#networking

What do you even do with that speed

everything

Yeah but I mean, does anything even use all that bandwidth?

host my own server like VPN. seed linux ISOs

I use > 1TB/month but that's not a lot

Nah, we use 2.5TB in this household a month and I only have 400Mbps

I just leave the box running since they want me to maintain ratios

for the Linux ISOs?

my ISO is too smol if you know what im saying

I prefer to have high upload speed because then I can use my home as a great internet point for backup and file sharing

I don't have money to pay for hosting I may not even use all the time

Question. I had a website I was running locally so I made a DNS record on my ad box so when i typed in the url it took me to the box. But now I am moving the box externally but I can't find the record to delete it. Is there a way to query all of my records and know where it came from? I did the nslookup and I know it's coming from that box, but I just can't find the record.

Figured it out. pfSense was overriding the DNS lookup.

What's the pfSense plugin that tells you which devices are using bandwidth?

dunno, this is a ubiquiti chat

my internet shuts off every day 2-3 times

They come and ‘fix’ it but never actually fix it

Anyone know what the reason might be, I’m not using Ethernet but it’s the actual internet that turns off

Your router probably needs to be replaced

Phone's don't drop the wifi icon for lack of internet

It means the signal disappeared

@open coral you still need a real router for gigabit speeds. asking new people wont' change that. lol feel free though

huh?

@open coral ditch the cat 7 cable and get a better cat 6 or 6a cable

All solutions will cost money. Engineers who showed you have company laptops that were setup correctly

They didn't cheap out on their equipment to test before they left

So you should do the same

Anyone here got experience with Mikrotik routers? and RouterOS?

@severe tendon Mikrotik is one of the best brands in the market, but the RouterOS is a mix of bag

😭

ok?

looks normal

I have this program called svchost running in windows it’s taking too much network speed like 7mbps

Can I remove it

it's windows update

Wait so if I update windows it won’t consume any network

@misty terrace

i guess so? there are weekly updates, tho

Where can I see these updates

@misty terrace

Can I finish them once instead of keeping it running every second

Like once in a week

leave it as is for 30 minutes or so, it will finish sooner or later

Okay thx but are u sure it won’t consume any network after that cause

when it needs to download updates, it will

I’m sorry it took me time to find the right page @misty terrace

https://blog.pcrisk.com/windows/12855-svchost-is-causing-high-network-usage

it's telling you to disable updates. not suggested

So should I do it

U think I shouldn’t

Yeah I’ll do that

leave it alone, let it go for what it needs

it's matter of 30 minutes every week

Btw thanks u have been helpful

np

To make the problem not as bad, buy faster internet

I disable updates

Anyone know any tips to help with wifi speeds on a mesh network? I pay for 500mbps but by time it gets to my pc it's only 150

if I go right next to the main router that's plugged into the modem I get 450 which is good but it just drops off

i've got the eero 3 pack mesh thing btw

that's because it's mesh

https://evanmccann.net/blog/eero-pro-gigabit-mesh

"Even in ideal circumstances, don’t expect higher than 500-600 Mbps to a single device with an Eero Pro system. If you are connected to a mesh node, it will be lower. 200-300 Mbps is a more realistic expected speed for a 2x2 Wi-Fi 5 system like the Eero Pro. Trying to get gigabit speed from one client is not a good assessment of Wi-Fi quality. Where Eero shines is in overall stability and performance of the network."

hi there, just bought a TP Link N300 to get a wifi connection for my PC. turns out it sucks and the fastest speed i get is 1mbps. Are there any similar USB solutions that would plug directly into my computer that would give me a better connection?

My router is dual band directly from my ISP and my network plan is 100mbps max speed (ish). I really don’t want to have to either drill a hole in my floor or run an ethernet cable around my entire house, so i’d like something relatively cheap and easy to set up that would let me connect to the internet on my computer.

The reason it didn't work is that usb is finicky for use as a wireless adapter connection and not as reliable as an internal one. But I think I used a rosewill ac 1600bcu (I think they don't sell it anymore) and that seemed to work fine. Also distance from wifi access router plays a big factor

Avoid the adapters that advertise as wireless N. Get one that advertises wireless ac instead @wary sequoia

so should i be looking at a PCIE wifi card instead?

@little schooner

Yes they are more reliable in my experience

@wary sequoia I have a cheap one I got on ebay for like $15 and it works great. It's a pcie card and I would avoid a usb one as they are literal shit

okay then, thanks

https://cdn.discordapp.com/attachments/236535515334180874/746968303083323392/b2x6o6uo5hi51.jpg

bought a tplink ac1200 wifi extender, works perfectly. all i need now is a pcie wifi card. anybody know if Ubit is a brand i can trust? It’s a bluetooth and wifi PCIE card for £20.

let me find the one i have, it was like $12 and works great and has bluetooth

https://www.ebay.com/itm/283891709666

okay, we fixed the problem entirely. got a tplink re385 ac1200 range extender, got two of them in my kitchen and one in my room. got an ethernet port directly to my pc now.

yeah that may be better than a wifi card

I have a good WiFi but the ping is very bad on any server

After doing some research I found out

That the traffic is being routed to another country

Because recently another company bought our network service provider

Is there a way to change the routing path

open a support case

they have to change it

We did there is a entire forum on it

In my locality not many people game

So ING doesn't really matter to them

Ping

Can server boosters like haste.com help me in this

Internet

its possible but you should verify the IPs of haste first because if your ISP sends the traffic to the same path as the game I dont see the point

https://youtu.be/kqnvrjgyEMc

Will this help

switch ISPs o.o

^

does anyone know easy way to set up a managed network switch

define set up

got my isp coming on 5th to set internet up needing to now if i can plug things in and of i go or do i need to go in settings to do it to swap to non manged if have that mode or t make sure port work

yes but what are you trying to do...

@waxen scroll did you get your starlink satellite yet?

Nope

I can't switch ISP cause they have a lame rule by which u have to have a certain no of people using that isp

And in my area everyone is using the same isp

So we don't have any other option

@thick minnow what country is that?

India

hm thats an interesting requirement

@little schooner Problem time :D
1x 20 foot Cat6a cable
2x Female-Female couplers
1x 1 foot Cat6a cable
1x 7 foot Cat6a cable
1x 10/100/1000/2500/5000 capable AP
Attach everything together and plop it down by the switch and the AP stays up at 5Gb/s for days on end, no issues/reboots/etc.
Run it through the ceiling using the same cables/couplers/etc. and the AP can no longer achieve 5Gb/s and needs to drop down to 2.5Gb/s to not reboot randomly.

@clear igloo which ap is that?

@clear igloo also, are there any critters or ants that could be eating the cable?

But I think it could just be a software problem

@little schooner Catalyst 9130 and Meraki MR56
No critters, this happens within the first few hours

Because it's rebooting

Well it reboots because the link speed changes

Hmmm

So it's like it has a periodic negotiation failure

But for it to work fine elsewhere is baffling to me

Yeah.

It fools me too

I even replaced the cable once, inspected the old cable and no issues

Which (thankfully) rules out critters 🙂

@clear igloo you had access to a cable certifier?

Nothing official but these were pre-terminated runs both times just to be safe since it was a short distance

I can do cable length tests from the CLI though and everything comes back fine

Hm

Well the only problem I experienced when my router link was downgrading from 1gbps to 100mbps was the cable quality.

https://community.cisco.com/t5/networking-documents/how-to-use-time-domain-reflectometer-tdr/ta-p/3119327
For reference if you want by the way

But if you verified it then hmm

Yah, I would expect the quality to show up before I tossed the cable through the attic

Yeah

and no emi anywhere near it either which was my other thought

Did you try another Meraki ap?

Yup, two of each (Catalyst and MR) and every time the problem shows up

It isn't a known compatibility issue with both devices right?

I'm running out of ideas

It is not, I even tried two different switches

I see

Yah, one of those wtf problems 😄

Yeahh no doubt

I mean if I ONLY get 2.5Gbps of throughput for all my wireless clients I guess I can deal with it 😛

Maybe come back to it a month or two later

Did you try forcing negotiation?

