#networking

fucking aruba

the golfer was HPe CEO if i recall

🤔

Could you? Sure. Why you'd want to though....

.....

Unless your house is the size of an amazon warehouse, there is literally no conceivable reason for you to do that.

Might not be considered a networking question. Anyone recommend a **decent **web browser that uses your windows certificate store? Chrome and Firefox don't work and i don't want to buy SSL certificates.

@cedar igloo chrome does use the windows certificate store. Firefox doesn't.

is there something you need to enable?

i have added a cert to my freepbx machine. in edge, it works right away but in chrome it says about the hsts error which i need to override with "thisisunsafe"

@cedar igloo does it say why it deemed it unsafe?

For chrome, I'd think you'd have to completed restart the browser if you added it in while it was open

other times, if the certificate uses algorithms that are no longer deemed secured by chrome or is missing SAN, it may not let you use site.

i didnt set up a SAN. what would this be?

the subject alternative name. Its a field in the certificate, like here:

where you add your dns names to

i didnt add any of them. ill try that and get back to you

k

would this be done in the signing request?

For windows pki, yes I believe so. You add it in

on pfsense, it didn't have to re-add it back in

I am using OpenSSL

oh

yes just make sure it has SAN attribute

These are the options FreePBX gives me

also @cedar igloo https://developers.google.com/web/updates/2017/03/chrome-58-deprecations#remove_support_for_commonname_matching_in_certificates

oh, looks like they dont offer SAN there

can you add it when you sign it with CA later?

with openssl

you're asking the wrong guy. I just installed this CA 2 hours ago

heh

umm maybe you have to generate your CSR somewhere else that supports SAN field then. I dont know the command for openssl to add an additional attribute before CA signs it

hmm with openssl config file, SAN attributes are added at the bottom here

@cedar igloo https://geekflare.com/san-ssl-certificate/

try that guide

and would the SAN be the server FQDN or the CNAME URL?

i might just add both to be safe

FQDN

and the common name i guess is the CNAME?

well...

well common name is abbreviated as CN in openssl

is that what you see? CN?

CNAME is something else

by CNAME im meaning the DNS entry that points from url to target

i must have done something wrong. theres still no sans in the certificate

@cedar igloo yeah that's different from CN

Not related to cert

just realised the error in chrome is ERR_CERT_COMMON_NAME_INVALID. If my server is rs-voip-01.domain.local and i want the url to be voip.domain.local, what would the common name be?

It would be voip.domain.local @cedar igloo

The URL you enter must match name in certificate for there to be no error

With SAN, more than one name can be provided, that's where the flexibility is

Rfc says if SAN exists, ignore CN

No San, then read cn

so, i tried it with rs-voip-01.domain.local (the server hostname) as the common name without any sans but this didnt work either so i am lost

So try with voip.domain.local as the CN name for your server cert

@cedar igloo certs can be frustrating

Still not working

@cedar igloo what does the error say now?

I wanted to reply, but warship bot said no. its the same common name invalid

@cedar igloo well, it will continue to say that because its missing SAN. Chrome deprecated CN in version 58

so even if URL name and certificate CN are the same, chrome will still reject it

i tried adding the san using the link you sent, but it didnt work. trying to find out why

anyone know good open source forum software? please mention me, i want opinions

@visual cliff
One of the most popular choice currently is Discourse, which is used by a lot of forums (like Level1Tech, Twitch Dev forums...): https://github.com/discourse/discourse
And you have a lot of others solutions in this list which are all open source and self-hostable: https://github.com/awesome-selfhosted/awesome-selfhosted#social-networks-and-forums

As for opinion (as an user, didn't hosted forums since at least 10 years), I find Discourse great, it is simple yet powerful.

ty, much appreciated

I prefer a phpbb style forum more than discourse

but not sure which one would be a good option for that

ngl I hate Discourse 😬

IPB (which LTT uses) is far better for discussions IMO

So I have a vultr account with two boxes. One is my ubiquiti controller. The other is my OpenVPN box how do I set up the private networking in vultr so when I connect to my VPN I can access my unifi controller via it's local IP?

Is there a program the can export and import all wifi passwords with a few button clicks? I know about cmd/powershell export and something like wifipassword viewer but that doesn't import them.

netsh wlan export profile folder=C:\wifi

@crisp shell that will export all of them

That exports them all to seperate files, is there a way how I can import them all at the same time?

@crisp shell maybe with a batch script and some variables

yeah

what @little schooner said

Alright, I didn't thought about that. I have some experience with php foreach and arrays, maybe I can learn how to do it with cmd/powershell

i mean i would just create a batch file that does

netshwlan import SSID2.xml 
netshwlan import SSID3.xml ```

netsh wlan ***

how many profiles are there

It depends on the computer, I want to use this for work where I transfer files for customurs.

So one time there's only one the other time like 30

that's the hard part

FORFILES /M *.xml /C "cmd /c netsh wlan add profile @path something like this? @crisp shell

ECHO We are going to import all the profiles in this folder!
SET /P ANSWER=Do you want to continue (Y/N)?

if /i {%ANSWER%}=={y} (goto :yes)
if /i {%ANSWER%}=={yes} (goto :yes)
goto :no
:yes
FORFILES /M *.xml /C "cmd /c netsh wlan add profile @path
Pause
exit /b 0

:no
echo Bye!
Pause
exit /b 1```

make sure cd to the dir

@crisp shell

I'll try, thanks in advance

MAN

you are f*cking amazing!

it works

as long as the exported profiles are in the same folder it just adds them like that

yup

This will save me so mutch time

glad to be of help

@deft pasture oh dang I was thinking too much. Yes it literally would be that simple. Duplicated lines with different file names

Forfiles is a thing?

