what rules you set. bridge the ports into one vlan.

yes it will. If you have vlan X and vlan Y configured in pfsense and have clients in both X and Y and their default GW (or static route for the other vlan's IP-network) is the pfSense address for both vlans and there is firewall rules in place to allow these two networks to speak with each other it will work just fine!

pfsense will not talk across vlans no matter what rules you set. bridge the ports into one vlan.
@primal ice Doesn't PFSense handle vlans? I'm pretty sure I've seen subinterface configuration in the interface, for that purpose, but I did not try it in a vlan enabled environment though.

@waxen scroll LUL

@craggy parcel PFsense does VLANning correctly

You need to set rules that an interface is allowed to be reached from the other interface

So I don't understand the remark from @primal ice

Indeed.

is there a way to host a minecraft server with ipv6
port forwarding doesn't work for me on ipv6

do you nat ipv6?

^

else you would not need to portforward with ipv6

might have to allow it through our router which acts like a firewall in the ipv6 case

you would then apply the rules on your wan interface if it's a decent device you have

idk, I have a shitty router from my provider connected to coax with wifi turned off, and a netgear router connected to the router from the provider, and my pc is connected to the provider router with a powerline adapter. I've tried a lot of things to port forward the port but nothing works so maybe it's all because of the shitty router

@grand flower Do you have a public IPv6 address on your computer? (Addresses starting with fe80: is a local address, and will not be reachable outside your network segment. Other special ranges exists.)
Does the minecraft server listen on IPv6? (Not all applications listen to IPv6 by default, and some doesn't support it at all. )

If you have verified the above, check the manual for your router, most of them will block IPv6 traffic inbound by default, and you need to allow traffic from the outside. Some routers will allow you to select specific IPs and ports to allow, others will only have an all or nothing option.

@craggy parcel I assume I have a public ipv6. I only tried joining my server with localhost and my local and public ipv4. I can join the server if I'm on my network, but not outside my network.

also I tried port forwarding the minecraft server port for inbound and outbound, but when I do a port test its closed.

Well, you can try visiting ipv6.minipadresse.dk (Site is mine, and only answers on IPv6) if you get a site where you IP is shown, you have a usable IPv6 connection.

yes you do nat with ipv6

i keep running into sceneros where its needed

💁

@waxen scroll When? Are you sure it's really NAT, not just allowing traffic through a firewall?

so you can only advertise a /48 minimum to service providers. if you have a big datacenter you are advertising there for your sites to get ipv6 internet. if you install local internet circuits at the remote site you need to either give the whole site a /48, which is wasteful for small offices and you might not have been assigned enough space to do it, or you need to NAT to an ipv6 address that the local provider assigned you

when the remote sites internet fails, it then flips to the main datacenter and no NAT

further, many local providers dont accept BGP

I've had to do IPv6 NAT because TWC sucks with IPv6

@waxen scroll Ok, if your ISP sucks, I see the need. But apart from that, I don't. 😉

its all ISPs

the /48 is a global rule

A decent provider will give you a subnet to use on your site of the router.

you dont want that though

you want a block you "own" assigned by ARIN or whomever

i dont want to readdress the whole company because i changed internet providers 😄

@jaunty talon yes, lets NAT ipv6

Well, that's just you Well, in most cases the address management can be handled via DHCP, if I recall correctly, you can even assign ipv6 subnets with DHCPv6. Also for most users, not big enough for a /48, a single /64 will be enough.