Yah, it's been stable for ~6 weeks at hard coded 2.5Gbps so something is up only with 5Gbps hard coded and it could be some weird issue that nobody has seen yet.

@clear igloo and 5gbps is fairly new. Wonder if it could be flaw in the chipset or something

I need to try and get it in the lab to open a TAC case but this is personal gear so I'm not going to have the BU poke around in there :P
Yah, that's my though, chipset issue possibly or I'm really unlucky with the cables

Yeah

And maybe unfiltered noise or lack of shielding inside

Yah, just enough to cause 5gbps to flake out

Yeahh

@clear igloo did you get that Meraki for free or how much did you pay?

I see it's an ax one

Wish unifi could make some

I know they have some pre-released ones or something

Blob mentioned it at one point but I don't think they were certified. Probably waiting on 6E standard now

Oh right. 6E is still coming

how good does your internett have to be too watch 3 4k streams

at once

Netflix streams? Probably ~75Mbps. I think they recommend 25Mbps for one

What's the source?

wdym

Where are these streams coming from? Netflix? Plex? Hulu? etc

ohhh just netflix

I would say 75Mbps to 100Mbps to be safe. It will probably us around 20Mbps per stream

ok

thhnx

25mbps can run 2-3 4k streams with a buffer. Might be annoying but the streams will balance out after a few seconds

Ok, for some reason, I’m having issues configuring my router to be able to do its normal dhcp of the private network as well as handle my block of static public IPs. So I’m thinking I may meet a different router. Any suggestions on the best router for the job, or should I look into putting DD-WRT on the existing router to accomplish the task? Existing router is a Netgear R6500 series if I recall...not near the router to verify right now. My ISP is Cox Communication. I have a business plan.

what are you doing with the static IPs

are they just for natting?

I’ll have them pointed to various machines for various tasks. Ie: web server, mail server, etc...

but NAT right? you dont actually want it assigned directly to the server?

it sounds like you arent natting and thats why it doesnt work

Ok

I’ll look at that this evening

i dont know anything about the netgear GUI. you need to assign one IP from the block to the WAN interface and then configure natting for each server to their other public IPs in the block

if you want to assign IPs to the server you'll likely need a new router. not only that you will need a /30 or /31 subnet from your ISP and ask them for routing ontop of that

im sure they will on a business plan. on a consumer plan they will get extremely confused and you wont get anywhere

@dusty epoch no, it should maintain the same speed

Yeah

@dusty epoch if it meets the CAT standard, like cat5e certified, it will be 100m at 1gbps

Anything beyond that the speed starts to drop or signal is so poor

@dusty epoch well they are really copper cables, but the Ethernet moniker is associated with them. Ethernet cables have a CAT rating yes

Higher the cat, the more shielding and distance the cable can do

I have a bit of an issue on my hands. My house was recently struck by lightning which caused my modem to die. I went out and bought a new modem in hopes it would resolve the issue. When I came home, I set up my modem and contacted my isp. When I went to check if it was working, only one of my computers would receive internet. Both of them were connected to the modem via Ethernet. After fiddling with it for a while, I noticed one computer would receive internet, or neither would. I have no idea what could cause this issue.

Sounds like your modem is bridged, or you also had a router in between your PCs and the modem, or your old modem had a router built in but the new one doesn't.

I have a router, I’m not sure if it is working correctly because of the power surge. I don’t believe either of my modems have a router built in though.

Gotcha. I would potentially replace the router then too, bur if you want to test it first, perform a factory reset of the router, then power cycle everything. The modem, then router, then reboot your PCs and connect them via ethernet directly the the router.

Alright

Assuming the router is then connected directly to the modem via ethernet. So from the wall, your drop cable feeds the modem, the modem connects to the router, and the router connects to both PCs. (Unless you've got some other kind of setup. Let me know. 😎)

Right now I have both computers connected through a switch. I have verified that the switch does work. I have already preformed a factory reset and power cycle too.

Erm so a switch is going to straight passthrough your computer's to the modem, which will require as many IP assignments from your ISP as you have devices plugged into the modem, sans unmanaged switches.

This explains why only one of your PCs comes online - unless your ISP has provisioned multiple IPs to your modem, it can't assign more than ONE IP to the first device that's plugged into the modem.

Alright

Thanks a lot I really appreciate it

for the future, have a line conditioner, and a UPS

both prevent surge based problems

I did have my printer, computers, modem, and router, connected to a line conditioner, but only my router and modem were affected

My computers and printer seemed to be perfectly fine

(Oh sorry, it sounded like I had both computers on one power conditioner, I have one computer on a line conditioner and another on a different line conditioner)

remember line conditioners are not necessarily surge protectors

sometimes they can be both

networking operations are so dependent on a good power source :/

I know both power conditioners were surge protected

I made sure of that when I purchased them.

The other gotcha is ethernet and what not

It can surge across it

Especially if you have wired outdoor stuff

if the switch is behind surge protection, it can't

I mean through modem that's coax to router and to computer

Just as an example

Depends really on the path to ground

I moved into a new place with 2500 sqf space with cox fiber, I've been having problems with my current router so I think it's time for an upgrade. I've been looking for a future proof with 2.5g port and wifi 6 and was wondering if you guys had any recommendations. something that could handle 4 streaming tvs 4 phones my computer and gaming. I found a few but still am looking.
https://www.newegg.com/tp-link-archer-ax6000-ieee-802-11ax-ac-n-a-5-ghz-ieee-802-11ax-n-b-g-2-4-ghz/p/N82E16833704408?Item=N82E16833704408
https://www.newegg.com/netgear-rax80-100nas-2-4-ghz-ax-4x4-1024-qam-40-mhz-up-to-1-2-gbps-5-ghz-ax-4x4-1024-qam-160-mh/p/N82E16833122998
https://www.newegg.com/asus-gt-ax11000-ieee-802-11a-ieee-802-11b-ieee-802-11g-ieee-802-11n-ieee-802-11ac-ieee-802-11ax/p/N82E16833320264?Item=N82E16833320264&Description=ASUS ROG Rapture GT-AX11000&cm_re=ASUS_ROG Rapture GT-AX11000-_-33-320-264-_-Product&quicklink=true

consumer routers won't do what you want

just get unifi stuff if you want simple stuff that can do gigabit

I would love to build a home network with unifi stuff, I just never dealt with it so I wouldn't know what to choose.

I mean you said you want 2.5G and wifi6

I wouldn't invest in wifi 6 yet tbh

and 2.5G I guess is a stop gap but there's not a lot of equipment available. I don't think unifi has any of those

10gbps would be future proofing, not 2. 5G

Using a single wifi router is not future proofing either

Anything over a gig on wifi 6 is pretty much a moot point. Only use cases for it are a device or two only connected to the AP. In an enterprise setup, gig is still only a dream.

in an enterprise setup you can have 10,000 employees on a 1gb internet

haha moot

i wanna tell her that I love her but the point is probably moot

@waxen scroll wow the DNS issue I was complaining about early this month or last month turned out to be a feature of chrome

https://arstechnica.com/gadgets/2020/08/a-chrome-feature-is-creating-enormous-load-on-global-root-dns-servers/

On how I was seeing all these random domains trying to get resolved and slowing down my file explorer performance

👺

Ars technica comments....god I hate them

@clear igloo TIL about acisim

downloaddinggggg

~35gb

some how my work account has access to it

#lucky

Nice, ACI Sim is cool from what I hear

seems like i have to dust off my server. it claims only vsphere is supported. might try in player first tho heh

Does anyone here have experience with large zoom calls of 100+ people? Would a YouTube stream be a better option if my network speed is slow? I just don't know how well zoom handles 100+ people and considering I'm steaming an event, I don't need to hear or see other people

as far as im aware with all of these services its like twitch where you stream to a server and the 100 people get it from the server

So zoom would be okay?

yeah

Would YouTube be better than zoom for this or is zoom preferred?

if you dont need to talk to people then youtube is probably easier. with zoom everyone needs software

Hi I pay for 1giga bit Internet but I ran in some 5k so I want to make a server rack to hold a new/non rented Modem and router +any thing else I would need to do this. What product do I need and should get. Xfinty

https://www.amazon.com/gp/product/B003K1NFY4/ref=ppx_yo_dt_b_search_asin_title?ie=UTF8&psc=1

is on the xfinity compatibility list and I use it

You buy a rack and assemble it

made out of ikea lack tables

@clear igloo its like he read my private message

@waxen scroll what do you mean by its XFinity compatible?