Neat

🙂

now if only someone could answer my vultr question lol

If I know what that is and I know something about it sure, but I don't so 😆

lol

I want to die my fibre cable broke cuz the guy who installed it is incompetent and made it to tigth

So every time I moved it

o.O

It was pulling a little

why did you move it??

Imean the router

yeah

U know to access the shit behind it

my guy strapped everything down

Like lan cables power etc

yeah. all strapped down

Ports*

so you don't ever have accidents

Well I need to get to the back

super ultra fragile stuff

It's wall mounted

Idk why

That's the router they have

Now I'm without internet for a while

It's like the main Central

I mean I went with an ONT so that I can use my own router

haven't touched the placement of it since they strapped it to the network panel

I'm using my own router too

But I need the home Central for tv

Like cable tv

I wish fiber wasn't so fragile

it would be more expensive if it weren't

I wish they'd install something where you can actually unplug the fiber. like a jack

Yea

so if you do damage it you can get it replaced from the jack to the device

instead of having some guy come out and fixing it

That's what there's supposed to be

nah

But they didn't install it

I haven't seen installs with it

it's always just a straight cable with service loop

It's this

But for

Fiber

So that shit sticks out from the wall

And if the cable breaks

They send a replacement

fiber coupling isn't cheap

That's what customer support said

Iknow

They said ur supposed to be able to replace it urself

But since i didn't have it

I have to get a technician over

I don't think it normally is as far as I've seen

I live in Norway

They do shit different

U get like a

Lil box

Where the fiber from outside

Goes in

And from there

To home Central

Supposed to atleast

side note: emoji in usernames drive me nuts

Nooooooooo

Total Disconnected Time :   0d 00:08
Total Availability      :     99.98%```

8 seconds network downtime on my probe

I only have one of my four actually connected right now so for the others:

Total Connected Time    :   0d 00:00
Total Disconnected Time :  30d 00:00
Total Availability      :      0.00%```

Hah

Mines usually 100%

Why do you have so many xD

For my home one, the ISPs here always have little issues so I never quite get 100%

Well, one for myself, one for my parents, one for my rack, and not sure what the other one was supposed to be for so I never did anything with it

Here is the stats for my parent's one, the only one working at the moment

    Time Connected    Percent
Last Week    7d 0h 0m    100.00%
Last Month    30d 0h 0m    100.00%
All Time    1y 229d 12h 30m    99.92%```

Yo anyone have experience in davinci resolve remote rendering?
Ive been trying to get it to work for the past two hours and im at a lost cause

@vapid dune

This is how it's supposed to be

This is in my other house

My summer project is to set up a nas that I can expand and keep using for as long as possible.
This is why I'm looking into used server chassis.
Is it normal that drive caddies are almost never included in ebay listings?

@ember stag Very normal

Painfully normal.

Alright, does anyone have tips on finding decent rackmounted hardware?
I heard SAS backplanes were important, what is the difference between SAS and SATA?

@ember stag this explains it pretty well

https://www.turbotekcomputer.com/resources/small-business-it-blog/bid/57900/SATA-vs-SAS-What-is-the-difference

Essentially, sas is faster, and enables HDD’s to have higher spin speeds

and not really needed if you're going to use consumer drives

@vapid dune isn't everyone technically a consumer since they consume the drive's services

im just playing.

Thanks :)
I already have a NAS with 15TB (12 usable) running OMV.
The problem is that omv 2.2 and debian 7 that it runs on have both been obsolete for ages.
There's not even security updates anymore and trying to update plex resulted in it not working at all.

Is there a NAS OS that is easy to update and keep up to date?
Does UnRaid have that feature?
I've seen Linus praise it over and over for its user friendliness and I don't feel like spending another 2 days setting a server up and 5 days troubleshooting.

what do you use the NAS for?

so far I've been happy with FreeNAS

My brother uses it for mass storage of raw pictures and I mainly use it for plex.
How do you update from version to version (including linux versions) on freenas?

freenas is the OS but I just update when ever something hits stable for the most part

What distro is freenas based on?

freebsd

And you can just upgrade in the cmand line without any troubles?

I just upgrade in the UI

you can redo the installation relatively easily actually

in the worst case

since it's designed to boot off a usb stick

but I have no trouble upgrading. aside from that time where my usb stick died

I had a backup config though

I tried upgrading my omv install from 2.2 to 3.1 and the recommended procedure is setting it up from the ground up

Hmm can you at least export the config?

There's also a separation between the concerns of your pool vs the concerns of your boot drive/os

How redundant do you need your drives?

Not sure if you know about raidz vs unraid vs others

I havent tried that..
I'm a bit overly careful because the pictures are quite import to my brother.
Do you not have to worry about the pool when updating?
I thought the software raid relies on the os to know where everything is.
I'm running a RAID5 with 5 drives, so 1 can fail

Fwiw usually when you go up a major version for a distro they always recommend a reinstall in the *nix world

The pool itself can be offline when you upgrade

It's not the OS drive

Pool is for storage

You can upgrade the pool in terms of filesystem and what not if you want but I think it's not necessarily recommend all the time either

Hmm do you have a backup solution for the important pictures then?

Also you should plan in advance how you plan to expand your drives

I think unraid is easier to just plug in a drive. Vs freenas you plan a vdev at a time (unless you want to replace all the drives in a vdev one at a time)

And while installing the new version I can simply choose those are my drives in a raid 5 and it keeps all the data?
I was thinking about building a second nas, so my brother and I both have our own and then rsyncing 2 directories to each other for off site backup of important stuff

ah I was gonna suggest 2 pools

Yeah, my plan with unraid was getting an 8tb or so parity drive, getting a 24*3.5" rack on ebay and just expanding on the fly

1 pool of mirrored drives for important stuff

That pool local or off site?

and 1 pool of raid z1 or z2 for storage of other stuff

local. but offsite is important for the mirrored drives I would assume

ah yeah expanding "on the fly" is harder with freenas in a way

you have to expand vdev at a time. or upgrade individual drives one at a time but to no immediate gain until all the drives in a vdev are upgraded

pool = multiple vdevs

all the vdev in a pool are the same shape. ie one of 2-3 drive mirrors, z1, z2 or so

Can you make every single drive a vdev?

