#networking

I just about killed myself running a wire from my switch in the living room into the loft across the whole house down round the already existing wires to my setup and all the way back down into my computer and love the new speed

@half valley thxxx

@fallow ivy you're welcome!

if i have a 3 port edgerouter, can i connect one port out to my gateway, and then have the two other ports be VLANs that connect to two halves of my devices in my house?

pretty sure "yes" is the answer, unless an edgerouter is that much different from a regular router

i could do the same thing with my managed switch though...but without the extra layer of NAT

@fallow ivy yea I only know a bit of Ubuntu

any idea ?

nope

RIP

ME

thx

@fallow ivy what are you trying to do

I Want to setup a ubuntu vm to do a caché serveur
I want to setup that on arm

No clue on cache server procedures, mainly wondering what you were doing with gnome-shell

So i have dl ubuntu serveur for arm and i have dl ubuntu desktop with taskells

I want to have graphics interface to do cache serveur more easy

But i have the error above

(I am french )

^^

@dire flare

I'm assuming no display manager was installed?

You should attempt to start gnome through gnome-session however

I am bigggg noob on ubuntu i don.t no

So i use the command gnome-session ?

try

Nothing

nothing as in no output?

switch to tty7

?

Wath

Is this installed on bare metal?

How are you interacting with the machine

through SSH or..?

I am on the direct consol

On mi arm machine

(Taht a internet box i can setup vm on )

So you have an arm device (let's say a raspberry pi) with peripherals and a monitor plugged in?

No si à virtuel monitor

in that case you want to press ctrl + alt + f7 to switch to tty7
That's usually the tty used for a graphical session

I try

That do nothing

Wait

But i have idea when this screen virtual doesn’t Word i can use à same Thing of ssh but for thé vidéo

U see ?

Could you try running systemctl status gdm

Ok
I try

Note to other people reading the message on the right translates to "The chosen operating system (still) does not use display."

Yesss ^^

Thx

Any one have idea ?

I think it's well explein in native language

so wait and see

?

Don’t understand

@little rock

it's not yet implemented

F****

I don’t have any possibility ?

maybe in the delta version of the box

someday

I can't tell you a release date

I have the freebox delta

Oooo
I see

I need MAJ

Update *

That it ??

Which operating system and version are you using?

Of ubuntu ?

Of what

custom linux

18.04

Think

Debian arm64

I have ubuntu

if ubuntu it's the 19.04

it's not an lts version

take a look here
https://portail.free.fr/mag-free/nouveautes/freebox-delta-les-vms-machines-virtuelles-disponibles-pour-tous-les-utilisateurs-et-utilisatrices-dune-freebox-delta-ou-delta-s/

ubuntu-18.04.4-server-arm64.iso

is use this version of ubuntu

what is the probleme with lts ?

i nedd to use 19.04?

the end of the support is near for the 19.04

So ?

What i need to use ?

have you tried to use squid for your end use ?

What is squid

also, you know that the box has pre-installed VM

Yes

it's an proxy cache software, you want to do a cache server ?

For steam

Origin ...

here is the tuto
https://linustechtips.com/main/topic/962655-steam-caching-tutorial/

This part is not the problème

The problème for me is i need graphic interface

you know, the best is worst than the good sometime

And u think i need to use the preinstall vm ?

Yes but i don’t no how to do cache server with just consol

just copy and paste what's in the tuto

and see if it match the result

most of the time it work

if it's just the translate part that you need help

I need change ip ...

Yes for translate need lot of help

so you have docker and curl installed in ubuntu 18.04

No

I have do nothing

CAN u do voc ?

yes

Côme on gamee pls

So hard to decide if should stick with proxmos or switch to free nas for more nas suport now that it can run vm too

Free nas

@raw timber

How good is vm suport need fast vm too and docker suport

Not the best not the worst i would say it’s okay

I was also looking at ubunto sever

And see up nas my self

I haven’t used it before

Or any oth Linux discor

Nope I only use Windows and Mac technically Mac is Linux but still

And I use free nas

Oh I was most look at since I need nas suport and good vm and free

How is it not the best can it run small game sever like a few friends on Minecraft

I think it would be easier to use proxxmox as a nas then to use FreeNas as a hypervisor.

Yeah that why I am looking at Linux to set it up my self

I think gamers nexus recently built a nas based on proxmox.

Nevermind they used unraid.

Why so much against a Linus os

cause everyone wants one click solutions.

Yeah I was looking for something different and

I use ubuntu and samba it works could use plex if I wanted but don't really want outside connections for my internal network.

I plan to have lxc and docker and VM install it will use a gui to start till I get it full set up thne get disabled this was my old game PC it a beast 6500 and 16 gig of ram

Just the amount of info Cellebrite can access, they can even get into iPhones... I presume it can still get browsing history even if it was cleared?

im assuming i would talk about wifi stuff here?

ping me if any 1 knows 🙂

@hexed pilot This would be the chat for such things, yes

What's up?

ok so i dont know if this should go into some other channel but i have quite a simple question. Is a powerline adapter gonna give a lower ping than wifi or is it gonna be similar also is there any difference between 2.4Ghz and 5Ghz in terms of only ping my download is too low to saturate any of those anyway

Our new office network and internet will be OK i think! ;)

@jaunty talon Hmmm, needs more upload

@clear igloo I blame the speedtest.net server :P

Ah, those evildoers!

Yep!

BlueCrazii would like to know your location

@hallow nimbus 127.0.0.1 or ::1

you'll probably get better ping from powerline as long as there isnt constant interference in your powerlines. Especially if the amount of powerline adapters is low

if you want low ping from powerline, use it as a point to point, and nothing else

anyone have any experience setting up a lan cache? attempting to setup lancache-bundle on my unraid server

Why do unraid need 2 hard drive to set up

because 1 is the parity (backup data) and the other can be storage. parity will have to be the largest drive in tha array aswell

ugg i onlyhave 3 drive one in a extrnl a back up drive one a 500 gig hard drive and one a 2 tb

and some ss 2 small one and one my main storage

@burnt wharf what would you do on a limited budget of only enough money for the unraid os it self

@jaunty talon I think I just got wet about that speed

The bacl up is 2 tbtoo

are you asking which license would i get? or how would i configure the drives?

from what i can read. out of your 3 drives, the 2tb hd would be parity, 500gb would be storage, and i dont think you can use a external drive in a array

@raw timber ^^^

or i could remove it and and use the 2 tb as main drive

becaer it kind of odd to go from a nas with 2tb of space to one wiht only 500

luck not much is on it now

parity has to be the largest drive. the rest can be storage drives

do i need a backup drive with it

i am bad at back it up

if your largest drive is 2tb then that has to be the parity drive. any other drive you have that are sata can be storage drives. that is how unraid works

i mena sebrate form unrade or is it back up

if you wanted to backup your drive and not use a unraid at all?