If you change providers with v6 you are changing all addresses not just NAT'd v4 on the edge. You want your own block.

does stripping an ethernet cable affect the speed

what kind of cable

cat6a

with a cable cutter

I think with 6a you're not supposed to have any exposed wire anymore?

are you asking about reterminating your own cable or using the pairs for random purposes

well the problem is I'm trying to get a cat6a cable up through the roof but I will have to get the top off, otherwise it's too wide for the hole

in the roof

o.O your hole is that small?

if I'm reading that correctly: the RJ45 won't fit through the hole but the cable will

emm

what's a rj45

https://images-na.ssl-images-amazon.com/images/I/41-Mm-t6ZwL._SX466_.jpg

this part wont fit through the hole?

wait a second lemme see

lol

I mean you can remove it... but the question is: do you have the tools to add a new one

i haven't made the hole yet but I have already bought the drill thing

@hollow marlin Depends on your network size. Most devices use auto discovery, so renumbering a network is really not a big issue for most smaller networks. Using NAT is usually asking for trouble with too many applications. For networks where it's just a matter of assigning new scopes in DHCP, it's no big deal to change the addresses, but in huge deployments with a lot of internal routing, sure, you want something that does not have to change, but then you would also have a size where a /48 would be ok. A /48 is btw the minimum recommended allocation for end users, if I remember correctly.

I'd argue your drill bit is too small

from what I understand terminating cat 6a is harder to do right than cat 5

at least to make sure you get 10gig

yeah

Well, instead of using a cable with the RJ45 connector mounted on it, you could terminate the cable in a wall plug, and terminate the cable there, using premade cables for connecting devices to the wall plug..

The wall plugs are usually easier to mount.

you mean like an ethernet connector in the wall

Exactly.

I dont have that

Something like this: https://www.av-cables.dk/netvaerks-vaegdaase-2/cat6a-dataudtag-med-2-x-rj45-stik-hvid.html

Well, they are quite cheap, get some? 😉

https://www.youtube.com/watch?v=j7eZdize-p4

I think the problem is dealing with the shielding and terminating as close as possible to the jacket

I'm assuming it's a cable you bought that's pre-terminated?

emm

@craggy parcel Sure only in a small business but there isn't much an issue but anything there than a handful of routers, no, you buy a block and are set. Even if you autodiscover between routers one side still needs to be statically set. End users get a /64

Hmm.. I was under the impression that DHCPv6 could assign the subnets for routers as well.. But I might remember it wrong...

Is there a diagram that explains how router can pass down public Ipv6 addresses into an internal network when it's setup like this

ISP --> Router --> Switch > Ipv6 clients with routable Ipv6 address

either SLAAC or DHCPv6

But using what from slack

The routers external info?

I thought the router just sends out advertisements periodically

@little schooner L2 or L3 switch?

L2

https://chrisgrundemann.com/index.php/2012/introducing-ipv6-neighbor-discovery-slaac/ ah it's done in 2 phases

L2 switch is easy, clients get DHCP from the router. The Router says "Hey give me an IPv6 PD (prefix delegation)" and it uses that for the pool to assign to clients

It will get a /128 + a PD assignment (at least in most consumer scenarios)

And that's how it divides it up to internal clients to all have public Ipv6?

The ISP tells the router what it's internal public prefix is, and the router does the rest.

Yah, it uses the PD assignment from the ISP. Could be a /64 or a /60 or /56 or /48 even, just depends on the ISP policy

I see.

If you get a /60 then you could subnet it per VLAN from there

oh you mean from ISP to your Router

not from your Router to your devices

@clear igloo Do you need to assign a global IP to the WAN side of the router? If it's just a point to point link, couldn't you just use link local addresses?

@vapid dune yeh

misunderstood your question

It's OK

@craggy parcel The ISP will give you a /128 for the WAN side

it's weird that there's even SLAAC vs DHCPv6 you need to consider imo

coughandroidcough

yep

only supports slaac lol

Yah 😦

@clear igloo But is it required?

at least they have private addresses

@craggy parcel Yah, you have to use the WAN IP the ISP gives you

for your PD assignment though, if you can do NAT66 then you don't have to

I haven't bothered doing anything about my ipv6 stuff at home

they get outbound ipv6 but no inbound lol

I probably mentioned this previously, but I gave up at the point where you configure the firewall for the devices lol

@craggy parcel Yah, you have to use the WAN IP the ISP gives you
@clear igloo I'm not sure if you understand my question. If I were the ISP, would I have to assign my global IPv6 addresses to the wan side of customer CPEs? Or could I just let them use link-local addresses and skip the global address part? I mean ISPs seems to routinely use RFC1918 IPs in IPv4 networks, they are no global, and not reachable for me, as the end user, even though they appear in traces.