Also I should invest in a cabinet like that

Looking for a reason to get rid of my wire rack

@little schooner it can fit all xfinity modems!

A rack is on the Xfinity compatibility list?

Anywho, you're going to have a very hard time finding consumer-level rack-mount cable modems. There is this, (which I personally want to do someday): https://www.thingiverse.com/thing:4050856 but pretty much any rack will do as long as it is wide and deep enough for what you are putting in it.

i use 0U shelfs for modems

I personally recommend Ubiquiti products (non-sponsored!), which can handle gigabit network connections.

Any idea on diagnosing wtf is going on w/ my comcast connection before I call them? Internal pings over wifi between systems is 1-2ms, but practically any new connection drops packets like mad: ```
$ ping amazon.com
PING amazon.com (176.32.103.205) 56(84) bytes of data.
64 bytes from 176.32.103.205 (176.32.103.205): icmp_seq=6 ttl=225 time=154 ms
64 bytes from 176.32.103.205 (176.32.103.205): icmp_seq=8 ttl=225 time=57.4 ms
64 bytes from 176.32.103.205 (176.32.103.205): icmp_seq=9 ttl=225 time=61.7 ms
64 bytes from 176.32.103.205 (176.32.103.205): icmp_seq=10 ttl=225 time=62.8 ms
64 bytes from 176.32.103.205 (176.32.103.205): icmp_seq=11 ttl=225 time=58.6 ms
64 bytes from 176.32.103.205 (176.32.103.205): icmp_seq=12 ttl=225 time=62.2 ms

This is making DNS time out sometimes, and generally everything feels super bad.

whats a traceroute say?

$ traceroute amazon.com
traceroute to amazon.com (205.251.242.103), 30 hops max, 60 byte packets
 1  192.168.1.1 (192.168.1.1)  1.406 ms  1.386 ms  2.651 ms
 2  cm-1-acr02.fortcollins.co.denver.comcast.net (96.120.13.77)  280.648 ms  284.398 ms  287.062 ms
 3  ae-152-1209-rur01.fortcollins.co.denver.comcast.net (162.151.38.101)  287.946 ms  290.015 ms  289.984 ms
 4  ae-33-ar01.denver.co.denver.comcast.net (68.86.103.37)  290.890 ms  374.510 ms  374.860 ms

cut off early, it's running still

OOF

ping 96.120.13.77 constantly. does it drop packets?

^What IP is that?

hop 2

$ ping 96.120.13.77
PING 96.120.13.77 (96.120.13.77) 56(84) bytes of data.
64 bytes from 96.120.13.77: icmp_seq=1 ttl=254 time=415 ms
64 bytes from 96.120.13.77: icmp_seq=4 ttl=254 time=11.8 ms
64 bytes from 96.120.13.77: icmp_seq=5 ttl=254 time=9.61 ms
64 bytes from 96.120.13.77: icmp_seq=6 ttl=254 time=13.3 ms

I'm blind. 🙂

looks similar, drops the first few

ok, so its either your modem going bad or a line issue. in my experience its a line issue

just had comcast out yesterday, and the modem & line got looked at and are in spec.

in theory at least...

my last issue was a bad port on their splitter in my yard

the line might test OK but the splitter could be crap

wouldn't that show up in the router's SNR and similar metrics? Those look right

I'm not too familiar w/ how the coax side of all this works

not sure. i dont work with coax or modem diagnostics

so time to call them again. This is super annoying

i dont think the SNR live updates

if its small cut outs its hard to tell IMO

its not enough to make the modem go out of sync or whatever

my SNR has decimals ...39.6 dB

i keep refreshing and no change on any of the 30 values

i'd imagine with a decimal I would see a small .1 bounce somewhere

For most cable networks, you want an SNR above 30 at the minimum, so the closer to 40db the better. Of course, this assumes your Receive and Transmit levels are within spec too.

I'm sitting right at 40db on all the different frequencies, the mw numbers seem reasonable too with what I googled. It's gotta be either an intermitent wire thing, the modem is going bad, or the router on the other end is overwhelmed somehow

it's so consistent that the first packets are slow & dropped, then the rest going onward are fast (in a ping).

how long have you pinged? when it happened to me i would drop for long periods of time and then it worked fine for a while with a few drops in between

$ ping google.com | tee ~/google.ping.log
ping: google.com: Temporary failure in name resolution
$ ping google.com | tee ~/google.ping.log
PING google.com (172.217.1.206) 56(84) bytes of data.
64 bytes from iad23s26-in-f206.1e100.net (172.217.1.206): icmp_seq=3 ttl=116 time=149 ms
64 bytes from iad23s26-in-f206.1e100.net (172.217.1.206): icmp_seq=5 ttl=116 time=19.9 ms
64 bytes from iad23s26-in-f206.1e100.net (172.217.1.206): icmp_seq=6 ttl=116 time=13.0 ms
64 bytes from iad23s26-in-f206.1e100.net (172.217.1.206): icmp_seq=7 ttl=116 time=15.8 ms

Off to a strong start

its really weird how its the first few every time

at 120ish pings now, steady in the ~15ms range

Yeah I'd be looking into what DNS settings you've got, because it seems like your first DNS isn't resolving domains, so it falls back to your secondary DNS.

it happened when pinging an IP too

but I see it when pinging an IP addr

whats pinging your router do?

$ ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
64 bytes from 192.168.1.1: icmp_seq=1 ttl=64 time=0.961 ms
64 bytes from 192.168.1.1: icmp_seq=2 ttl=64 time=0.724 ms
64 bytes from 192.168.1.1: icmp_seq=3 ttl=64 time=0.931 ms

no issue

how about 192.168.100.1

well, I have Wifi Router <=> Ethernet to Comcast Modem in bridge mode <=> ... comcast network

100.1 isn't an addr on my network. The comcast modem is 10.1.10.1, but doesn't appear to respond to pings?

in bridge mode it might be 192.168.100.1

no response there. I can get its web interface at 10.1.10.1, with its normal embedded crap slowness

bleh

right? I'm very confused at what's going on.

I have a meeting soon, but then it's a comcast call at this point. At which point they'll not trust any debugging I did, and want to send a tech

last thing to try is to plug directly into the modem 💁

fair. I will give that a go in a little bit

@balmy lance test with 1.1.1.1, 9.9.9.9, and 8.8.8.8

getting those responses for a hostname are somewhat normal

given the current time of year and current global situation

HA configurations are under a lot of stress

if you see a packet drop it's probably because something overheated and is switching to a different region

It's still the ISP's fault. It's their problem for overselling and now customers are actually using what they pay for - and not even at the max of what they pay for.

I have been getting this odd page for two days

I am not an opendns user and I can't understand why I am facing with restriction

first my browser warned me about unconfirmed SSL

I tried to bypass by click on the skip button

@topaz quarry if you see a packet drop it's probably because something overheated and is switching to a different region I have yet to see someone use that as an excuse for packet loss.

it happens though

sometimes it happens transparently

but sometimes the switch takes more than 1-3s

does my ISP restricts the website?

probably not

Do you think my IPV4 address is causing the conflict?