@granite trench haha :D

do i have to have it or would have 3 drive in unraide work to store my data and bakc up my main pc

unraid can be used to backup your pc

and store data

so I had a question last night and i didn't get to it. Is Xfinity good? (That's the best internet im able 2 get in my area)

well-

depends on what plan your using and how much you want to pay

600 MB

I mean im using xfinity as of now and for around 85-100 usd im getting 250 download

$60-$80 for 600 MB were I am. But it hasn't been installed yet so i can't say our speed will be that

dont quote me on that idk exactly what im paying lol

xD

o damn

600 mb??

insane

buuuuut

were getting the stuff but the website says no 1 is coming to set up the outside work

no technician

oh

damn

so, r the speeds ur getting really close 2 the speeds ur paying for?

yea

well

my whole fam is on internet rn

someones streaming netflix as of now

the other ones on mc

well during average time for yall

and my moms streaming some stuff too

during average time when im the only one on

i get around 250 sometimes even more

what about during peek hours?

220-230

out of 250?

YEP

yep*

srry caps

thats pretty good

u see, i was using Frontier

oh

cool

no NOT cool

not trying 2 be mean but, WORST Internet you can get!

atleast 2 me

but the reviews r pretty bad as well sooo...

Well is it DSL if its frontier?

Frontier is dsl in my area

My little hobby..

Planning on building a new network when i move in a couple of months but i am not so sure on what router to get. Ive been looking a bit at the edgerouter pro 8 cause a friend have one but i dont know if there are other similar priced that are better now since it has a couple of years on its neck. Does anyone have any recommendations for a similar priced one?

I've seen people recommend the UniFi Dream Machine Pro recently. https://store.ui.com/collections/unifi-network-routing-switching/products/udm-pro

So we bought Xfinity but, they didn't give us an option to have a technician come out. Help

Depends on location. Many ISPs are limiting techs, including us

Sounds about right

UDM Pro is fantastic

thanks yall

we figured it out 🙂

Do you have to mount the unifi ap to get good coverage or is that optional?

Depending on model of AP determines most optimal mounting

In wall APs are better mounted on the wall, the round APs are better mounted to the ceiling

And the Basestation XG is best mounted to a pole pointed towards the area you want to cover

why can't the tech remote in?

have to run cables

you can't run cables? not good at terminating twisted pairs?

Is the UDM pro fanless or have they just hiddem them very good? Will see if i can find a good deal on it cause from the supplier i usually buy from its 200 euro more than the erpro8 :/

@rocky badge I just plop the round AP on top of a shelf pointed to the sky and the basement though the second floor get ok signal

in my room I have one wired device (pc) and other devices that use wifi (xbox, phone, ipad etc), should I get a ethernet switch and wire up the xbox and leave phone and table to bad wifi? or should I get a second router and use it as an ap?

not ethernet but some kind of improvement as uploads fail unless its wired, its the pc that needs ethernet as it has no wifi card

@waxen scroll oof

@nocturne burrow the UDM Pro does have fans.

Lawrence's review of it is good https://youtu.be/IXLKkjo1EIk

What is a good gigabit capable cable modem?

It doesn't need gigabit WiFI

I already have a gigabit router

Arris SB8200 is great

What about this? https://www.amazon.com/Asus-Modem-Router-Combo-All/dp/B01M6WJWQY/ref=sr_1_2?dchild=1&keywords=CM-16&qid=1585932227&sr=8-2

I already have an Asus AC1900 router, I figure an Asus cable modem would go along well

Are you getting gigabit from your ISP?

Yes

Well it's rated up to 686 in lab conditions and 16x4 is only going to usually give you 300Mbps to 400Mbps if you're lucky in the real world. Most ISPs won't push to theoretical limits

You need a DOCSIS 3.1 modem for gigabit in 99.9% of cases

Okay

And I'd like to not pay more than $100 for it

you don't necessarily need an ASUS modem with an ASUS router

||or ASUS at all||

Obviously

I just wanted it to look nice

Both being the same brand

The cheapest DOCSIS3.1 modem on the market is used and that's $130

I've been renting a shitty one from Comcast for a number of years, and I'm done with it

Netgear CM1000 or Arris SB8200 are top picks but they both run around $150 new

What is the best config for this modem? https://www.amazon.com/ARRIS-SURFboard-Approved-SB8200-Frustration/dp/B07WK2JZ8H/ref=sr_1_3_mod_primary_new?crid=QC4HP940QA00&dchild=1&keywords=docsis%2B3.1%2Bmodem&qid=1585932632&sprefix=Docsis%2B3.1%2Caps%2C204&sr=8-3&th=1

Yes, that's the SB8200 🙂

Very solid model, I used to use it before switching over to AT&T's fiber option

Okay

I'm on fiber

But I'm with Comcast

Ah, concrap 😛

They're actually better than AT&T here

AT&T was absolute garbage

The internet would go down several times a day

I switched to Comcast 6 years ago, I don't regret it

I actually have better speeds than what I'm paying for

We're switching to AT&T this summer @clear igloo

@rocky badge

I pay $90 a month for 120 Mbps download

And I get 220 down on a wired connection

big oof, that's expensive

Yeah, they revised it

Now it's $90 for gigabit

Ah, I was about to say

ah ok

https://blob.pcmr.rocks/45c5dda🏖.png

$59.99/mo after 12 months

Jelly! 😡

$80 for me

RIP

of course I don't pay for it 😛

Local ISP pushed AT&T to reduce their prices

Upgrading also means that I need to buy Cat 6 cables

Cat5e is gigabit rated

if you have 5e already, that's fine

I ran some recently that are Cat 6

$110 for 180 mbps for me. Comcast

But most of them are Cat 5e

Commiecast

Concast I call them

Robbery

😂

Cat 5e is theoretically gigabit

it's not theoretically

it is

But I've never seen anything over 500 Mbps over Cat 5e

What you saying?