Isn't IPv6 supposed to have fully routable addresses everywhere

You have some local only addresses, fe80::

@craggy parcel The ISP gives the global IPv6 address as a /128 from a pool to the customer WAN interface. At least that's been my experience

That's public routable*

Heh this shows how little experience I have with Ipv6

I almost never deal with it

I wish it was more common like ipv4

No real way to practice it if I struggle to find a use case for it

@little schooner Yeah, I'd wish so as well, only reason I have IPv6 at home, is because I can made a tunnel for the purpose, as my provider doesn't provide IPv6 for no apparent reason.

my isp has both v4 and v6 thankfully

I just don't have any services exposed on v6 .-.

Fortunately those ISPs does exist, but they are still few. 😦

fwiw there's only 2 major ISPs in my area. and only one of them supports v6 natively lol

I'd say the other major hurdle is getting routers that play nice/well with v6

https://tunnelbroker.net/

Cable gore

Just why

Looks a little like my ISDN loopback plugs. 😉

Quick question. to set up a wifi bridge to bring internet from an office to a close building, is it required to have (for example) 2 nano stations pointing each other? Or is it possible to only have one nano station sending the signal from the office and put a normal wifi router to pick up the signal or directly connect a wifi device?

Any device capable of acting as a wifi client, can do the trick. But not any device is equally suited. To send WiFI between 2 buildings, you will get the best result with the least work, using hardware designed for wireless point to point links.

Alright, thank you

what is your average download and upload speed? mine is 38mbs down and 19 up(wireless)

sometimes I have 200mbs down and 30mbs up

and sometimes I have 50mbs down and 20mbs up

wireless on 5ghz

960/940 on wire and, depending on the device and location, 300/300 on wireless

http://evenroute.com/the-last-50-feet/quick-vs-fast

What do people think

I disagree with the car analogy.. If a sports car waits at the lights you are synchronized with, you will but get to the end point at about the same time, as you will pass the lights roughly at the same time.

Also it smells a lot like snake oil to me.

Exactly, smells like QoS with a bit of intelligent marking and won't do squat once it leaves your home

wow, so bitter @clear igloo

LUL @waxen scroll 😛

just use NBAR

But I see a huge difference vs the router my isp give me

Which would lock up Evey one one I a while and have to be restarted

"Works on any kind of line"
Has no ability to work with DSL unless it's coming in as RJ45 from something else

@raw timber Most routers will be better than the ISP supplied.

Thry keep say there router have software to work the best vs other router the isp

@clear igloo Their "How we do it" is a whole lot of nothing... Kinda like how to draw an owl...

How

@clear igloo i cant even tell, it just works

it keeps working. i never have to touch it

See your uptime and raise with a bit... uptime is 5 years, 33 weeks, 1 day, 12 hours, 50 minutes

you should really keep your firmware updated

Service contract ran out long time ago, and we're working on how to replace the box anyway. Also there's a firewall in front of it that blocks any remote access traffic to the box itself. (I know not from inside sources, however, that's part of the risk profile)

What should I have got instead

I think we have a server with a similar uptime, if not higher.. No need to say, that it also needs an update.

My server uptime is always low. Too many bios updates from supermicro

Windows updates

@little schooner good boy

@raw timber Well, I doubt the router is bad, however, I don't think their claim about reducing latency, is true, compared with any other router.

@clear igloothey make dsl modems which are way better then all in one

@little schooner When we have hardware updates, we just migrate all the VMs to another server, upgrade one, then migrates to the updated, updates the other one, then balances the machines again.

@craggy parcel my prof didn't want to have failover

It was unfortunate

He said it was too complicated

LOL

I even made the whole lab here to test it

Well if you have a vCenter cluster, you get it more or less for free, depending on definition of failover.

Works just fine

@little schooner now you just need to ask prof about VXLAN or OTV

If one of the physical servers in our environment crashes, everything on that server goes down, but within about a minute, they are all booted on the other host.