I can't even use VPN and it is giving the same result

no

something is not right

I am not network savvy if you have any idea about conflict please let me know

same shit time out

LOL

DONT LAUGH 😂😂😂

yer parents don't want you visiting in your spare time 😉

just a sec ago I have restricted bcs I text "only*ans"

but you probably have your DNS set to opendns blocking for some reason?

did you mess around with some DNS stuff recently

I don't use the dns of ISP supplied

SORRY WAIT

vice versa, I do use ISP dns because it is the fastest one

oh gawd

and im guessing your isp uses opendns with filters

%99 that's the issue

thank ya folks, lemme play with the dns configuration and I'll be back

huh I haven't heard that any ISPs are doing that

ok the new dns works

but there is a another issue

I went with google dns and it is very slow

I need to make a dns benchmark tomorrow

gosh darn it

and I don't trust every dns addresses

if you have any good public dns suggestions for middle east I am up to listen.

why make when you can just run

https://www.grc.com/dns/benchmark.htm

I utterly mention it

again thanks for the help night night guys

not sure about middle east but I just use 1.1.1.1 or 8.8.8.8

oof 8.8.8.8

1.1.1.2

Get malware protection

oof cloudflare

lol both suggestions have equally bad tradeoffs

I switched away from CF because I got annoyed by reddit being slower and archive.org being not available

In diagnosing my comcast troubles, separately I ran across MoCA - anybody use that? We have cable outlets all over the house, and it'd be a great way to avoid running new ethernet all over

@vapid dune Don't forget how cloudflare causes its own self-inflicted damage with global internet outages

I think @waxen scroll can attest to that

meh I don't mind internet outages

it's the same as google or aws

@vapid dune we're better off letting a different planet be the backup in case earth has global outage.

but of course

one day we might do that

I cant wait lol

you'll be dead

well

Ill just drink from the youth fountain

You can narrow down most "internet outages" due to BGP

For CF thats just due to the vast services that makes it so impactful

The changes made during that time still ruffles my jimmies. Junos 101

ITIL should of caught it

or the change board

@waxen scroll

That's how you burn bridges quick fast

Probably was salty af

How is it unlawful when the guy had approved access to do it?

having keys to a building does not mean you are allowed to demolish said building

You should of said that sooner

@little schooner @hollow marlin correct. ITIL and the peer review process should have caught it. speaks to how crappy a company CF is.

show | compare is a standard when it comes to changes in Junos. Their entire backbone is Juniper so I am not sure how it wasn't checked. This is why I have trust issue with people making BGP change

my favorite is the LOLs with interface speed upgrades and OSPF

many people get caught there too

If the reference bandwidth has been changed, Ive seen shit go south too. Most lucky don't know OSPF more than a basic level though to know that

yeah thats what i mean

I haven't seen many companies actually change reference bandwidth. At least in meetings I get pulled in on designs

current place has it set to 100G

Good, it should be that way

Yah, most places default to 100g now from what I've seen

Must be our clients then lol

bigger places (not internet companies) seem to be starting to look at 100G WANs too.

my temp job from a few months ago was putting 100G PTPs in. new job is doing 100G dwdms

Its cheap enough at this point. We have 100g BGP peers but during peak I don't see more than 30-40gs on a single peer.

With 20-30k customers about

as for SD-WAN thats still rare as far as ive seen. people are still talking about it, maybe POCing... but its been years since iWAN

@little schooner we gotta get you into a big networking role!

@waxen scroll I'll work my way up. I will start with this first job

is it possible to setup both a plex server and a open media vault server on the same raspberry pi 4b with 4gb of ram?

If you're trying to transcode, you won't be doing that on a raspberry pi, but direct play should be easy

ok

btw do you know of a better alternitive to newegg or amazon that has quality electronics online at reasonable prices that ship to canada? @clear igloo newegg and amazon have heavily inflated prices

where can i get a cheap nas setup under 200 dollars no drives? @clear igloo

canadacomputers, mikescomputershop, memoryexpress, bestbuy, etc (for general electronics stuff)

the cheapest nas will probably be one you build yourself with used server hardware

for 200, I think you're going to struggle to find a plex capable brandname nas

this is about as low as it gets and you'd be better off using it just for the drives and running plex on a pi

https://www.amazon.ca/Synology-DiskStation-DS220j-Diskless-2-Bay/dp/B0855LMP81/ref=sr_1_3?crid=2KEN2UEEQLY6U&dchild=1&keywords=synology+nas&qid=1598549313&s=electronics&sprefix=sinology+na%2Celectronics%2C297&sr=1-3

there are technically other options like this: https://www.amazon.ca/TerraMaster-Transcoding-Personal-Storage-Diskless/dp/B07QSRX57Z/ref=sr_1_1_sspa?crid=2KEN2UEEQLY6U&dchild=1&keywords=synology+nas&qid=1598549313&s=electronics&sprefix=sinology+na%2Celectronics%2C297&sr=1-1-spons&psc=1&spLa=ZW5jcnlwdGVkUXVhbGlmaWVyPUEzQ0xHNzhRNUZRWElRJmVuY3J5cHRlZElkPUEwNzQ4NzkyMzczVk44Tlo2RzJMMSZlbmNyeXB0ZWRBZElkPUEwMzM1ODI0MklDM0o5WUwzM09SSCZ3aWRnZXROYW1lPXNwX2F0ZiZhY3Rpb249Y2xpY2tSZWRpcmVjdCZkb05vdExvZ0NsaWNrPXRydWU=

but the software is probably terrible and synology's is pretty good

@spare bay I really hate that synology 2 disk Nas. It's so expensive and slooow

Honestly I don't understand why they even listened to the person with the idea to make that product

@little schooner Product Description: DS220j is an entry-level 2-bay NAS designed for home and personal users to store and share photos, videos, and documents.

oh god never buy from canada computers

if you're willing to build your own NAS just order a supermicro mobo off ebay and buy other parts yourself. some of them have enough SATA ports but you might need an HBA card too

I wasn’t saying it was good, just cheap. $200 is not a good price point for a NAS

oh god never buy from canada computers
@vapid dune why?

they're an NCIX breach waiting to happen imo

let alone their business practices

Thanks for the info. I was about to buy stuff from them. I guess I'll stick with Newegg.

I mean I'm certainly tempted by their prices and what not sometimes too. and the "safest" thing you could do is to buy it in store direct with credit card

at the very least we can assume the machines aren't going to screw you over since they should be from the bank lol

I just wouldn't volunteer any info like name/phone

lol one of the things that had previously happened https://www.reddit.com/r/bapccanada/comments/a528z8/canada_computers_is_unsecure/

Eh, I mean, if you haven't been allowed to view the source code of any system you use to process payments (or do anything, really) then you should assume it's syphoning your information.

To be clear, I do indeed use my credit cards, have bank accounts, and do lots of stuff online despite being unable to see the source of many things. But that's only because banks have insurance protecting me from fraudulent purchases.

And as such, you should use absolutely no software. (And no, open source is not the solution. No one reads the source for open source) As you can never trust it. 😉

You're right and wrong there. Right that people should certainly scrutinize any closed source hardware and software they didn't make themselves, and wrong that no one reads the source code for things.

Many smaller open source projects get reviewed all the time - in fact, I regularly enjoy combing through YouTube-DL's source to see what they change to get around video streaming sites changes

Of cause some people DOES read the source, before using open source. But the number of people are insignificant.

Oh for sure yeah. That I agree with. And to be fair... I'm not suggesting that literally every should know how to read the code, however, we need far more oversight into commonly used systems.

Did you know that one of the main reasons we "can't do electronic voting" is because the vendors that make the voting machines and systems won't let their systems be examined? Even by the government? That's downright scary since who knows what kind of tampering may or may not be occurring, even with in-person vote tally machines.

I comb through Asterisk source regularly, whenever someone asks how stuff works, or the damn thing does not work the way the docs says it should... But despite the fact that we use linux to run said asterisk, NO ONE in the company ever read the linux kernel source, or the source from any other related package on the system. And as such, the system can generally not be trusted.

Yeah, electronic voting would make me consider the political system even more corrupted. It's way too easy to fake the results.. No matter how much the software and hardware has been reviewed, the fact that all data is electronic, means it's easy to fake for people with the knowledge of how the system works, and access to the right parts.

And that's even despite the fact that I live in a country that has a low perception of corruption. 😛

Mhm don't get me wrong; I'm all for electronic voting and improving our lives with tech in general, but it's gotta be done right, otherwise we face catastrophic results.