I think so but have to realize it stripes across vdevs too

so if you lose a vdev your pool is hosed

Is it even sensible to have multiple vdevs then?

yeah it's okay. give you an example I use mirrored vdevs

I have 10 drives, so 5 vdev of 1-1 mirrors

or I could do 2 vdev of 5 drive raid z1 (1 drive failure tolerated per vdev)

though z2 is more recommended these days for the increased drive sizes

rebuilding an array is stressful on the remaining drives

I used to be on z1, but you can only expand the number of drives at a time in a vdev

so I switched to mirrored to be able to plop 2 additional drives into the case to expand (or replace 2 of the drives in an existing vdev but that's generally not as recommended but possible to do)

compared to 6 drive raid z2 where you'd need to have 6 drives added before you can expand the pool

Can you switch vdev configurations while the thing is running without losing data?

no

you need to move all your data off of it first before switching

I had enough drive space to move things around in config

just didn't plan my use case thoroughly beforehand

since I was setting it up with little experience at that point

Ok, back to the question about upgrading, can you install a new OS and just tell it those are the drives and it reconstructs everything without losing data?

if you had to nuke your OS and didn't have the config backed up you mean?

yeah you can just import the pool: https://www.ixsystems.com/documentation/freenas/11.2/storage.html#importing-a-pool

oops sorry that was older documentation. latest is https://www.ixsystems.com/documentation/freenas/11.3-U3.2/storage.html#importing-a-pool

for pictures it's probably a good idea to budget for automatic snapshots of your data too

So the information on where all the data in the pool is is stored in the pool and not on the OS drive which means i could theoretically also switch from OMV to FeeNAS, right?

you can't because from what I read OMV is ext4

what I mean is that you can't just import the drives

Yeah, i didnt realize they were on different filesystems

What is the purpose of automatic snapshots when those are stored on the same drives?

for me it's just something in case I lose track of stuff, I can just go back a week or two to try and find it

it's use case dependent mind you

Oh ok in case something gets accidentally deleted, gotcha

I am a bit curious if OMV has the same properties as freenas, I see it as the alternative for building a NAS sometimes

I use it because at the time i heard it was easier to set up.
It's not bad, I just don't feel comfortable doing some of the things like reinstalling the OS while there is data on it..
My dream scenario is just having a box that runs 24/7, automatically installs security updates and where i can throw in and replace any drive however I want as long as there's enough parity

the however you want part is the part that probably is a bit more restrictive in freenas. but I really wonder how unraid does parity

WOW

i just got TROLLED by some germans

Yeah, I'll probably ask on their forums if they'd recommend unraid for this purpose^^
Thank you very much for your help :D

the thing is that rebuilding a single drive will stress every drive needed to do the parity

so if your entire array is boiled down to 2-3 parity drives

then it'll stress every single drive in the array lol

@clear igloo i just tried to log into a switch from our germany office that they manage.... a giant trump yelling ascii art greeted me before the login prompt

lol, nice

lol

basic networking question here, but i have a router in my esxi server which has an uplink port to a cheap switch. The uplink has 4 different vlans. What sort of switch do i need to split these vlans? would any level 2 switch work or does it need a level 3?

Layer 2 switch with vlan support will work just fine @cedar igloo

Trunk port on the switch for the uplink cable

there are some cheap ones that would work nicely

im thinking my current switch may be capable of it then. just not sure how to set it up

ah

I have one of the 8 port of these https://www.tp-link.com/ca/business-networking/easy-smart-switch/

have to use their custom tool to do it

that's the annoying part about it I suppose. doesn't integrate into my existing stack well

https://www.netgear.com/support/product/gs308e.aspx
I've got one of these

ah looks pretty similar lol

https://www.downloads.netgear.com/files/GDC/GS105EV2/WebManagedSwitches_UM_EN.pdf

chapter 3

oh does your switch pull an IP?

yeah

ah cool

so there's a web interface

mine doesn't have that lol

how do you do that with yours then?

the software can find the switch

probably snoops until it finds the mac address

This is the sort of thing i am wanting to configure. Is it possible?

5 and 6 are the uplinks to the lab, with the no vlan of ports 5 and 6 to be different to the no vlan of 1,2,3 and 4

https://blob.rocks/9RZKapdiO6.png

my main hypervisor lacp oof

what do you mean none @cedar igloo ?

also why are there so many VLANs I don't get it

I mean you can certainly have ports be on multiple vlans but then you need something to do the tagging

what I do is let my switch do the tagging and have my single device be untagged behind it essentially

Basically, on my home network, i have an enterprise environment inside two ESXi servers (routers & windows server stuff). VLANS for infra, dev, prod, office, IoT and guest. All of these have a single uplink ethernet into my switch. On that same switch, i am wanting to have two ports for my office vlan only

let me know if i am not explaining it well

by none, i mean i think it doesnt have any vlan tags

ah untagged

there's still a vlan associated with untagged traffic

so, i have an untagged section on the switch for my home network, and another section including untagged network for my lab env

but yeah there's tagged traffic and untagged traffic. just have to configure what you want for it

thanks for your help. it seems i miscounted the ethernet ports round the back (missed the mb ones) which didnt help. its working now though

when its traveling within the switch, its Tagged traffic

Security question for y’all. So I’ve got a webproxy so that I can access certain internal web interfaces from outside. Some of these devices are quite old and therefore have questionable security (like my PDU). Do you think it’s safe enough to have these behind the webproxy? You would need the exact domain name to even access it. But I feel like maybe I should add HTTP basic auth just in case

If the webproxy does not have application firewall capabilities, hiding those old gadgets behind a proxy will not help protect you against vulnerbilities in the webservice on the end device.

why not use a VPN?