I have cat5e in the lab at gig

^

Same, I have some 5e with gig

And it won't hurt to do some future proofing

True, so long as it's not over 55m then you get 10Gig out of Cat6

100m for Cat6a

Cat 6 is so cheap now

@clear igloo is it like 20m for cat5e 10gig?

Depends on cable quality, you might get a few meters but I wouldn't expect more than 10

My prof wants to run 10g over cat5e

RIP

Well time to break the news to him

I have cat 6a for runs that are longer than 100 feet

@thick minnow 100ft not same as 100m

What a great grasp of the obvious

but you get better shielding at that point so you don't have to worry about interference as much

What would interfere with it

@thick minnow idk, you said you never got 1g over 5e so idk how much you know

Making sure you understand the right facts

Electrical or other EMI

I live somewhat close to an airport

Within 15 miles

@clear igloo https://blob.pcmr.rocks/cd380d3🥘.png

Of an international airport

@rocky badge Spreadsheet HYPE!

Wait, they are charging you for the gateway?

Yes 😂

Odd, they don't charge me

But we're gonna ditch it once we get it setup

I think I'm gonna just get that Arris Surfboard

Thx for the help @clear igloo

Yah, I loved mine so hopefully you do to 🙂

I wish AT&T didn't do this shit with their stuff lol

The ONT and the gateway has to authenticate

Both with certificates

dang

@clear igloo Commiecast also sent a notification and cut internet to someone in another server when he started streaming a MKV form his server locally

lol

what cat 5e is definitely gigabit

how to set up a mariadb on a unraid sever

IT said that all old files will be removed from the network resource to reduce infrastructure cost, so my mom is downloading 400GB of data and we have to do it before April 10th . Starting to think we are not going to do it 🙃

Contact IT and asked to do it inhouse or over the LAN.

you mean enabling split tunneling?

No I mean literally have her do it on site

how to decide unraid vs LinuxServer.io
—
The Perfect Media Server 2017

the servers aren't here in italy, or near

they are in the uk or america i think

Well NVM in that case

pretty sure it's not the connection that's bottlenecking

Well what is your bandwidth? And if this is SMB then latency is the problem

1gbps down

Id go with latency then, especially if its overseas. Excluding any VPNs she might be on

alright

ayyy we just got our xfinity stuff

I just installed my first sfp cable into my own home. Found out the switches I have are only GB over them.

Still only gigabit fiber so w/e

gigibat is fast if ur doing normal every day things

yes

My only 10 gigabit is between switch and my PC lol

My USG doesn't have 10 gigabit, nor do any of my servers

nice, and nas?

2 gig

still more goodly

lacp 2x gigabit ports lol

@rocky badge No 10Gb nas? 😦

nope 😦

few users tho

@clear igloo Just be AWS

😛

~970Gbit/s from AZ <-> AZ

10g Nas here

But direct connection

~9Tbit/s from govcloud to internet

Pc to nas

I'm sad to only have 180 mbps

Upload at 5

rip

Concast

f

Remember that

Commiecast

centurylink got my up at 1G

it takes a century to get a link

lol

ping 50K dl@1G

On the systems side, the pandemic exposes how many enterprise solutions were never built to scale

AWS is scaling like crazy

They've literally changed their hiring requirements

Aws has been pretty good at scaling

19 years+, certs/college, they'll pay for relocation, sysadmin/net/programming/cloud knowledge

19+ years

Just to get more hands racking servers

Yikes

They have the servers, they don't have the man power

They're having to rent fiber and activate lots of their dark fiber

shame they werent already using it

They didn't have a reason to until now

yeah, we don't need everybody to have really fast speeds

then how could we feel better

Meanwhile Azure and Google Cloud are trying to stay afloat oof

double oof

Azure resources are being allocated to keep Teams alive

Google Cloud has to keep Meets, Gmail, Classroom, etc alive

my gmail has been failing from time to time

I still wonder why isp don't give out static IP

@raw timber because of dns

What do you mean

A dynamic ip still works and people can find your server by a name

Static ip not really needed that much

This is the simple reason I thought of now. There's more reason of course

But it makes a lot of sense.

Till you run in to a hulu who think different up is a different home

And block

Well that is not fault of ip

That's a policy problem

And then you stuck contact thne when it happened

Yeah stuck I guess. You can use VPN I suppose

Or mobile phone ip

Yeah won't work over mobile vpn you get kick they say talk to isp to get static

Or just keeps contact then when it change

@little schooner they don't allow it over VPN or mobile it need to be a home IP and can only change 4 time a year

Foot down

Unless you tell then it happen and they decided to wave it

anyone have any experience with kvm hdmi extenders?

@rocky badge Not just Teams but also OneDrive and SharePoint Online (Teams is just SharePoint in the backend anyway btw)

Not even slightly, it's literally SharePoint. When you back it up you do it through SharePoint Online backup lol

And Microsoft has no proper (not in Beta) API to restore data back in to Teams

Yeah

They've been slow asf for me as well

But they're usually slow

Yep, currently I backup 4600 OneDrives and the rate limiting is super HARD CORE

If we switch to also backing up students as well than I'd need to do 43,000, no bloody idea how that will work as the current 4600 bare hangs on there simply due to the throttling

Hey there, i was thinking about upgrading my laptos wirelesscard, is there anything i have to look out for? Tnx for the help

i got my first little project working, new to it all and ive set up a server with proxmox to run 3 seperate vms. any suggestions on what i should work on next?

@neat forge what do you have those VM's doing?

@thorny vector one is for gameservers, one im setting up for an rtmp (both are ubuntu) then the 3rd i set up as a windows one to just mess around and play with

Alright. I personally always advocate setting up your own cloud, so you're not reliant on external providers, and can keep all of your own data in house

as in physcially having the machine in house?

Where is your hardware?

im using Hetzner

i wanted to have the hardware inhouse but cant for various reasons

I gotcha. And by in house, I meant more away from 3rd party companies like Google, or microsoft

gotcha, have you got any documentation that useful for this? its been what ive been learning off the most

Lookup up pydio, it's a pretty solid data storage solution with a web interface. For media I recommend jellyfin, it's like plex without relying on plex's servers. I'd also recommend doing all of it through docker containers, makes it more efficient and potentially more secure because of the sandboxing

plex doesn't rely on anything but your own server?