This means that as speeds increase, the shaping progressively limits the maximum size of the packets being sent at any one time such that low latency and fairness is achieved. This impacts the maximum flows any one client can effectuate, and means a speed test will progressively get further and further from the line maximum as line speed goes up. So on 12Mbps DSL, speedtests typically measure 15% lower (or 10Mbps) with traffic management. But a 300Mbps line might only measure 160Mbps, or 53% lower, as allowing the big packets necessary to saturate the line would interfere with other, possibly more time-sensitive traffic. But overall, the traffic can move at line speed when there is no congestion, and multiple connections from multiple devices all get fair access and good throughput at all times.

The bigger my packet the faster it goes 😄

In other words, dynamic MTU? Sounds strange handling more packets should improve latency..

Basically, that's about the gist of what they are saying best I can tell, they cut down on MTU sizes to share the speed

Well, I suppose if they can't really explain in details how it works, it most likely doesn't. 😉

Is this funny

@raw timber it much like how a poor 1000 mbps nic will only do 960mbps vs a 2500 mbps nic being able to pull the whole 1gbps connection out of a 1gbps isp connection

What do you mean

They say good luck and you be back because of issue

@little schooner are you agree or not Agee hard to understand

If your current setup supports the 200, then they shouldn't upsell one that you won't get any real benefit from

they say it doint have enouth head room i think all copany area usell becae they want the mony

i think i may if need get a edge r router or pfsence

Can we run software through network access

On various computer

Linked together

@waxen scroll I tried to Wireshark the path between my Hikvision NVR to my computer, testing web Live View with Websockets and couldn't identify the source of the problem

When I'm connected to NVR web interface via HTTP, live view Websockets operate fine and work as should

On https, I see a tcp connection get established but nothing afterwards. Everything breaks

It's so weird

This is where Wireshark didn't help me out :(

It did help you out. It helped you narrow where the problem isn't

@hollow marlin oh

What could I do next? Call a support line?

They said they don't want to handle my case and deferred me to bhphotovideo for support

I hope that translates to bhphotovideo being able to escalate bug reports that they can't fix to hikvision

lmao no

that would be like asking newegg to escalate a bios bug on an asus

@waxen scroll how would you proceed with this

I mean I really want it to work over https

the webpage doesnt load at all on https?

The web page loads the squares where a live camera feed can go into, but it doesn't play

With http, it does play the live feed no problem

Websockets

Hikvisions docs are terrible in the nvr lol

Clicking help goes to unfinished docs

why no firmware update

you said it opens TCP connection but nothing happens

soooooo is websocket opening a second https somewhere? is it actually http?

sometimes browsers dont like http content loading over a main https page

I have to look at the Wireshark logs again, but it was simply them TCP communication entries.

1. one initiated from my computer to nvr
2. nvr back to my computer
3. nvr sends another tcp communication back
4. nothing happens after that

I will get you the Wireshark logs so you can see in a bit

completely random, but my openvpn stopped working and I couldn't figure out why for a while. turns out the certificate expired lmao

That would of happened to my professor's website too, but I let him know about 1 day in advance with the whole Lets Encrypt revocation thing

@little schooner Do you get any errors in the browser console? Is the protocol ws:// on the websocket request, or wss://? Does the NVR support https natively, or did you put a proxy in front of it?

@craggy parcel omg now I can see an error related to Websockets after you pointed that out

Well, suppose that explains it.

Ill try pasting again

Mixed Content: The page at '<webpageURL>.asp' was loaded over HTTPS, but attempted to connect to the insecure WebSocket endpoint 'ws://host:7682/?version=0.1&cipherSuites=0. This request has been blocked; this endpoint must be available over WSS.

So yes, they are connecting with ws instead of wss

BUG

So the NVR actually supports https, but fails to setup the websocket connection correctly?

Correct

also this

Its literally under the options where TLS and certificates are

why wouldn't it properly implement wss...