Setting up webproxies are easier? 😉

I doubt that lol

I can get a reverse proxy running on apache in like 10-20 minutes.

I can install a VPN in 5?

A VPN server, with client->network access? What software? (And does it include the OS install?)

why would I include the OS lol

Wireguard or OpenVPN really

the key generation would probably take the longest

Because you would usually not install it on an existing machine. 😉

Also I don't like having to install a client for my users, so 5 minutes for the server, sure, but user support would add a LOT of time to that. 😉

huh

this is just scope creeping the problem

All the webproxy requires is distributing the URL. ANY VPN solution requires distributing VPN clients/settings, and teaching users how to activate and deactivate the connection.

It's still part of the effort required to get the service to a useful state.

I am assuming this is for accessing websites that are normally hidden internally like a PDU and that it's for a single user

if you want to deploy it live into production with a kitchen sink then so be it

@vapid dune can it be the two section kitchen sink? I really like the separation

sure but for some reason the left side is 50% smaller than the right

Yeah that's true

@vapid dune we can make it do application firewall duty

In the smaller section

might be leaky

@waxen scroll Working on L2VPN over an NNI for a customer and some how either their network or ours caused a loop triggering BPDU guard and taking an entire city down....lovely

i hate nni

Im trying to do a pretty fucky translation over it and I think that bugged out and looped

we once had an engineer make a deal with a provider to switch a crapload of asian circuits over

he takes a sick day and drops it on my lap

routing was all screwed because i didnt know about the NNI and he didnt account for it

I dont particularly hate NNIs but NNI=L2 and L2 can die in a fire so yead

this was L3 nni

extra ASN in BGP path and our headend didnt like

I prefer a L3 over L2 NNI any day though. But sucks when its thrown on your plate

@little schooner i see you emoted

this is how you make 100k

its you standing between a city or a public company going down

@hollow marlin i just found out my new team uses jira

kill me

@waxen scroll I'd feel so much pressure if I was just thrown into that

Because I really have no experience with that

But yeah 100k position for sure

im not gonna lie. when i was new and CCNA certified i was under tons of stress for 6 months trying to get my bearings

should've bought the bearings online. just need the 3 size measurements

I see

@little schooner after a while you get this "whatever" attitude

thats KEY

@hollow marlin you know what i mean

<blah> is down! ... -Fine, whatever

vs... <blah> is down! ... -OMG I NEED TO HURRY

😄

That's when cruise control can take over

kinda kinda not

its less about cruise control and more about being used to people screaming

that means you have lots of experience xD

I have to get used to people screaming??

I have a ear ringing issue so it actually hurts sometimes when people speak

figure of speech, i mean they're gonna be on your ass for updates

I know lol

That was my supervisor when I was interning at the same 2 year school

She said not to tell her maybe, I think, or I guess

Say only yes or no to project updates I tell her

I had a habit of not just saying affirmative answers

yeah

thats out of my system for the most part... if i need to say something like "i guess" i follow up with why i say that

often times your manager is getting updates for his manager so you cant be vague unless the answer is truely vague

@waxen scroll jira, they haven’t killed that garbage yet

lol

jira's fine @hollow marlin

When I used it last I hated it. Thats been 6 years ago though

oh that's a long time ago

I use it regularly for work. it has some quirks but it's good enough

you won't know shit until you try Rational Team Concert

then again I also used that 5+ years ago LOL

how do i change my ip with dynamic router

@novel furnace

there ya go

if anyone has solutions

please dm or ping

o.o why would you need to change it

Try unplugging the modem for 6 hours

Or maybe your ISP could help

I mean if you can get a second IP then just randomize your MAC address on the router. Some ISPs will force you to call in to release the old one though

wym?

i can’t get a second op

ip

and what abt mac addresses

i’ve heard u can clone it and get a new ip or smth

ping or dm

Why are you trying to change it anyhow

@vapid dune xbox haxors /s

^

gta modders

your IP is decided by your service provider, it's either dynamic so it changes every 12-24 hrs by itself or it's static and then you'll have to contact them to change it :p

Or it's dynamic and changes whenever you modem has been offline for longer than the IP lease time. (As is the case with my provider)

Yah, in most cases (in the US) the lease time is a few days at least

im struggling with trying to set a static ip and portforward stuff on my linux machine. (Im pretty new to linux, so babying is completely fine) Any help would be appreciated

I know how to edit the router settings for port forwarding, myself and my friends just straight cant even ping the pc. this is for a mc server

@slender zinc How far have you come; Do you have a static IP set on your GNU/Linux box (i assume this is the mc server?)
Has this worked on other platforms in the past; it could very well be that you're behind a carrier grade NAT, meaning you're not gonna be doing much. That is assuming you've portforwarded correctly and it's not working

ive always just used a host, but thanks to some policy changes in my bank thats not an option. I really have no idea what im doing, ive never had to port forward before nor set a static ip

Soo this is a physical computer in your home

indeed

i might have just got the ip set as static, one sec

Alright, before we waste time, can you open your routers interface and log down the WAN address it gives you
You don't need to post it here, just note it down for yourself

Then open https://www.whatsmyip.org/ and compare the two addresses
If they're different then this is a no-go thing, if they match then we're good to proceed

there is not a WAN address, only an ipv4.(this is through a hotspot thing if that changes things)

Your router should be reporting a WAN address, that's going to be an ipv4 address

That's the address between it and the ISP, not your internal network

well then, i have it in that case. definitely doesnt match what "whats my ip" is reporting

What are the first two octets of the WAN address?