Nope, not true

They send a buuuuuumch of data through their own servers, that's why you use a plex address to connect to your stuff

No one else can touch my shit, not about that

You use a plex account to link TVs and stuff but beyond that you use your own IP address

Why do I need an account, though? If it's really all me, I should be able to do my own authentication

Ease of use and linking for novice users is about it and even then you can locally discover devices with Plex if you know what you're doing

I know from monitoring they send traffic to their servers, thats why I stopped using it.

Plus jellyfin is open source

Jellyfin also requires emby support on the device which limits support at the moment

That's true, I can't argue that point. I've been able to get everything on my network to work

Plex, by default, will gather metadata and images from their servers but you can change the database it uses to not use the Plex default stuff. Not sure of what other data you're referring to though, I would be curious to see more info though

Fair enough, if it works then no need to switch 🙂

I'll see if I can find the plex cap I did, and what it was exporting.

I'll be honest, I can't remember off the top of my head

I'll also admit, I'm a fascist with my own network

Yah, I usually lock things down but I haven't done any pcaps on plex in a while to see what it's sending back

Google *cast devices are also really bad. That's one place I've compromised having "loud" devices, but they have their own little segregated dmz, so it's not horrible

Yah, I've got a segment for my IoT devices that keeps them off the rest of the network 🙂

IoT scary, man. Nobody respects how much they can listen to

The issue for me Plex is what I'd suport by our tv

does anyone have an HPE server ? i need a bios update and mine is out of warranty ....
https://support.hpe.com/hpsc/swd/public/detail?swItemId=MTX_4922c6a3b23741399eac5374e4

@clear igloo Logitech Harmony ignores SSL certs lmao

@rocky badge Not surprised

@sturdy mirage you do bios updates?

I do when iLo *uck up my access to the raid controller

What is a good cheap ($30-$70) wifi card that also has bluetooth?

If you're talking about laptop wifi, get an Intel ax200.

Has bt 5.1 and great wireless

if for a desktop https://www.amazon.com/TP-Link-Bluetooth-Ultra-Low-Archer-TX3000E/dp/B07ZV2CJL2

Thank you @primal ice

You too @little schooner but I'm looking for desktop wifi haha

The one drako listed is awesome

Ah that's great!

Hey guys i want to create a custom video streaming server can anyone recommend me hardware it should be able to handle 10,000 users

10,000....... well.... more than one server

and then what you need is 100% down to the software you are going to use

bottom up design is a bad idea

Depends on the type of service you want to stream. It will vastly change minimum hardware/bandwidth needed

If you dont need to do any encoding you can do that on a very lowspec machine with fast enough network card :)

still wouldn't pile 10,000 concurrent sessions on to a single server, even with a 100Gb connection 😉

Multicast 😄

1 issue and 10,000 pissed off people lol

😛

Our Adobe Connect eats server resource from the encoding it does from the lecture recordings

we have 14 VMs with 6 vCPU and 12GB for that workflow

going to be a good test of that setup in 4-6 weeks time though, all lectures are online now

my money is on failing and falling over

@solid falcon so is this like a self host Sunday project or business solution?

@strange silo sure it would :P all depends on bitrate :D

Well seeing how when Netflix approached us for cache for part of our network they required 10-20gb uplink with sustained 5gb usage for a similar 10k clients. Seeing how they have optimized the crap out of their streaming and Reno, I dont suspect tackling 10k users is easy no matter the bitrate

That's quite a bit of data....

Real quick question,

Does anyone here have somewhat good Networking knowledge?
I'm trying to follow a tutorial and idk what they mean based on how they've explained it and I don't wanna fuck up the settings on My router or w/e lol

Try asking your question, if someone has an answer, they will probably give it to you.

k so, I'm following this tutorial for trying to speed up My PSN download times for a few new games I wanna try out ( https://www.wikihow.com/Increase-PlayStation-4-Download-Speed ) and on Step-9, idk what I need to enter as Primary and Secondary.
Do I need to like, enter My IP or w/e..? I'm hella confused

Other than changing from wireless to wired, none of those "tricks" will increase your download speed

Is it the DNS part? The benefits of changing the DNS settings, are quite limited, for large services as PSN, especially if you're using a large ISP, as the caching they claim happens, also happens at your ISP and their servers are usually closer to you, and therefor will respond faster.

lol

these are all pointless setup

idk lol

aside from plugging your thing to a wire

none of it will really matter

I have 0 Network knowledge xd

Actually the "Download one at a time" and "No playing while downloading" parts can also give better performance.

I mean you might as well try to download overnight in that case

Yeah. 1GB takes around the same time, no matter if it's 10 downloads, or 1 download. At least if it's decent sized files.

there's probably stuff like people in your household streaming movies. or overloaded ISP problems that would make it worse. that and slow internet speeds for your plan too

all things that the console itself isn't in control of lol

Depends on the household and ISP. I've never experienced not being able to download at full speed, when NOT using wireless connections.

depends on the ISP for sure. I've seen slow downs on cable internet before

Powerline

does more adapters = less speed?

assuming all adapters are identical

also any way to improve powerline speed? I got a set of 4 TP-Link PA4010(P), all AV500 scattered in the apartment. Best connection between adapters was 85-90Mbps. Worst was 50-60Mbps, most likely due to distance between adapters

and tpPLC utility numbers are way off for some reason

AV500 only has 10/100Mbps ports so best case is going to be around 85-95Mbps depending on overhead

wot

I thought AV500 = 500 Mbps

so it would have like at least cat5e grade ports

well damn this sucks

We just up'd our subscription from 50 to 100 Mbps

and we've been wondering why our powerline sucks

luckily wireless lan technology has been pretty good, we had no issues with devices connected on 5GHz, except for that one room at the corner of the apartment

Yah, it's stupid, they call it 500Mbps and then throw a 100Mbps port on it

how isn't anyone sued yet

false advertising

clearly they are offering speeds that are impossible to achieve

not even theoretically possible

AV500 refers to the signal over copper which can hit 500 in perfect conditions. That "specification" is used across all their devices with some only having 100m ports. Disclosed right in their product page.

if you were 2 be paying for 600 mb wifi and when u connect via wifi you get 200 and ethernet about 700, would u say the wifi is good?