The Verge had a really eye opening podcast interview a few weeks back talking about voting and network security. They went over why we don't have electronic voting yet, but also theorized that part of the problem was nobody yet has developed a way to verify the vote counts electronically either, meaning we have no way to verify the results in the event that a system failed or went down.

The way I see it, those that supports electronic voting are (with the exception of those making the solutions) people who does not know enough about how IT systems works, and their weaknesses.

Most of the time yes, or they're people who have the education and knowledge of techy stuff, but who can't get traction from those actually responsible for implementing such a system due to a variety of reasons.

where I live we do electronically counted paper ballots

I honestly can't imagine a SINGLE way, with all the security solutions in the world, where you can make a secure voting system, that can NOT be manipulated by a few determined individuals. The problem with faking paper votes is you need to actually HAVE the votes to backup the numbers you claim. With electronic voting, it's way to easy to fake the votes, and fake the result.

seems like the best solution

your vote gets counted as soon as you put it in the machine, and then they get verified the following week to make sure they match the electronic result

Yeah, punch cards are not a horrible solution, still takes less effort to fake than a cross on a paper, but harder than completely electronic votes.

easy to vote, fast to count, and has a hard to fake paper record

Same as Canada's voting syetem. Electronic counting is fine. We were talking about the network / software security implications of voting over the net, which stemmed from an earlier conversation about online shopping websites and their payment networks being trusted.

But um I'ma get back to my mini staycation, cause this is my last day. 🥂 Enjoy some good networking discussion!

Yeah, the hard to fake part, is the important, and so far, there's no way to avoid manipulation with a purely electronic solution.

also you don't need a punchcard to be electronically counted, the ballots are more or less identical except you use a marker

Conductive ink?

image recognition

seeing which white circle has a mark in it is incredibly easy

Like a scantron test?

I think you can use pens/pencils too

basically

Yeah, that takes just as long to fake as ours. 😉

Id like electronic voting once a different species is the one keeping it secure from human tampering

I would be very impressed if someone managed to mess with the electronic count thing we use in ontario

the election people aren't allowed to touch ballots, each voter puts it in the machine themselves

it gets dropped into a tamper proof box after being scanned

Give me the documentation, some test equipment and a few months. I'm sure I can find a way to manipulate the counts in the machine. The paper trails though, is a different thing.

@spare bay I mean it doesn't stop the software code needed to run that from Being corrupt

True, but all paper ballots are counted in the following weeks

the electronic counting is just to allow quick results

And what about the people who harvest the ballets

@little schooner THat depends.. If the species keeping it secure, has any interest in a certain result, it's not problem solved. 😛

What if they toss em in the garbage

Well, each box of ballots is tracked

@craggy parcel true

I'm not saying it's absolutely impossible, just highly highly unlikely and seemingly would take a lot of effort

@spare bay but because it's position of power, some may think it's worth effort

But yes I see what you mean

@spare bay Actually we have the result after just a few hours, but with only a few million ballots, it's pretty quick... One of the things they do to avoid tampering, is having people representing opposing parties count them together. If it's a perfect solution, I don't know. 😉

It would highly unlikely

That's the standard way of counting votes basically everywhere, is it not?

I mean with representatives from all parties

As long as you have a physical audit trail that will take a considerable effort to fake, any solution is fine.

I think all polling locations here also have a representative from each major party to oversee stuff

In person voting is the best method to catch people

I would hope that's the standard way of counting. But I've never participated or followed the process in any country but my own. 😉

@craggy parcel can networking data really travel any faster than the speed of light?

With fiber it still feels like a limitation

Why isn't light faster...

It's not really traveling as what's called "Speed of light" it's traveling a bit slower. 😉

Heh

It's fun how they even measured that

Slow motion camera or something?

If I remmeber right, it's because of temperature, refraction in the fiber, and a few things I've forgotten.

I see

Good ol physics

They froze it to almost absolute zero, forced it through something then managed to slow and measure it.

Pretty neat

This is quite interesting... https://www.extremetech.com/extreme/162289-light-stopped-completely-for-a-minute-inside-a-crystal-the-basis-of-quantum-memory

The experiment I was thinking about, btw, was by Lene Vestergaard Hau, she slowed it to 38 mph.

What ubiquiti router is good for basic home use?

In most cases, any within your budget.

Any issues with edgerouter x? Or is that safe to buy

I just need a basic gigabit one

Already have switches and an ubifi AP

There are issues with any software based product.. I don't know the edgerouter series. However, if you want to use the controller, the UniFi series is what you're after. The edge router series are standalone products, as far as I understand them.

Okay

I haven't looked at the unifi routers yet

Currently running pfsense on a 12 year old optiplex, and the noise/inefficiency from that is starting to get annoying

I've played a little with them for a VPN solution at work. And have a colleague that uses one for her home network. Haven't heard of any issues, apart from the fact that I've seen it loose connection to the controller, and not restore it. The controller however, are not hosted on the same network as the router, so anything can happen with the traffic.

Interesting

I'll look into it

If noise is an issue, stay away from the Security Gateway Pro, it contains fans, and makes some noise. If you have a closed rack for it, you should be fine though, but it WAS annoying to have on my desk, before it was relocated to our datacenter.

Lol no. No rack in my house

The one you start up, to make more reliable modems @dusty epoch I've heard and experienced lots of problems with cable modems from most major vendors..

Just need something small and prosumer grade. Serious home networking has gotta wait till after I pay off my student loans

What connection speed do you have, and what do you expect to have in the lifetime of the router (2-3 years)

2-3 years are what I'd consider outdated, not how long the product can actually last. 😉

@dusty epoch If you don't intend to use the build in VoIP ATA, Arris should be mostly fine...

I think the arris has had some wifi issues, but wifi are backup and for phones anyway, so shouldn't matter much. 😉

Gigabit for now. After I graduate and get a real job I'm probably going to start doing some home server stuff, but that's not in the cards at the moment.

That’s what I said before I graduated and still no job hehe

Eh, the edgerouter x is cheap enough that if it has any issues I can honestly just replace it in a year or two. Or worst case yell at Amazon for a refund lol

In the long term I do want to go rack mount for stuff

@short relic The USG is pretty cheap as well. (Not pro) And should handle GBit just fine, as long as you keep DPI disabled.

The edgerouter does not integrate with your other unifi stuff, and you will loose the ease of setup that is with the unifi controller, however, that might not be an issue, it's all a matter of what experience you want. I've not heard of many issues with unifi equipment.

Ohhh

Interesting

Only recurring problems seems to be the Cloud Keys not surviving powerloss.

So edgerouter does not integrate with unifi AP?

It does not integrate in that it can not be setup from the unifi controller.

Gotcha

But apart from that you will not have any issues with the network, just a more complicated workflow from a management point of view.

Eh, easy management isn't a huge concern of mine for now. It is something I am definitely interested in for the future, but not something I need for now

As much as I would love to get a each and a bunch of harderivers and a good switch and router, that's not gonna happen for a little while

Well people are different. But I'd prefer the single point of managment, instead of having to login to different devices.

Fair

This is gonna open a can of worms, isn't it

Well, I'd say i've had a lot of "Oh I wish" since I started using unifi equipment at work. 😉

The Unifi AP Lite I got back in 2016 is still one of the best purchases I have ever made

Only networking problems we've had have been from PFSense just deciding "no" from time to time, and a modem that died from a power supply that went bad

Heh. I've got a Time Capsule and AirPort express, at home... Works fine, and were also pretty easy to setup.

Oh yeah.. Good old power supply failure...

At least that was easy to troubleshoot

Yup.. No light in the thing.. Power problem. 😉

"Is the AP on? Yes. Is the router on? Yes. Is the modem on? I don't see a light. Oh it also smells bad"

It's easier when you see the magic smoke leave. 😉

That's not likely to happen when it loves behind the TV cabinet lol

😉

Hey guys I was wondering if I am using RDP to access my home PC from somewhere else how secure is that?