Perhaps the checkboxes not checked, controls that?

hmm, I guess I can test that out

check em all and reboot and see

Well, only thing that might happen, the way I see it, is you're wasting time. 😉

@craggy parcel I've also seen it where placing a checkmark in an option means "use the insecure version of it" and unchecked means "Secure version preferred"

that is very confusing

Yup... I've seen a lot of bad interfaces...

What can make it better, is when a Chinese interface has been machine translated to Danish, and not checked by someone with knowledge of the language, and context...

Still the same error

@thick minnow If you don't mind having to type the path for the shares, you should be able to turn off discovery.

@little schooner Well, at least you now know what to tell tech support, or ask google about. 😉

True

You can drag shortcuts to network folders to wherever you want them, or map them persistently as drives.

sorry xeon, i had the answer first

❤️

Hope they still keep that on and not cancel

I just hope they don't get screwed for money

ie cancel too late and you don't get your money out

Does anybody know if I can configure SFP port on edgerouter 12 as a LAN port?

edgerouter doesnt care what you use the port for

but, when I connected my switch to it with DAC cable, the switch and my computer couldn't get DHCP address, and when I set static IP on computer I still couldn't access webui

the port on the switch needs to be untagged unless you told the edgerouter to tag

im not sure about DAC cables either, ive never used them on ubnt

I'm using UBNT's dac cable

and switch is from mikrotik

And auto-negotiation is disabled and set to 1G

link light is good?

yes it starts blinking

🤔

EdgeRouter is probably configured all ports as L3 ports so you'll need to set them to L2 as a trunk if that's what you want to do.

ohhhh

ok

I will check tomorrow on site

i was just gonna say i dont tag on my router, but i forgot i switched it

im not aware that you can set them to "L2" though

you just make a sub interface and put a vlan ID in

Anyone have experience getting a new fiber line layer to a residential location?

How many stacks of $100's you got?

Unless fibre is a standard option in your area for residential then it's going to cost a lot

I have no experience getting fiber run to a residential location because I don't have a metric fuck ton of hundreds to blow.

lol

@strange silo You've got crisp thousand dollar bills like a boss right? 😄

~$10k per mile baby

@craggy parcel remember that NVR settings screenshot I posted yesterday? So, the option Enable HTTPS allows both HTTP and HTTPS be active at the same time while Enable HTTPS Browsing is another way of saying Only allow HTTPS connections

And another Wireshark discovers that the Auto update page simply does nothing when I click "Check Upgrade" button

Very badly worded settimgs

meanwhile ATT has fiber parked outside of my neighborhood from last year and claims FTTH is in my city, but its not.

Fiber is just over a mile away from my house at work, but I don't feel like going through the hassle of getting a quote that I will not be able to afford.

@waxen scroll I've setup RSPAN for all future Wireshark attempts so it should be easier for me to get packets without additional configuration

Before it was required to always change which vlan I want to capture traffic from

Rather than do that every time, I can simply enable and disable sessions I need to capture on demand

@craggy parcel remember that NVR settings screenshot I posted yesterday? So, the option Enable HTTPS allows both HTTP and HTTPS be active at the same time while Enable HTTPS Browsing is another way of saying Only allow HTTPS connections

And another Wireshark discovers that the Auto update page simply does nothing when I click "Check Upgrade" button
@little schooner Fantastic UI.. What about the HTTPS streaming option in the SDK section?

@craggy parcel haven't tested that but I think that's if you want your camera stream encrypted with a passphrase. If you want to see it, you provide the passphrase

Passphrase in HTTPS? Never heard of that..

Yeah. So the NVR client software supports reading passphrase-protected streams to prevent anyone from simply connecting to cameras via rstp or something

You would need to know the passphrase to decrypt the live view

The client software using sdk functions and that's how it communicates with the cameras and determine what features it actually supports to let you configure

I see. Dll messages when I'm using their ivms software

I still have to call bhphotovideo to at least start the bug report for me since hikvision is completely ignoring my request

Ok.

Does anyone here use Ubiquiti Networks? If so what do you think?