@hexed pilot well at what link speed is the device connecting at?

Is it 433 mbps?

well the speed i get when im on wifi if about 200

That's about half 433 mbps

So it's within range yes

nono

were paying for 600 mbps

Check network and Sharing center > find your network adapter properties

Right click your net adapter and choose properties

It should say the link speed

ok

Find what that is and tell me

If it's anything like my dell laptop, it's stuck at 433 mbps

Account for half duplex transmission, real speed is half that number, in best cases

390 Mbps

Yeah so your getting exactly the speed supposed to get based on your link speed

You need stronger signal or new wifi card

cool

Do you know what wifi card you are using

my laptop is a cheaper/2017 model i believe

Before the properties window, it should list the name of your wireless adapter

When it presents to you all the network cards in your system

ok

well

If not, check device manager

Network adapters

ok

but pretty much my question was answered

k

thanks

Heheh I love my wifi thats on my phone which does not have the best speeds at the best of times let alone with two other people on the same network

@naive meadow unifi is definitely where it's at for WiFi

On the cheap and stable

And let's not forget about free updates

Hope they never change that

@little schooner I think you misspelled Mikrotik

I'd much rather use UniFi for wireless than Mikrotik 😛

@hollow marlin I couldn't find their switches in stock at Amazon usa

But wifi I never tried their units

Bulletproof I assume

Rock solid

Outside their idiotic VLAN config, their stability is worth it over a gui

Can you believe my entire kitchen was full of smoke and heat and the mikrotik powerbox kept kicking as if nothing was happening?

Well it's not that surprising but still

I like how it can survive the environment

😛 I'll keep my UniFi

@rocky badge a rockin' setup there

Should check out some of the catalyst rugged switches

@little schooner Yee, it's nice

@rocky badge I'd like to have the console of an edgeswitch with the management of a unifi controller

Still not a thing yet?

nope, but I'd take UI + json configs on the controller 😛

@rocky badge those actually work? And save?

But what exactly are you giving up if you can use json configs?

It's still not a full feature set right?

JSON configs work alongside GUI configs

it's CLI configs that get wiped on a provision

o

Damn, I wish I could afford a unifi setup for my house :/

I live alone though so really doesn't make much sense

my buffalo ac1750-dhp works great as a switch/AP :p

Hello. Does anyone know how to access your home network via Wireguard?

I tried looking online but nothing works

Hey guys has anyone used Nginx for video streaming

@solid falcon I've used it as a reverse proxy for jellyfin

setting up pfsense on a vm. my normal router has ip 192.168.1.1 and the pfsense has a lan of the same. i have 2 NICs. can i specify to go to 192.168.1.1 on a different nic?

No

ok

change of question.
I have an internet connection with an ISP, using an off the shelf router. In my home lab, i have a pfsense router. Can i somehow pass internet over to machines connected to my pfsense router network?

so the isp router passes internet to the pfsense router

Put the router into bridge mode.

i cant as the pfsense router will not have 24/7 uptime

The routers would have to know about the routes of each device. You either do it statically or using a routing protocol which home routers most definitely dont support

@bleak inlet I would get it for the wifi at least, even if I was alone. Its incredibly stable and gets updates for a long time. Sometimes those updates add new features, like 802.11 r and k roaming

for absolute raw speed, you can stick with consumer routers.

Unifi finally fixed their broken implementation of fast roaming with the last two releases

Its nice to be able to walk outside and see full bars without having to disassociate the entire connection

UniFi ❤️

is this at work or something @rocky badge ? cuz for me, and I live in a fairly big house, one AP does the Job

Home

anybody here experienced with OpenVPN servers on Windows VPS'?

OMG my eyes are going crossed from looking at wireshark

anyone familiar with guacamole - Apache?

@rocky badge

I prefer ruckus ;)

3 x Ruckus R510 works great

UAP AC Pro and UAP AC Lite here

most of the dedicated AP's work great, must say cloudkey is really nice on ubiquiti

https://blob.pcmr.rocks/SugarySlateblueBlob.png

yeah the dashboard is more flashy :P

https://blob.pcmr.rocks/IrresponsibleOvercookedBlob.png

https://blob.pcmr.rocks/StrikingPristineBlob.png

Skynet is 802.1X wpa2 enterprise, IoT is just PSK but MAC limited, mgmt is PSK for mgmt VLAN

Guest is open limited to 5/1

i got mine set to google login :)

I could do that but it's just open

well it's fun to see who try to connect :D

btw does Ubiquity allow for disabled frequencies?

DFS? or stuff like channel 14

this

https://blob.pcmr.rocks/PoliteLightgreenBlob.png

you can't tell it what chans it's allowed to use?

https://blob.pcmr.rocks/ExperiencedTruthfulBlob.png

https://blob.pcmr.rocks/BeigeHappygoluckyBlob.png

nice

@stable warren 😂😂

:P

@stable warren do you get free updates with rukus?

yeah, only if you use cloud stuff from them u pay

@stable warren where did you buy your units from

Yeah, I like UniFi cloud connection lol

At a good discount?

Run my own VM of the controller, login to Ubiquiti account, access from https://unifi.ui.com or https://unifi.ryois.me

@rocky badge so like a VM you pay resources for to host it?

How do you secure that

i got them from a local supplier, flashed them to unleashed firmware and no more ruckus enterprise moneys anymore :)

Vpn only?

@stable warren I see

It runs on MacOS/Debian/Windows/any other Linux

Neat

@rocky badge but how to secure it when it's in cloud?

it talks to your controller with your Ubiquiti account

or just have your own vm's :D

Oh ok

your Ubiquiti account is an admin on the controller

Ah

:^) https://blob.pcmr.rocks/ObviousRosybrownBlob.png

kinda like not being dependent on cloud stuff though, openmesh has it also.. all is fine when AP's stay on and internet is down, once internet goes down and people reset their AP's it goes to shit

https://blob.pcmr.rocks/ActiveSizzlingBlob.png

The devices don't talk to the controller via cloud

It's all local

I can access the controller via the cloud for remote management

k

blob any chance you know about apache guacamole? :P

Yes

i don't get how to get my computers in it :X

MS RDP/VNC/SSH

https://gravitational.com/teleport/docs/quickstart/

any

Although I've been looking at this

yeah looks somewhat easier

used docker for it but wtf pain in the @$$ to get it running

Thinking of buying a Ubiquiti EdgeRouter ER-10X router. Any experiences with that?

my plan is to add a Ubiquiti AP to that.