If not very secure then how can I secure it or what are my alternatives

@strange flax VPN in to your network, then use RDP.

how do i VPN into my network? I use a vpn when I am out and about but I am assuming I want it to appear like I am on my home network

@waxen saddle

There’s a lot of solutions out there. Ideally, you’d set up the VPN on your router, but not all routers have that ability. I’m also unable to aid with setting up your VPN, but if it helps you, you want the VPN type to be “L2TP” for compatibility reasons (it’s widely used).

ok cool thanks that helps alot actually

Nothing wrong with openvpn or wireguard

I just use that on a raspberry Pi

There's some easy scripts to help set those up too

Anyone know of a good free network monitoring software or something that can detect an undetected issue in the network?

Only thing wrong with OpenVPN and Wireguard, is the fact that you need to install a client. At least that was a requirement last I checked.

Zabbix and Nagios are great for all round general monitoring, smokeping can identify bad connections and packet loss... What exactly do you want to monitor? @ivory egret

@craggy parcel Thanks for those. I just want to monitor the over all network, that would identify floors that have not been picked up by anyone in the office

I want to get an nas.Looking at qnap now.Is that an good idea.Any other solutions.I'm a basic linux user.Can configure stuff.Suggestions are welcome.Currently looking at qnap t253a.

If your monitoring requires ping or SNMP they are natively supported by both Zabbix and Nagios. From my experience, Nagios looks better with less effort than zabbix, but last I checked it was more difficult to setup. (Required config files for everything, where Zabbix has a webinterface for most configuration, apart from the agent installed to monitor individual machines)

Any NAS guys here?

@hoary roost What would you use that NAS for? Just basic filestorage, or something more advanced? QNAP makes great products, and the web interface for configuration is quite easy to work with, if you have a basic understanding of storage concepts and networking.

File backup, cctv surveillance,web server

Do you have a CCTV setup running currently?

Getting a new NVR setup.Qnap app ecosystem attracted me.qvr pro software

@craggy parcel Thanks for that will look through both

With backup do you think of something automatic managed by the NAS, or just something client side, or perhaps even just manually copying files over?

Client side

@ivory egret Have a lot of fun. 🙂

Something like a wireless hdd

@hoary roost So just basic file storage in regards to backup, as the NAS is just a network share, that happens to be the backup location. Any NAS solution can do that. 😉

Qvr pro app on qnap supports 8 channels for free

It does, but are your cameras compatible?

That is my requirement

Yep

Ip cameras

Onvif

I'm from India

IP cameras are a LOT of things.. 😉 Some use a standard protocol, some dont. But if you've already checked compatibility, you're good there. 😉

So no proper nas brands available here

In current vivid situation

Amazon sells a lot, and ships to most places.

So confused as hell

Tax

Price double os usd

Can u suggest other brands

Reliable

Or an diy solution

Well, FreeNAS is just the software, and can be installed on any hardware that supports FreeBSD.

i have a Virgin Media Superhub 3 and my data plan is 100mbps with unlimited usage. If i bought a third party router and used my Superhub as a modem, if the new router was advertised as gigabit, would i be getting gigabit speeds? Or would i get faster internet in general?

It would be as fast as your slowest bottleneck. You will not get a gig if your internet provider maxes you out at 100 mbps and your router might make it faster to communicate to things on network however it will not speed up your internet since it must go through the modem

a good router may increase your wifi range (which is the only reason I have a fancy router)

quick question:
(SO:: windows)
a user that is not in the groep 'users' or in the group' guest.
what are there limitation, or what limitation don't their have.
(made a user then is not in any group)

@cloud zinc Try asking in #tech-support

@waxen scroll I feel so bad. I made one of the biggest mistakes ever. I left our school's firewall wide open to any type of connection request due to not fully understanding the options found in the pfblocker package

for at least 1 month and 1 week, anything was permitted inside

🍿

@waxen scroll During that time, we had the firewall completely crash and become unresponsive and i thought it was because resources were tied up

i checked the logs and there were hundreds of ssh attack attempts and other port attacks

back then I didn't think much of it and just rebooted and everything worked

now it all makes sense why it failed

They actually didn't do any damage from my initial inspection

But I should probably get a appliance that can analyze the traffic now to see if any infections got into our internal network

What do you think? like a snort appliance and see if it finds something

It permitted only connection attempts that came from the United States IP addresses

maybe I avoided a much bigger disaster

Even with pfblocker wouldn't pfsense firewall still apply?

@little schooner you're natting though right? that saved you

BuT nAT IsnT seCuRIty

Bad ping

Looks like over wireless

@hollow marlin I made mistake and had it set to pfBlocker rules first (which were permit any any any for United States IPs)

So it was actually allowing people to access web config page, router ssh, etc

What I wanted pfBlocker to be set to was Alias Native, this way I can make my own rules and reference the alias which contains all the united states IP addresses

You don't want it set to permit inbound

Because it puts the rules first above your blocking rules

Better to NOT have the package auto create rules and just reference the alias in your own rules

I'm glad I caught it in time

@waxen scroll yes we use NAT

I guess it did save us

Because I see no trace of internal network access

But what would I know really

the problem with school IT admin is the second you fuck up, people like @rocky badge will find and exploit it in a day

You'll want to have Pfblocker deny only and that way it will parse the package then hit pfsense rules where you can then permit.

@waxen scroll So the way my school handles web filtering off campus is via a VPN

Well today was a distance learning day for the entire district

The VPN died

@hollow marlin so doing it that way would mean I have to select so many countries and have a lot of rules

my school you could install firefox with no locked in proxy settings and poof. so easy. then senior year they blocked 80/443 unless proxy... so cgi-proxy!

In the docs it said to use it as a whitelist instead

😂

@waxen scroll no one got fired so we're in the clear

yet.

@waxen scroll my prof can just say we only have Cisco equipment. I remember hearing that nobody ever got fired for using Cisco

🤔

@waxen scroll I'm obviously joking

Ahh what's also great is that pfsense has sshd attack protections and locks out after 3 unsuccessful attempts

That bought some time I supposed and the firewall was updated to latest version

At least we kept up our scheduled updates

@little schooner In pfblocker rules are you able to match a whitelist but specify except?

@hollow marlin I was not, no.

For list action (after selecting only United States in the Country list) it had permit/match/alias

No exception option to match, say, port. 443

I was wondering if its possible to add a match except rule. Where it refers to a whitelist and if the IPs are not in the list, deny

That would be good yeah

Until then though, I have it set to Alias Native, which means that it won't auto populate my firewall table with rules but create a name I can reference with all the united states IPs

Heres a sample of some of our Juniper deployments
firewall { filter RemoteAccessToSRX { term block_non_wtc { from { source-address { 0.0.0.0/0; } source-prefix-list { ManagementWhiteList except; } protocol tcp; destination-port [ ssh https telnet http ]; } then { discard; } } term allow_wtc { then accept;

Seems to be okay for my case since we only have 4 rules

Where the ManagementWhiteList except means if it doesnt matter those IPs, drop it.

Not sure if pfsense had that control

Interesting

Why don't all routers have that flexibility

That's nice

Juniper is a love/hate. It can be quite flexible but it means more overhead for even simple configs

im on team #hate

i prefer extreme networks CLI over junipers too

Thoughts on a juniper ex2200 24 port poe switch for home use?

@charred meadow I have the EX2200-c 12p at home. 2200-c 24p is loud as hell and runs hot. The 2200 was replace with 2300 which runs cooler and is not gimp to hell on resources. AKA you can only run up to verson 12.4 on the 2200 which 2300 you can run 20.
Also 2300 has bonus 10g ports

For home use the resource issue is not a problem for 2200

i buy ubnts mostly cause they're fanless

@rocky badge 👀

@hollow marlin do you think 50 USD is a reasonable price for one?

For $50, damn right its a good price. Thats an $800 switch

Is this a sale from someone you know or an ebay thing?

Ebay

Thanks

@waxen scroll nice

Hey if I already have a UDM upstairs, do I get a nanoHD or AC Lite for downstairs?