100.66

I'm assuming your internal network is along the lines of 192.168 etc

right?

it is

Yeah, don't waste time
This means your ISP is performing NAT along with your own router
Soo a portforward wont go through

Or i set it up wrong. what ip should i enter in the router settings?

This unfortunately isn't user error, rather it's a characteristic of your ISPs configuration
Carrier grade NAT is used to conserve IPv4 address space. It's fine for most applications as you can see, but it makes accessing your own network not particularly practical

Your option would be a cheap external VPS (or your friends house assuming his situation is better) and a VPN tunnel to your physical machine

im unfortunately the only one in my friend group that knows how to manage a server, so I guess no server for me.

You can set a VPN exit node at your friends house that leads to your network
Then the physical minecraft box still exists at your house.

All that really changes is the IP address people use to enter the server; not yours but rather you'll be using your friends public IP.
Other than this option, you can pool your cash together and get cheap VPS to use as the VPN node

the reason im doing this isnt a money issue, its a policy issue. i physically cant buy a server and my friends arent going to download software, ive tried to get them to do it

well then you're shit outta luck
AWS has free trial instances available, though I've never looked into it well enough to know if they're appropriate

As far as policy goes though, couldn't you get a "prepaid" visa or mastercard and pay through that.
Those sorts of cards are appropriate as gift cards, you don't need any sort of bank account to grab them

Their entire point of existing is online purchases, sooo I doubt there's any bank that'd shot itself in the foot and prevent payment from those sorts of cards

I’ve considered the doing prepaid route, yes.

@mystic latch is using port forwarding an option?

hey

does anybody have some knowledge in server hardware

what's your question

is this the right place to ask about random speed issues or nah?

You can, those kinds of issues are almost impossible to fix but people will try their best

ok so my internet speed has always been pretty bad but recently its literally gotten unusable for no reason, i doubt anyone is downloading anything considering its been going on for like 3-4 days so i cant figure out what it is, ive restarted my computer, rebooted the router and nothing has worked, i still dont know if its a isp issue or computer issue but im aiming more towards isp going by the fact that even my phone struggles to open web pages

Well I'd suggest you start by diagnosing your local network.
You can do this through iperf3 tests to test raw bandwidth flowing over, it'll also indicate fluctuations you might need to worry about.
Then I'd turn to good old ping & keep it going between your PC and gateway, pay attention to latency and packet loss, there really shouldn't be any at all.

Assuming your local network turns out fine, I'd go ahead and run ping against something out in the web and look for packet loss there as well.
It might also be helpful if we knew your DNS; perhaps your ISPs DNS is having issues & unless you switched the servers manually to cloudflare or google or whatever, that could be an issue.

Either way, a call to your ISP may be unavoidable

Have you tried calling your ISP?

That and plugging directly into the modem or router

currently trying to configure carp failover on two virtualized pfsense routers. The master is acting as normal however the secondary has set itself as the master for some interfaces (and completely missing out other interfaces). I think it may have something to do with OPTX being a different interface to OPTX on the slave but not sure how to fix it

Slave:

Master:

basically, my question is how can i make sure the interface ports are not synced?

Sorry for the spam. including a few more images to show my problem
Master:

Slave:

wait so how do i reset a dynamic ip

how long do i need to unplug my mdoem

whats your isp?

unplug it until we forget your name

and stop trying to evade bans 😄

oof

blue with the bantz

not bans

its bc a gta modder has my ip

not bc im banned from roblox or something

you going to get a new ip each time you come across a modder?

That and plugging directly into the modem or router
@vapid dune i tried that aswell and nothing changed

what's wrong with a GTA modder?

I mean the only real way to get privacy would be to use a VPN

no, he knows my ip

i do use a vpn now

and invite only sessions

did you get on the wrong side of him or something?

no

then why are you worried

I mean unless you're being ddos'd. knowing your ip isn't usually a problem

he just got my ip

so?

your IP is pretty much sent out every time you visit a website

its a bit concerning and id like to change it

yeah but i dont want another person to have it

how do i change it with a dynamic rotuer

I don't even understand your question

like others and I have suggested. try leaving your modem unplugged for a while

My isp changes the public IP every time I reboot my modem

how long do i unplug

or, change your router's mac address

how do i change the mac address

will that damage it

or fuck anything up

but if you can't get back online. then you'd need to phone your ISP

not sure how many addresses you get with your plan

Just unplug ur modem and router overnight and that should fix it

yeah I had suggested that yesterday

Hm

Did it work?

I mean probably didn't follow the advice

ovrenight?

O

Yes

lol

i did tho...

i dont know if it was replugged tho

how many hours to be exact

"a while"

Oh

Lol

Yeah what kind of router do you have

verizon

there's no number anyone can tell you because it depends on how it's configured by your ISP

verizon

how do i reset a verizon router

but really, I don't think there's any issue. it's just paranoia

So Verizon provides your WiFi?

yeah

Or do you have a separate device for WiFi

Ok

id just like to change my ipo

Give me a few mins @novel furnace and I’ll check

you can search up how to change your mac address, but you might end up with no internet until you phone your ISP. I mean you can write down the old one and change back to it too

its unbelieveably easy to nab an ip

in gta v

Google saves the day once again

lol

what did u search

ive done research on my own but was hesitant to try cloning my mac address

that normally doesn't do anything with my ISP fwiw

“how to change public ip in verizon router”

lol

i cant say the "r word"

Hm

re

release?

renew?