Whats you home connection? If I remember that thing cant handle much

Got a fiber connection but im only on 200Mbit up/down. Did not buy any more. 1000Mbit is supported though, but is more expensive ofcourse.
1gig on the LAN-side.

I want it to be some what future proof at least handle 1Gbit on WAN

If that is not your recommendation can you please suggest an alternative similiar?

Its cant handle gig unless its full 1500byte packets

got old hardware laying around?

Yes, but only ATX form factor.. would go for something smaller lite Mini-ITX or something.. uATX..

Got a Intel E6600 and a Asus P5B-deluxe motherboard.. 8gig ram.

i'm using a i7-950 p6x58-e as a pfsense box.

Yeah, been thinking of building my own..

The ER-10X's ports are connected to a switch witch is then connected to the CPU, maxing out at gigabit

As  @UBNT-Vlad  said, the issue is that every ethernet port is connected to a switch, and this switch is connected to the CPU routing engine via a single 1Gbps link.  Having all the ports connected to a vlan-aware switch makes the router much more flexible, but the price is that the 1Gbps link is a potential bottleneck for traffic that must be routed.  This includes any inter-vlan (between vlan) traffic, but does not affect the intra-vlan (within vlan) traffic, which is switched, and that traffic never even reaches the CPU routing engine.

I was more pointing at that it can only route a gig on 1500byte packets. If a router cant route gig at 512 then its a terrible router for gig

So.. that router isnt bad or "good enough" for my use?

Its not bad at 200, it is at a gig

@hollow marlin does the er lite route at gig 512?

Well maybe I can check

Oh nice it says 3gbps line rate

What's the 64byte pps?

1,000,000 pps

@hollow marlin how would I know if 1,000,000 pps is good for gig line speed across 3 ports?

So I currently use a google wifi cluster of 3 around the house, works fine not the issue, I need more configurability at a router level so I was thinking of just pushing the nodes behind a router effectively double NATing them. Any recommendations on routers that can handle high throughput? (with or without wifi as its going to be disabled anyways)

was thinking of a EdgeRouter X. open to suggestions

actually maybe the EdgeRouter 10X might be a better choice

actually maybe the ER-4

@little schooner 64byte is worst case scenario so take 64x1,000,000x8=512mb/s, so it cant handle a gig under that load. But you want pps on 512bytes if the vendor supplies it as that is the average typical size. Depending on whether its good or not depends on your use but like in the case of the 10x, it can only do gig at 1500bytes. That means if any other traffic hits the router other than 1500 gig is already out the window. Not including the performance hit if any other features are turned on

@hollow marlin thanks for clearing that up

@hollow marlin but one more question, how could they raise 64 bytes to be higher in mbps

Or they can't? It's really just worst case

In other words, don't let the packet be that small?

They would need better silicon to handle high pps. Either better hardware switching/routing or a beefier CPU to handle everything the chipset cant

Ohh. So the cpu wasn't in that equation. The equation comes in after you get the pps value

Reason being is when a packet is processed in a basic switch or router it only really needs to reach the L2/3 header which is consistent across any packet size, payload size really doesn't matter.

That's where pps become the best metric for performance as long as you have the packet size

But because it so small, so many of them could come in all at once

Vs many big 512 ones

That's where it gets trapped?

Yeah. imagine 8 3 lane highways being forced to merge onto a single 3 lane highway. Fine if traffic is light, but lots of traffic will bog it down.

Well if you are using SIP at home you router is getting a constant stream of 64byte packets. Not in the 1000s per sec but still. That's why I said 512 is the best pps metric to look at to determine real world performance.
In enterprise. 64bytes packets are a real focus with vocie, DNS, DHCP, per segment protocols, etc.

You'd be surprised what a building of even 500 employees pull. Also Ubi is not enterprise no matter what they say

I'll have to grab some stats of one of our cores. Haven't checked in a while but we have a tone of <512byte traffic. But our smallest core can handle 1tbps at 512 so little to actually worry about

@hollow marlin depends on business. most of the time its not used for personal use, so you can see 500 people on 10mbit internet

the bulk of the traffic is over private circuits with internet only used for some google or whatever

You can but you shouldn't lol. Also both circuits tend to be handled by the same equipment so private or not need to be able to handle the load. This is all getting way to not picky but the amount of times I handle customers that are complaining that their circuit isnt performing as necessary is almost always due to underpowered hardware with horrible configuration to make it worse

Biggest problem I have is the specific configuration implications on the hardware capabilities and performance, the spec itself sometimes is not enough

Take for example my Fortigate 60D, it'll do 1.5Gbps at 64byte firewall throughput but only if the configuration supports the ASIC offload

My ISP uses PPPoE and VLAN tagging from the ONT so I have to configure a vlan sub interface and then configure that sub interface as PPPoE type which when that connects it creates a dynamic sub interface under the VLAN sub interface

Which means no ASIC offload so goodbye 1.5Gbps throughput

Remove either the PPPoE or the VLAN tagging and hardware offload is then supported

It's the double layer sub interface that's killing it

Stuck at 100Mbps on a 1Gbps/1Gbps plan lol

Need to setup the hEX as a bridge and hide all the BS from the firewall

That was my point when I mentioned to Xeon that pps is without any features. Mikrotik as you know has too many quirks where a single protocol with knock it out of fastpath and straight to the CPU. I see this with Juniper as well in their SRX series that we deploy.

That's the problem with spec sheets, nice numbers but.....

Luckily the top vendors will include the specs within the datasheets but even then tends to only be the top tier equipment

Well even though mine has that all listed it doesn't stop the problem I have and you wouldn't know until you deployed it and then ran the diag traces like I did and look at the hardware offload state

Because none of the documentation covers it either, it's in that "too obscure" hell hole

@hollow marlin You got a known config to bridge an interface from a hEX to a firewall?