Depends. UniFi is pretty easy to setup and maintain, however, for my specific purpose, which was certainly not something they designed it for, I had to mess a little around with how to twist the system into what I wanted to do. I did however setup a regular home network for a colleague, with all UniFi equipment, and the hardest part was getting the router online, due to the ISP locking the connection to the MAC address of the equipment for a few hours. Also the controller I setup is an external controller to the network it controls, so had to use L3 adoption, but once the router was running, the switch and APs were just plug and play.

My network is all UniFi lol

If I could move away from them, I could. It just nothing in price matches it feature wise

My network is all UniFi

If I had the money to burn, I'd replace my home network with a unifi network as well, but my current network kinda works, and suits my needs. Which makes it hard to justify getting some new toys. 😉

I'd rather switch to FS branded gear

Well, I'd consider ANYTHING, that has a controller as easy to use as the UniFi one, and does not require any subscription.

Now, that, unfortunately, ubnt is the only one that has the unified controller and free updates

Also, unrelated, mullvad is a very slow vpn provider

Well, I know other companies has controllers for their equipment, however, most common are access points, while it's less common to have one for routers and switches. But is there really no other vendor, that provides a similar system where no subscriptions are required?

Yeah, your right, really no other vendor that has everything, from ap to router to switch, unified all under one umbrella with FREE updates

What paid options are available? Cisco meraki?

@waxen scroll do you know if the feature set of Edgerouter can be implemented on unifi router?

Like cli

do any of ubiquiti gateways have some sort of vpn like openvpn?

@stiff panther They have the option of making site-to-site IPSec VPN automatically, when both gateways are on the same controller (But in different sites). You can also setup IPSec manually, or use OpenVPN. Finally it can act as a PPTP or L2TP server, and PPTP client. (That's the USG in the UniFi Series)

i lied. my router is not unifi, so i dunno

for $350 it better

How to decide pfsence vs edge router lite

Or edgu router x need to be able to handle a200 mb internet connection

The edge router x is better at switching but a router doesn't need to do all that. Just get the edge router lite

Edge router lite does line speed

Or a usg @little schooner since I unfi ap

Or pfsence

I do need to limit stuff

I do need mroe then a basic router

@thick minnow Not sure I understand what you want to do. You want to have an inbound (to your servers) VPN?

I have a Amplifi Instant Router hooked up to my Gateway. Is there anyway to give my Amplifi the public IP Without bridge mode? Right now the IP on the Amplifi says 192.168.100.2

@unreal spoke the only way is to be assigned a block of static public IPs from the provider, otherwise you need to bridge

@waxen scroll I would put it into bridge mode but it wouldn't work. Later I found out that Orange (My ISP) need this thing called "DS-Lite". I can't turn it on in bridge mode because it always gives me the error that it can't be used in ipv4 only mode. There is no toggle in the bridge mode setting for this "IPv4 Only Mode" so that's why it won't work with bridge. Any suggestions?

Is there some setting in particular I need to be ticking to get NIC to NIC ethernet between two computers going?
For context, I have an Asus laptop with Debian 10 & a new ThinkPad T530 with Windows 10
I want to connect ethernet between the two devices & transfer files over a gigabit link.

This is pretty much plug & play on an older ThinkPad I have (SL500) but that one runs Windows 7
Both NICs and cable function fine when connected to a switch, but directly the T530 just says there's no network cable connected

no link light?

the link should come up right away as long as your cable isnt bad...

preferably after that you need to put static IPs on both sides

It's acting like it'd need a cross-over cable

I set static IPs on both sides & the cables are definitely good

No idea honestly
Either way I'm gonna be nuking the W10 install with Debian sooo that'll tell me for sure if it's a software or hardware issue

NIC drivers installed?
Link come up to another device such as a router/switch/etc?

Yep, link comes up just fine on a switch
Unfortunately I've only got 100mbps switches

should my dad be suspicious if a special offer for a tier of internet seems to require "professional installation"?

i mean...it's a modem and a router...we've done that about 15 times by now

is the tier/deal only that cheap because the technician is required and he's gonna do something while in the house?