My most important clients are all on 5 GHz

I get 200-330ish Mbit upstairs and 20-100 Mbit downstairs using an S20+ 5G

@dusty epoch A good router/switch/WAP combo is the Ubiquiti Dream Machine

A nanoHD or a flexHD are the two best options right now

Depending on the space you can probably get away with just the lite though

@waxen scroll so I made the professor aware of the mistake I made and he took it well.

@dusty epoch Not too sure about a standalone. A USG or Edgerouter might work but they have some tradeoffs depending on if you want to use intrusion detection

Consumer routers 90% of the time suck

They're far less reliable than enterprise type gear (e.g. ubiquiti)

It's pretty good assuming you're willing to pay

It's insanely cheap compared to other enterprise gear but more expensive than consumer routers

Used should be good

As for the price, it could be higher or lower

Depends on the time and the product, but I haven't checked too much

What is your budget?

Are you looking for a one time purchase or something you want to replace every few years?

Hmm this is a little harder to do then

I'm assuming you know the difference between routers, switches, and access points?

I'm personally not too sure about routers

You'd want to wait for someone else to answer

Ik USG and Ubiquiti Edgerouters are somewhat popular

Ye np

What's your internet speed btw?

And are you anticipating any upgrades?

The USG and Edgerouter have some type of firewall feature but it caps out at some speed below 300 Mbps (Edgerouter is lower)

They should be perfectly usable without those features enabled (I think SmartQueue and intrusion detection)

But if you want to use those, you need the Dream Machine (all in onr device) for 1 gig internet and it costs $300

Ubiquiti devices are also harder to configure for the "advanced" features until you learn where everything is

But they're far more reliable + easily expandable

If you can't get another response here, there are also a few subreddits (like homenetworking) that are decently active

Yo thanks

Hope you find a good choice

is port forwarding safe?

@calm karma It depends what for. You have to be very careful who you give your IP to, because if you have open ports in your network, and other people have your IP, then they can find ways to enter your internal network, which is bad. If you are doing something like setting up a private minecraft server for a few friends, and make sure the IP isn't spread, it's probably fine 👍

oh so if i wanted to make a public server i would need a separate network?

If you wanted to make a public server, then there is a free tool called TCPShield, which hides your public IP from everyone else, while still allowing you to connect - LMG uses this tool for their mc server too

https://www.tcpshield.com/

ok

thanks

https://docs.tcpshield.com/miscellaneous/protect-a-home-hosted-server

“Don’t” is almost completely useless without an explanation.

I love it

lol

@sonic notch I'm going to come out and say ubnt is not enterprise gear. It's prosumer gear. Enterprise gear should mean it has dedicated paid support you can contact

Ubnt is free support and often forums driven

That's why I said enterprise type

It isn't enterprise type

Prosumer type

I'm not sure if I'd call it prosumer either since it's not exclusive to home enthusiasts

@sonic notch prosumer doesn't mean enthusiast

ah i see

I mean if you want to get technical, small businesses are by definition enterprises where it might fit but I wouldn't trust it much beyond that. SOHO might describe it better

@clear igloo something changed in their company and they are more likely to rush unfinished released and not test them out well. And they don't give that many eol notices ahead

Ah, I don't follow them much so I can't speak to that. EoL/EoS/etc. should always be well roadmapped out and communicated imo

I would say prosumer is a grey bucket, it can encompass enthusiasts to some extent

@dusty epoch prosumer just means you are looking for more functionality out of something but not to the point where you need to dig too deep into it

Like configuring qos manually is not a prosumer thing

But having a router make it easy can be

I'd think so yeah

I would say so, get's you familiar with a lot of the basics beyond a basic consumer router or something and gives you a small taste of a few more advanced things

Yes

I mean ubnt is a big one for that

Any of their switch lines

Mikrotik, Ubnt come to mind

Yes so does mikrotik

I use the Edgerouter poe 5 but I could of just settled with the er 3

I think I made a purchase mistake

They both have some 10g stuff too

The poe models run so hot

That it caused my modem to disconnect lol

@dusty epoch not overheat just stay hot

@waxen scroll the people that you hired in the past, did they ever try to cover up a network related mistake that was major?

ive never hired

ive never even sat in on an interview yet lmao

i stay away

@waxen scroll hmm i think someone else said they hired

i got it mixed up

generally major mistakes where I work are noticed

better confess before someone finds you

last job would fire you on the spot if you did a change and it wasnt logged / approved

current job probably would too

Yes its definitely serious

i saw someone get fired on the spot

😄

they were a full time wireshark person who went to adjust the SPAN settings on a major datacenter switch. he mistyped something and ended up nuking all of the vlans towards a major firewall

no change logged.

ouch

a depressing day for the guy im sure

play stupid games...

i knew another guy who would push mass changes with no approval as well. did it for years. openly bragged about it. nobody said anything

mgmt knew nothing would get done if he started asking for changes

😄

I hope I do well. I want to do it right in a production environment.

Not get creative and try to change things without asking

Took the JNCIP-SP today and passed. More Juniper exams I take the more I miss Cisco's

Nothing more fun than a manager desperate for a change, and having to stick to procedures, to file a change request, have it approved then do the work. Their face is pretty funny, when they realise that the procedures THEY put in place, makes things take much longer. 😉

@little schooner I thought the last round of interviews of people I did was bad (~2 years ago) but I spoke with a manager recently and people are paying others to do the interview for them. The person hides their mouth and the person is conferenced in and they do this over video thinking they are slick, it's nuts

Hey anyone here able to help me with Unifi roaming? I just got a new AP today and I switched both 2.4 and 5 GHz to medium power instead of high (low kills speeds) yet my clients don't like to switch APs or bands without manually turning Wi-Fi off and on.

@clear igloo heh thats wild

@sonic notch roaming comes down to 802.11k, r, v support and proper power levels

@craggy parcel when a manager wants me to do a change faster they have to ask a director first, then a VP. sometimes multiple!

@sonic notch It should just work. Maybe you have too little or too much overlapping in coverage. Try to disable one AP check coverage in the direction of the other, and the switch. Figure out the actual overlap, and make sure there is some overlap, but not too much.. What is too much? Well, it depends, there's probably a rule of thumb, but I work too little with radio networks of any kind, to give any advice there.

@waxen scroll And does that really make the change happen any faster? 😛

only by a day or two

its still slow

@clear igloo current job wanted me to use cam on webex and I said "nah, its not working"

Heh.. Whenever I reach the point where too much work needs to be done yesterday, so my standard answer whenever someone asks something to be done NOW, is "What other tasks should then be postproned?" Usually gets the point through, that I only have a limited number of hours, and too many top priority tasks.

@little schooner Is there any easy way to know if my devices support 802.11r? Googling yields me little to nothing

@sonic notch what device do you have

@craggy parcel the way current job does it is every two weeks we agree on what everyones workload is and free time for the next two weeks. nobody is allowed to interrupt that scope of work

@craggy parcel I have a pretty good idea of where the overlap is but not sure how to control that

@sonic notch overlap is solved with relocation of the access point

@waxen scroll Sounds nice.. We are just too few for that to to work out in a meaningful way.

Basically you want each AP to cover a given area without another AP inside that range

its nice but it generates a ton of meetings

That facilitates roaming

@little schooner The one I have poor results with is an S20+ 5G

Whoa that supports it all

What access point are you using? Unifi ones? @sonic notch

Roaming works decently (it switches in areas that wouldn't be covered well by 1 AP) on my HP Spectre x360 (2019)

@little schooner UDM (had it for months) upstairs and nanoHD downstairs

I see

@waxen scroll Well, we have a daily morning meeting, and several meetings each month for specific tasks, and things that needs to get sorted by the whole team, then theres a weekly staff meeting as well.. I think I spend about 2-4 days a month with just meetings, most of them with no real purpose, that could not be fulfilled without my participation.

@sonic notch you wouldn't happen to have a heat map of it would you? That shows if they are overlapping in coverage

I think overlap will be your best fix

My entire downstairs would get max 40 Mbps on a single device with some areas at 20

How would I make a heatmap?