Anyway, try that and @pearl jay me if it doesn’t work

retar

D

he lost the D?

yeah

lmfao i cant say it

Lol

If you want to continue to explore, here is the link to the google search

https://www.google.com/search?q=how+to+change+public+ip.in+verizon+router

oh okay

I’m a small time networking nerd and I never trust ISP provided gear

ok so i dont have any packet loss

o.O

just very high ping

On what

OOo

Have you tried changing DNS

so wait, what happens when i release and renew

does it just cahnge ip

Yes

or could it cut my internet

have you tried phoning it into your ISP @teal parcel

is it safe

no

like will it break my internet somehow lol

i will

what do you mean safe

it'll disconnect your internet as soon as you click release

It basically asks the ISP for a new IP @novel furnace

theyre useless 90% of the time tho

and when i renew?

It will reconnect

you cross your fingers it works

Tf does that mean

lol

Of course it will work

if it doesnt?

why are you so worried about someone having ur ip

you try rebooting the device

Just restart router and it will fix itself

it should

i had everyones ip who was in my lobby once

@teal parcel don’t ask

couldnt do anything with them

lol

so they probably said it as a threat with no actual way to do anything

Tbh I have a ton of open ports and I really don’t want someone to have access

it's not that you couldn't

it's that you weren't creative enough 😄

yea but still

It just leaves you open to possible threats

all of the gta modders i talk to dont even do anything with peoples ip

just threaten them which gets them scared

I recently installed OpenVPN on a ras pi in my house and I honestly just use that to access servers and crap in my house

Did it work @novel furnace

will a vpn get u banned from gta

Nah

okay

im doing it rn

Kk

i was in the middle of a heist prep

Have fun. Make sure none of ur fam is using it

huh

the VPN is to connect from outside your house into your house

not the other way around I assume

Yes

in any case VPNs will slow down your internet most likely

outbound ones I mean

also makes it harder to host games and what not

Super useful because I have a ton of little programs that I wrote that run on a Docker ras pi cluster and it’s useful to access them without port forwarding all of them

huh

my ip didnt change and i followed the steps

ah yeah, setting up an external facing VPN server is worth it

Hm

I use Wireguard for it

What are you using to check it

@novel furnace

?

I usually use http://ifconfig.me/ip these days

i did it wrong

since I can curl it easily

Wdym

https://gyazo.com/298e4ccc7234119aec25c457de1eca13

lol wtf

icanhazip.com

you turned off your DHCP server?

Oops

lol that one returns my ipv6 address

oh nvm

Different IP now?

huh i pressed release then renew

nothing happened

Cuz if you are just looking at what up ur computer has, ima slap myself

lmao

AHH

thanks guys it changed

You don’t have to give us the full up but, does it start with 192.168??

Ok good

you guys are so fucking helpful

Np

just google it next time.

no it doesnt start with 192.168

Ok good

it starts with 173

Good

good luck piecing together the rest of my ip 😉

oh now we know 1/4 of your IP

that was so easy

Now it’s changed

Cool

dont piss off any more modders

Now use a vpn whenever

it's probably .242 or .216

wrong

that was easy

oh .227

wrong

Since gta v is single player, you should not get banned for using a VPN

oops you said 173

I typed 174

gta v is multiplayer...

the problem isnt making modders mad its that most modders are low lifes who have no job so they threaten people online

what are you doing blue

just saying

173.76

👀

no

yall are wrong

stop trying to find my new ip

I recommend windscribe or, the segue to our sponsor, PIA

192.168.1.1

gonna go with .70

ha no

nope

stop guys this is creepy

👀

Lmao

Time to bring out the good old wire shark boys

i have mcafee for an antivirus

:eyse: my fave emoji 😌

you cant wireshark me?

Kill me

that doesnt help

IK jk

wireshark just sniffs packets

in a gta lobby when u use it

it just tells u every address connectefd

not who

Yes but it’s super fun to use use in coffee shops lol

heh

lol yeah

i have mcafee for an antivirus
i meant this doesnt help @pearl jay

i have mcafee antivirus

and it has a built in vpn

i have premium if that helps with anything

lol

mcafee is junk imo

So I just signed up for a cyber security camp and it’s like “what is a vm? What is Linux?” For no joke the first two days

yeah

i have premium

And I’m like bruh

so i use it

guys, will i get banned from gta online for using a vpn

OMG

We answered this 4 times

No

not likely

Unless u cheat

but I mean you can be using an IP that is banned with a VPN

ok great

wait what

it's not like they have unlimited IPs

Billerica? im not stopping

if that happens what do i do

no lol stop trying to find my ip

stop trying to get my ip

Go sniff packets elsewhere @cedar igloo

https://tools.tracemyip.org/search--state/massachusetts
not sure how accurate this is, but it seems accurate

ur wrong

ok. im stopping

can you guys stop trying to find my fucking ip like holy shit

everything you have said so far was wrong lmfao

wait if im using a vpn and the ip is banned, what do i do

You disconnect and get a new ip

and hope that it isn't banned too

if it is banned, will my account be banned

My juicy 4 node docker cluster

nice, what kind of PIs?

ooo fancy

what's on the bottom?

ooooooo

2x pi3b+

2x pi3

if the ip im using is bnanned from gta v does my account also get banned

in the white case?