Still want the public IP on the firewall but need to strip off the VLAN or the VLAN and the PPPoE auth

Or would I just be better off setting up routing? Guess that would be easier tbh

@strange silo set interface ethernet switch port ether2 vlan-mode=disabled vlan-header=always-strip default-vlan-id=[pppoe-vlan] might work. You can leave the WAN/LAN in the bridge and let the switch chip just strip on egress.

On WAN try set interface ethernet switch port ether1 vlan-mode=disabled vlan-header=add-if-missing

I know hEX has very basic switch chip functions but if it does work will hopefully work with HW offload

mynameisjuan, ok. do you have any suggestions for another router around the same price range and specs?

that will do better at gigabit?

If you are going Ubi I would still with that for a single pane of control. The USG (smaller one) I think can do gigabit with everything turned off. If you have extra money you can pick up the USG pro you can do it with IDS/IPS on (which really dont matter with their type of implementation)

buy a cheap server on ebay, and put pfsense on it 😄

Or just stick with a fanless less power hungry option

@clear igloo yeeeet

Visual Studio Code + code-server + AWS EC2

Yeet all the code?

Yes

So what’s the theoretical transfer on the er 4? For 64 byte packets it would be only 217mb / s?

Did the math wrong is 1740 mb / s right?

@rocky badge what's code-server's extension compat like?

It can install anything visual studio code can

it's basically a remote instance of visual studio code

which clients can connect to

huh.. might have to give that a shot. I already use the remote SSH extension for 99% of my dev but the idea of just being able to pop open my dev env in a browser is kinda neat.

yup

@hollow marlin Would you still do that over just setting up routing to the firewall? I can still have my 8 extra IPs off loopbacks or on VMs on/behind the firewall. My extra 8 IPs are an entirely different subnet assignment and my ISP has a route for those to my primary default IP address handed out via the PPPoE static IP. I'd just need to hide the private IPs from traceroutes that I'd have to use between the hEX and the FortiGate.

I would still do that and hand everything off from the hEX to the Forti. While I love Tik the Fortigate is better suited to handle everything. First it eliminates issues with going through 2 firewalls, second it eliminates translations.
Just easier management in the long run. If you do go just routing between the two just block udp/ICMP from the subnet between them in the hEX.

That way PMTU isnt broken in the process to your servers/VMs

We have had some problems with Wifi

anyone knows what this means and if its related

have no idea if those thing I did hide is worth hiding but did because why not

What problems are you having exactly?

Sometimes internet connection on wifi stops working for a little while

on some devices

Not much given for the cause other than devices leaving then connecting back. Any recent firmware or possibly on a similar channel as another AP?

It did not leave and come back

router is on latest firmware

why is it changing whatever threshold it is back and forth so much?

Well, correction, device did disconnect and recconect, but that was done manually AFTER the problem situation had started

@clear igloo woah, AWS has a lot of educational resources https://blob.pcmr.rocks/LikelyUntimelyBlob.png

Very cool 🙂

@rocky badge does DC-TestDeploy as a name for testing domain controller provisioning make sense?

or could I word it better

I mean, yeah whatever works for you. That's descriptive enough for a homelab lmao

it just... i dont like it xD

it doesn't sound right

my domain controllers are ws2016-dc-(x)

where X is a number

hmmm

well i guess I could give it a letter or specific number

since it will never change

@rocky badge nope, needs more hyphens and descriptions 😛

think i'll use x to symbolize it as "use this VM to dump deployments on and see if it works"

DC-X is what i'll go with

thx

https://blob.pcmr.rocks/RigidDarkseagreenBlob.png

🤔

$$$

$300 is like me paying for comcast fiber

jesus. It'd be cheaper to buy that equipment

Cloud > on prem for this

https://blob.pcmr.rocks/DecisiveAridBlob.png

So far 😂

@rocky badge what web app is that

https://cloudcraft.co

lol, fair enough

looks so cool

dang

powerful!

ya

@rocky badge do you believe in the 15 character limits for server names outside of windows?