@fervent brook Who is the ISP?

Cox

Is it a 1Gb plan or something? Spectrum did something similar with their 1Gb plan where you had to have a tech come out regardless

im a customer, so im having trouble looking at the same plans my dad did

but i think it was the 60Mb plan

Hmm, shouldn't need a tech for that kind of plan

Damn WireGuard works well :D I set up a box with a C3758, 16GB Ram and X710-DA2 for our remote workers, and they're pushing 2Gbit/s peak traffic with 0.4 load on the box =)

Way over my expectations :)

can anyone recommend a wifi access point with fairly good range and excellent transfer speeds, thanks (to be used for normal home use, netflix etc. but also large file transfers to file servers)

@jaunty talon Yeah, WireGuard is amazing for high traffic VPNs that don't eat system resources 😄

@river ridge get two routers or APs and just split the load

o.O

I like the Unifi APs. since they're decently cheap

unless you need more than AC1200 or AC1600 for either task, you can probably get along with 15 dollars at the thrift store

how fast is your internet @river ridge

he said "file servers", but i dont know if those servers are on the internet or in his home

@vapid dune internet is 100megabit, but i would like to go as fast as possible (within reason) as my file servers r on local gigabit

okay do you have any 4x4 mimo capable wifi devices?

in any case, just start with a centrally placed AP and then move to two if that's not sufficient. depending on the size of your place. something like nanoHD, or AP-AC-Pro, or Lite... I mean wired will always be faster

@clear igloo o_O https://rma.ui.com/

Find almost every ubiquiti device by mac address

gets nanostation 5 ac loco, puts in scan mode, gets mac of surrounding airmax devices

ok i'll look into it, thanks @vapid dune

also, in what scenario are you sending files to a server from a wifi only device?

probably a laptop

get a usb ethernet adapter

yea its a laptop

it does have ethernet

use it

"but my cat doesnt like the EM waves the ethernet makes

i only have ethernet to some rooms, and even if i did i wouldn't want an ethernet cable trailing across the room to wherever im sitting

I'd rather get a 802.11ac 4x4 160mhz AP or 802.11ax AP and use wireless on my laptop vs being stuck to Ethernet

wire when possible but still having good wifi is important

I just have a laptop dock with ethernet at my desk. but if I'm wandering around the house it's wifi all the way lol

if only we had wireless power!

Lmao

then again with wireless power we could just microwave signals back to the AP

(and of course die from radiation in the process)

https://www.homedepot.com/p/Gardner-Bender-1-2-in-Plastic-1-Hole-Cable-Clamps-12-Pack-PPC-1550/100157128

https://www.homedepot.com/b/Electrical-Electrical-Tools-Wire-Conduit-Tools-Electrical-Staples/N-5yc1vZc5l4?Ns=P_REP_PRC_MODE|0&experienceName=default

@fervent brook what about them?

i do ghetto hangers

i use the first product you linked (with a screw) then put a big zip tie in it. the network cable goes into the zip tie

i just use wood staples

i tried, they fall out

How do I go about configuring Host Records for my domain if I'm using a nginx reverse proxy that differentiates with subdomains?

A record for example.com, CNAME record for subdomain pointing to example.com

hey. any tips on subnetting?

Learning the theory of it or the practical application?

practical. i had a class and...

Power of 2s and the structure of 128, 64, 32 16, 8, 4, 2, 1

That makes it largely easy

im not sure if this helps but lets say i have a global corporate network. I have 10.0.0.0/8 network to use. I might go OK.... North America gets 10.0.0.0/10 , South America gets 10.64.0.0/10, Asia gets 10.128.0.0/10 , EMEA gets 10.192.0.0/10

Now I make a subnet plan for the region. EMEA... 10.192.0.0/10 , Now i go OK I need to keep carving out that space... point to point addresses, loopback addresses, remote site user subnets, datacenter, etc

The reason I lay it out that way is because i can summarize that address space in my WAN without polluting the routing tables