It’s a 100mbit network switch

ah

why no gigabit

And a charging hub for 3a power delivery

Um

wait guys

Well u see

if any of you play gta v

if im using a banned ip, will my account be banned

that's up to gta v

I was dumb and bought the cheapest switch online and realized that it was only 100 mbit

ah lol

gigabit switches are pretty cheap

Ban is per account not by IP

oh okay

depends if they want to prevent people from using VPNs or not. some services do that

Ok but I was on a $50 budget and this was back when 8gb sd cards were $8 each

ah lol

no PXE boot?

or USB I suppose

Ik. I’m debating over wether I do that

I guess sd cards are cheaper than usb

Yeah

but PXE is nice

I'm using SSD on USB for my Pi lol

no stack

But I’ve had issues with some Sd cards corrupting and causing hard lock

yeah I was worried about the longevity of SD cards

so I wanted off of them as soon as I could

you thought it was ip address

but it was me

dio

But what’s nice is whatever docker containers were running, automagically get recreated on the working nodes

So you maybe have 10s without that container before it’s recreated

ah huh

If any of you are bored one day, learn docker

I'm mainly using mine for pihole

It’s suuppper useful

Yeah I have pihole on it

that and wireguard, openvpn, freeradius, uhh

oh the UPS monitoring too

Yeah you could legit move all of that over to docker

And you would be set

docker is definitely nice. not for wireguard though

alr ty guys

i got a new ip

and ill be using a vpn from now on

Cuz it’s a pain when stuff conflicts and docker isolates each program and exposes only network ports

Cool

Have fun

setting up unifi on docker took no time at all

bwees, have you tried k8s?

IKR

No

aside from the macvlan I wanted to do

that took time

I’m using docker swarm

i want to learn k8s but docker is much easier

But I’m debating over switching to k3s

creating images i'm fine with. just creating the yaml files for kubernetes i dont get

also, i highly recommend docker UCP on docker swarms. 3 month trial but you can use it without updates forever

gives you level 7 routing to services

Yeah if you aren’t already using it, use Portainer for general management

tried portainer, but you can do everything and more in ucp

Yeah

Honestly ima downscale the cluster to 2 nodes

Just not using all of the nodes

no ha if you do that

Ha?

you need over 50% of managers alive for high availability

Oh.

so the containers wont be transferred when one node goes down with 2 nodes

I was just going to remove the 2 nodes from the cluster

Yeah My cluster doesn’t run anything too mission critical so i really don’t use the failover

But what’s nice is whatever docker containers were running, automagically get recreated on the working nodes
@pearl jay ^

i should be good if i use a vpn from now on?

And tbh docker swarm has bees rock solid so I haven’t had to use that

and i can easily change ip

Omg yes

only problem ive found is the nodes sometimes dont report status/resources for days at a time

Yeah

Idk. Tbh I have 14 ras pis so

2 for emulation, 4 in cluster, 2 running octoprint, 2 for other projects in progress, 1 in pi top, one as a regular desktop for my sister, and 2 in mintyPis

oh. didnt realise you had 4 in the cluster. thats an unusual configuration. removing one will still make it all highly available

All custom parts btw. Thought I was going to be cheap and do it diy but 3 months and $100 later, it would be easier to buy the kit

lol 14 rpis?

Ye

3d printed everything?

I’m constantly trying to buy rpis off of tech illiterate friends and classmates for 10-20

Yes

was over 20 hrs of printing prototypes

And about 40 hrs in cad

But I use it constantly

And it’s a great conversation piece

impressed. i struggled laser cutting a box. dont know how i would 3d print that sort of stuff

Been printing for abt 6 years and just got a desktop CNC mill so it’s been super nice making my own PCBs

so many rpis

And tbh the hardest part is I made the PCBs with perfboard and jumper wires

Prepare for cable management hell

This is about halfway through

assuming you learnt this stuff in college or something

Nope. I’m in middle school doing all of this self taught

Just finished first year of high school

sounds fun

Yeah

i dont know american school years. what age is high school?

14-15

pretty easy to turn that hobby into electrical engineering type of study later on

Score

Yeah ima go into computer science because tbh I hate electrical work. Software is my fav

That moment you find the 10 missing cat6 cables that were under ur bed

Ack

Phone about to die

lol

Joys of rocking a 6s

comp sci is good too

that's what I went with

software is great 50% of the time. when you are typing, its fun. when you stare blankly at some code, its torture

Yep

lol

I prefer designing the software

I mean putting it together is fun too

Spent 8.5 hrs last week programming something that would stream a video file at given time

Ffmpeg was sworn at multiple times

I stream a movie to my friends every week on a private server and it was a pain to setup OBS every week

you could probably set up something using cloudflare to leverage their bandwidth

Some would call it piracy but I say that when you want a movie night during corona, you gotta do what u gotta do

Fun fact it all runs on my cluster

I love python when you don’t have tab issues

I just share stuff out of my nas

Yeah but we wanted it to be live so I jumped through 15 hoops to get that to work

I put python down with LISP for languages I like

I know the prof that wrote practical lisp textbook

He gave me it when I met him one time

And tbh I didn’t understand it cuz I was 10

lol lisp syntax is awful

Ye

It’s like brainfuck

Yes that is a real prog Lang

c# is my go to language. tried python in school but all the _ _ main _ _ and _ _ init _ _ stuff didnt make sense to me then

I'm mostly in the web dev side of things

my go to is typescript these days

cant stand it honestly. tried angular 9 but its error after error lol

I haven't tried that

mainly use vanilla at work

hello everyone! i come here today to ask if anyone knows a way to set a DNS setting to a pi hole on my network. sorry y explanation is bad but basically Virgin media doesn't allow you to set custom DNS settings on your router it can only be done on a per device basis. is their any other way of bypassing this and not by buying a router to replace it? -please say if you dont understand my England is very bad even though its my first language and i come from england

pretty sure the virgin superhub 3 has the option

if you can't override the DNS server on the router

you can switch off the DHCP server and use pihole's DHCP server

otherwise, you're stuck with setting the DNS server manually on individual devices

nope, i was wrong. looks like this thread has the same solution blue mentioned https://www.boards.ie/ttfthread/2057865286

thank you, i will now have a look into this!