I personally like descriptive names

nope

if I could redo my school's naming scheme...it would be long

yeah. i wish i made our labs names longer

my prof asks me what all the abbreivations mean

and i tell him its in the docs

but no one likes to read the docs

Switches:
switch-[school]-[unique switch #]-[room #/IDF #]-[connecting switch #]
APs: 
ap-[school]-[room #]-[connecting port #]-[connecting switch #]
``` Domain controllers/file servers/etc are all fine...but switches are just `switch-mac-randomshit`

no one reads em, but god forbid if you don't document how you did something new

and I like that. looks like it makes troubleshooting network issues so much easier

Ports on the wall
[switch #]-[port on switch]
Ports in management
[room #]-[switch #]

yeah that would make it super easy

no guesswork

And I would defo redo the subnetting and VLANs

how do you like to do your subnetting?

I usually just slap a /24 on everything

my prof likes /24 a lot

even when we need more than that for wifi access

he mentioned something about telling the students manual fixes in a pinch

like "go to your ip settings and try using this ip with this subnet"

https://blob.pcmr.rocks/InexperiencedWoodenBlob.png

Something like this for hs

looks good

@rocky badge do you know how those ID door locks work? are they hardwired into a system with ethernet or something?

yes

I see teachers at university put their badge and then enter pincode

RFID

Central management appliance is a VM

dang, how do they fit the wires in the door like that?

beats me lol

I want a system like that for one room at home

if its being rented out

Depends on the kind of reader. I do physical security too, usually you have it in the wall

not the door

Yeah, our outdoor are in the wall

At the school i volunteer at, yeah they have it on the wall

looks like they havent changed it in forever though

rfid is old tech, and a pretty stable standard

true

yup

honestly, the old systems are probably hard to physically expliot. there are some really nice pentesting tools that you literally just crimp into the cable that runs from the reader antenna to the processing hardware, to clone creds

but older systems, at least the ones i've opened up are single wires, not labeled, all rat nested together. no easy open, crimp, close for that.

oof

https://blob.pcmr.rocks/UprightOliveBlob.png

this is a lot of vlans

(2 out of the 8 elementary schools) big oof

yee boi at 84 vlans and counting

@thorny vector @little schooner Do you start VLANs at 10 and then go up from there? Or 1, 2, 3?

I usually catagorize em by the 100's, with each multiple of 10 inside being a different segement

Yeah we started at VLAN 10 and used 10 increments

@thorny vector ooh yeah

and anything in the middle, like 11,12 are if we need to add more to that specific department

well, i never had to go that far yet

i only worked in small environments

https://blob.pcmr.rocks/GummyUnfortunateBlob.png

@thorny vector also, I noticed switches from netgear want to reserve the lower vlans and dont let you change them

so starting at 10 avoids those vendors oddities

that's only on my personal stuff. I never really have to do much networking work, since I'm a security guy. And yep. My homelab is a ton of used hardware, so the stuff I do is pretty hardy against weird manufacturer crap.

Yeah at home it's 10/20/30

Etc

The biggest thing I have ever done so far was get this up and running for the college https://www.netdevgroup.com/products/

My prof thanked me so much for helping him all summer with it

@little schooner @rocky badge Server names should just be asset numbers or GUIDs etc then create CNAMEs for descriptors

You could do that ye

no actual reason to specifically name the OS something meaningful 🙂

^

I use asset numbers to assign computer names a hostname during deployment

but im not sure if that is inefficient

Most of my edge servers are that as well

edge-random shit

I pull the serial numbers from excel file

Then cname to actually useful stuff

@rocky badge some service I ran into problems with didn't know how to work with cnames

but I dont remember what it was

Oof

but it was a pain

the troubleshooting

wasting time

most things should work with cnames

I hate the ones that take the cname and then translate and store the real one and discard the cname lol

why.....

yeah that problem too

like cmon

@strange silo oh, also the distance learning platform was https://www.netdevgroup.com/products/

forgot to tell you that like 7 months ago

yea I 100% remember the context around that 😉

Yeah. My prof was having a hard time figuring it out

but all i did was follow the docs carefully

@thorny vector would you just pool all guests together, or guest VLAN per school

@strange silo and unfortunately we did a non-standard rack design, so if it ever has a problem

he's outta luck

depends. I would probably do it by school if those segments can touch each other, but it probably wouldn't matter

I tend to err on the side of caution and division

@rocky badge does it make a lot of sense to put different schools on the same vlan, if they are associated with the same group type (like Student Vlan, Teacher VLAN)?

or nah

or dont even bother linking them like that?

Nah, per school VLAN with per student teacher, that shit gets crowded

1:1 devices, mobile devices, iPads, desktops, laptops

ahh so you would even have a vlan just for ipads

The most I've seen on the network was ~80k devices for a school with 8k students

yeah thats a lot of devices

Grouped VLANs per school, I'd never want to have to go back and segregate after the fact

^

okay

yeah that sounds more managable

Could you imagine a vlan for each type of device -_-

Nice thing about any decent wireless solution is you can just have multiple VLANs and subnets in a guest network group so you can keep it simple for techs to look after, just keep slapping on /24 as you need more

trying to explain /22 to a first time ever employee is just a pain lol

Lmao

yeah my prof doesn't like anything except /24

he said anything else is too complicated

eww, get that dirty subnet away from me

we have /22's and /23's etc

all sorts

calling it too complicated is a bit much, though

it's not, after time

I think because he has a lot of responsibility on his plate

he doesn't want to be stressed out

even though the docs are there to guide him

he teaches like 5 classes and gives workshops to business around town

but basically all learning is centered around .0 is network, .255 is boardcast and .1 is gateway which is 100% inaccurate in practice

literal mind explosion when you encounter anything else

for the first time

true lol

Im so used to home routers making it simple at the beginning

I was confuzzled when I realized when I tether stuff to my phone, its a /24 network where .192 was the gw

lol

I only got into networking because my computer hardware prof told me they hired a new guy whose really good at teaching the content

thats when they started using netacademy

I definitely made a great decision

company I used to work for would pretty much give anyone a shot and hire them, it was a great place to start out in the workforce as it was one of a few willing to do that but it required a lot of careful design choices to be able to support that

Do some security training too if you can fit it in

And every tech had domain admin access to every client #yolo

wut

hahaha

I like having that kind of access, but worried if someone were to get a hold of it, they could destroy it all in moments

I made myself a standard account at the lab

my prof prefers his domain account though.

I can't get blamed for big system changes

my account cant make em

I still know how to access pretty much every client from that company

like, really. I have 3 personal accounts on my domain, each with different permissions just because of that

and that was 6 years ago

@strange silo nice to have keys to the kingdom follow you around

heh

Why are OEM-motherboards the only ones that get serial numbers?

I tried to find my asrock serial and it comes up blank

Like, in system info, or on the board itself?

makes it harder to do deployments since I rely on the serialnumber for hostname

you using software to check or actually looking at it?

yeah in system info.

software

yep that's normal

wmic csproduct get IdentifyNumber

would print the serial

Im using uuid now

but its so much longer

I've also had gaming motherboards use all FFs for PXE or all 0.0.0.0 and other weird stuff for god knows what reason so every network protection kicks in and shuts that down so you can't PXE boot

yeah like wth

yeah, consumer boards usually don't have that loaded in, at least in my expirience. No real need for em to, since that'd be an extra step in production for a feature the target demographic wouldn't use

PC- "I WANT TO PXE BOOOT!!!!!"

lol

GIVE ME IMAGE, NOOOOOOOW!!!

It's why I do actually like HP so much, or did when I still did that stuff

And Lenovo for laptops

I think it was IBM/Lenovo that did SCCM driver package downloads first, so great

I still have nightmares about reimaging with pxe

shudder

Never had an issue with the HP Elite line of desktops

they only used 1st party standard chipsets etc

zero pain

The biggest tip I learned about reimaging with pxe was to make sure that Portfast was enabled on all edge ports because some NICs would reset their link and the Cisco switch would take too long to get a link for pxe boot to happen

HP laptops though, eh not so much

As soon as I did that in my professors lab, he was so excited that he could pxe boot all his images

before, he was doing them 1 by 1 by hand

whooooooo, you wanna talk about chipsets? I built a custom esxi server into a portable case, using cheap consumer hardware. BOOOOI, lemme tell you what. Intel chips do a loooooooot of stuff they say they don't support

sorta

if you ask nice

If you want to have some fun with SCCM create a mandatory OS deployment task sequence deployment to the All Systems collection