i am currently running pi hole on a rpi zero. do you think it can handle being a dhcp server aswell?

probably fine. I hope it's wired

dhcp doesnt use much resources

yes although 100mbps limit of the usb2

ah ok. thanks

that's fine, it's not resource intense or anything

in terms of traffic. more so you want it to be reliable

so avoiding wireless is better

will this limit of 100mbps to the pi slow down the internet speed (300mbps) to the devices?

it shouldn't

excellent!

thank you both for your help

the one thing that is a drawback is that if your pi is offline you have to hard code your devices IPs. so keep that in mind

i doubt the pi will go offline as powercuts are very rare where i live (touch wood) however, i will bare that in mind thanks

power cuts will disable the router anyway, so that wont really matter

I mean more so if the pi can't be reached or dies

oh fair enough. i can always juxst turn the dhcp back on on the router?

yeah, just have to hard code your ip on the computer you're using to connect to the router...

and remember that's what needs doing lol

worst case you can just reset your router though

true

i know this is not right chat to ask in but, do you have any suggestion on 4u cases?

it's a fine one to ask lol

depends on your needs

what do you need in a 4u?

just a gaming build

that i plan to put in a rack when i get my own house😂

you probably want to get one with lots of space and front fans in that case

yep, i want as much airflow as i can

i dont care that much about storage

and then probably a regular ATX PSU?

yea i have a gamdias cyclops x1 1200w for now

rosewill doesn't make good cases but I wonder if you can remove the drive bays in this https://www.rosewill.com/product/rosewill-rsv-l4500-4u-rackmount-server-case-or-chassis-15-internal-bays-8-cooling-fans-included/

oh they have a mining case https://www.rosewill.com/product/rosewill-rsv-l4000c-4u-rackmount-server-case-chassis-for-bitcoin-mining-machine-supports-68-graphic-cards/

rosewill doesn't make good cases but I wonder if you can remove the drive bays in this https://www.rosewill.com/product/rosewill-rsv-l4500-4u-rackmount-server-case-or-chassis-15-internal-bays-8-cooling-fans-included/
@vapid dune you can remove them

I was thinking of something like that though

so you can mount a rad if you want

at the very least. it has large fans

the back ones kinda suck

yea

the only problem is that i can only do a pull config bc of fan mounts spacing

huh?

you want the air going in at the front

no, that s not a problem

the only problem is that i can only do a pull config bc of fan mounts spacing
@pearl patio can you not just flip the fans around

???

any one familiar with using a cloudflare domain as a reverse proxy

what do you mean as a reverse proxy?

I use it to provide ipv4 access to one of my pi via ipv6

i wanna use it so that you cant just throw my domain into a iptracker and get my house ip\

oh

sure? you just turn it on

it only works for curtain ports

mainly http an dhttps

yepp and one i want to run doesnt run on those as default

https://support.cloudflare.com/hc/en-us/articles/200169156-Identifying-network-ports-compatible-with-Cloudflare-s-proxy

there's a few more ports

yep doesnt run on any of those as well

can't you remap it on your router?

so funny. they have "cloudflare spectrum" which has pro that gives you ssh and minecraft

business which adds rdp, and enterprise which is every port

i can remap one but if i do it to the outher then you have to add the port when you attempt to connect

what about this @dense karma https://portzilla.networkchimp.com/

there's a cloudflare reverse proxy too somewhere

ah it's this https://blog.cloudflare.com/a-free-argo-tunnel-for-your-next-project/

that might be very usefull

When I turn my comp on, my internet shuts down.... For the whole house

Someone said to go to the network tab... Sup network people

Have you messed around with settings on your router?

no

no one

lol

is your IP address on your computer set to automagic?

@clear igloo https://www.reddit.com/r/networking/comments/hk2482/downvoting_innocent_questions/

1: Rule #4: No Low Quality Posts.

Really /r/networking? This post stays.```

lmao

lol

r/homenetworking complaints too

except the thread the dude linked has nothing to do with homenetworking

for the lazy: https://www.reddit.com/r/HomeNetworking/comments/hhwv4g/need_help_enabling_squid_sslbump_on_ubuntu/

haha

i gave up on helping reddit communities at all

like i try to get flair saying im a pro or whatever and the mods dont even respond

i deleted my reddit account and made a fresh one. no more posting

😄

lol

What is multicast? Should I enable it on my router

nope. leave it alone

Sure, Thanks

but what is it?

if you aren't using multicast leave it alone

instead of broadcasting and flooding the network devices can subscribe to a multicast stream and the broadcast is limited to those devices

pretty much nobody is using it on their home network. you would know if you needed it

ohh ok

Thankyou

we barely use it in enterprise IT as it is

I thought certain IPTV providers use it

I mean really I'd just put a switch and keep the tv boxes on their own network at that point

they might but thats configured on their own hardware i think

i need help

@waxen scroll do you think I should disable multicast v3 on the unifi access point?

I am not using multicast in this network

Disable multicast and lose some services. Chromecast, spotify remote play, yada yah

@hollow marlin I wonder if roku would be on that list too.

I am able to connect to it easily from phone

Like as if it's being discovered

@waxen scroll mDNS 😄

yeah I had to enable the relay stuff to get my Chromecast working at home

@clear igloo oh that's the .local stuff isn't it?

And a reason not to use domain that ends in that

use your own domain is best

i never said disable it on your switch/ap

lol

you dont need multicast to the WAN in a home network

how can i use modem on router? will i just need ethernet to ADSL adapter?

what?

anyone tried nested openvpn connections? my home router has openvpn enabled, and my homelab firewall has it too. My dad wont port forward to my firewall so i need to somehow connect to my homelab vpn through the home router vpn on my android phone