@craggy parcel what would you suggest

I've played around with the Unifi tool but it doesn't compensate for change in elevation

@sonic notch right I was just thinking that

Hm

@craggy parcel we only get 4-5hr to work every day cause of so many meetings

@sonic notch If you have 2 floors, the APs on each floor would have overlapping coverage.. That is 2 APs directly above each other, will cover the same general area, with the upstairs one having the most "spill" to the lower floor. (Antennas usually points downwards. 😉 )

@little schooner Suggest for what? A heatmap?

@craggy parcel no for the overlap issue

I actually have the same setup at my 2nd site

I'm using 2 ap when one of them could work because it's shooting down

But I mounted it on wall not ceiling

What I know for sure is that a room next to my stairs (which leads to the UDM) used to get 35-40 Mbps and now gets 100-150 from both APs

@waxen scroll We have to provide end user support as well, so I might have about 2-3 hours where I could ACTUALLY do any development work, however, I never know when I'll be interrupted, and as such, end up spending time on tasks that are less of a problem if interrupted.

i try to find jobs where im not even supposed to be in the ticket system lol

i hateeeeeee tickets

@sonic notch how about trying to lower the power level of one AP's signal by a small amount and see if the roaming behavior is consistent

From the unifi controller settings for the ap

One thing to note is that my nanoHD isn't mounted in a permanent location yet (planning on wall mounting; it's currently on a table)

@little schooner I'll try doing that

@sonic notch I believe that's how you solve vertical coverage problem

Putting it on a table makes the signal go up?

Yeah

So I guess I should try wall mounting it first?

Best bet for overlapping issues are mostly trial and error.. Shutdown all but one AP, then make sure it gives decent coverage in the desired area. Then shut it down, start the neighbouring AP up, move and adjust to cover desired area, then start first AP again, make sure both areas get the expected coverage. Repeat until everything is adjusted, beware of multiple floors, and signals from the upper floor disturbing the lower floors. If possible position ceiling APs on the top floor, and see if they can cover the bottom floor as well... Or at least, that's how I would go about doing it. An experienced radio tech would probably know a lot of shortcuts. 😉

If the logo is facing up, it shoots up. If facing down, it shoots down

@sonic notch sure

@waxen scroll Well, with a 10 people company, and being one of the most senior devs, knowing many of the systems by heart, it's hard to not have things end up on my desk.

ooooof

@craggy parcel yeah i do like 10,000 minimum

record is 300,000

@craggy parcel @little schooner I forgot to ask; are there any good Android iperf apps?

@waxen scroll In a country with a population of about 6 million, companies of that size, are few and far between. 😉

nvm i could just use the unifi app im dumb

@sonic notch while I haven't used it much, ping tools has a built in iperf client, and I used that

@sonic notch Don't use android, but if apps adheres to the protocol, they should work equalliy well.

Unifi has speed test though

Aren't the speed test in the unifi app, done from the router?

@craggy parcel Is there a good iOS iperf (for a friend; i'm assuming you use iOS lol)

That is from router to the internet

The unifi app tests from client to AP

@craggy parcel it is? I didn't verify

I only used iperf so I could do a test on my laptop

@craggy parcel i went to a company for a few months that had me do engineering + tickets. it sucked. i was lucky that most people were work at home because I'd have to do cable issues too if not

wait unifi has an ios app too im high

@sonic notch I'm not really a wifi guy, I stick with cables if possible. Speedtest.net is what I use, as I'm mostly concerned with either cellular or wifi internet speeds. Not really my internal network. WiFi in my world is backup and convenience for computers, and handheld devices. Not something for any sort of regular high performance use. 😉

Ah

Are you doing it for privacy? Just curious

@waxen scroll I don't mind customer support, actually, what I dislike is the expectation that I can be just as efficient while having to deal with all kind of customer cases, as if I did nothing but code..

@little schooner dont get a job where you have to pivot. it will get you in trouble.

and its depressing

@sonic notch Nah, it's mostly because cables are just more stable, and less prone to interference. I live in a city in an apartment complex, and apart from the 20 or so WiFi networks I can see, there's most likely an equal number of blootooth devices, and what not, crowding the airwaves.

@little schooner As far as I've seen, the speedtest in the unifi app is the exact same as on the controller interface. That's measuring your internet speed as seen from the gateway.

@craggy parcel My internet speed is at max 100 down 20 up and Unifi's speed test shows more than that

(And yes, if you scan the airwaves around me, I'd most likely be the a-hole using a 40 or 80 mhz channel. 😉 )

Same here, but 5GHz isn't crowded at all for me (I'm using DFS channels)

I just realized that there's a speed test and a Wi-Fi throughput test, my bad

I meant Wi-Fi throughput

@sonic notch Interesting, it's been a while since I've used the mobile app. I only manage wifi for a colleague and live quite some way from there. That is since my boss decided that UniFi equipment was the reason for unstable WiFi, and insisted we changed to some LigoWave devices. (Which gave WiFi that was just as stable. Guess it's not the devices. 😛 )

nice

At least (s)he didn't go for a Nighthawk or something

For my home use I don't care much about the WiFi setup, I use whatever is default on my TimeCapsule, and AirPort express. It works for the devices I have connected. (That is my phone, and the kids ipad, whenever he's here.)

At least (s)he didn't go for a Nighthawk or something
@sonic notch Nah, he had a talk with someone doing wifi for a living, that also sells the Ligowave devices, and he claimed it would be the UniFi devices fault.. I'd say the problem was, that I decided on 3 AP's for too little space, and didn't adjust radio power accordingly.

In other words, too much overlapping, causing the APs to interfere. 😉

Is he paying licensing fees now

Nope, the controller is free, and so are firmware updates. 🙂

Also I like new toys, so didn't mind changing the devices, but had he tried to go with something like Meraki I'd opposed. 😉

the ui looks like a better version of an xfinity router

What UI?

I Googled Meraki and the homepage showed just one screenshot of the UI

Also, I tried setting one AP to low and the other to medium and my devices wouldn't connect to the low AP because the medium one would be too strong ; (

I'll try wall mounting next

Well, Meraki is a cisco product now, and last thing I heard, if you don't pay the yearly license, your devices just stop working.

Apart from that "small detail" the Meraki products should be quite good.

Though I don't have firsthand experience using Meraki gear myself, the team who does deploy and maintain the gear for clients swears by it, so if you're fine being extorted by Cisco (or you're passing those costs onto your clients), I'd say you could go Meraki or Ubiquiti, depending on your needs.

I have a set of meraki stuff

@ornate jungle I have no experience with meraki on my own, but I certainly don't like the fact that you FIRST have to buy your hardware, and then MUST pay a yearly fee to actually use the hardware you bought.. If you want a yearly fee, fine, but then just send me the hardware for the cost of shipping, and have me return it when I cancel the subscription.

it's pretty great

but I'm not paying for it once the licenses lapse

I have little doubt that the merki stuff works as advertised, and are great products, Cisco are not know for making bad products, they are know for bad licensing practice, and high pricing.

You hit the nail on the head - heck, I'd be fine with paying for the hardware and simply no longer receiving any new feature updates once I stop paying. (However, security updates should continue to be delivered free of charge until the product is deemed end of life, OR the firmware should be open sourced so the community can patch security vulnerabilities themselves.)

meraki is great if you have a bunch of different sites

especially since they don't need any local configuration, you can mail them and just get someone to plug it in and it auto configures itself

especially since they don't need any local configuration, you can mail them and just get someone to plug it in and it auto configures itself
@spare bay With UniFi you can do that when the gateway is configured, or by having correct DHCP/DNS setup.

Oh absolutely - yeah, there's something to be said about having a central controller on a switch, server, or cloud service (if you must), since it means the local office staff can simply be told "plug this in here, put 2 screws into the drywall using a 4ft step ladder, then call us when its done" after which you adopt the hardware into the system (or it does it automagically) and BAM - instaconfigured.

UniFi isn't quite the same since it still requires a local controller, right?

UniFi isn't quite the same since it still requires a local controller, right?
@spare bay It does not, but if the controller is not on the same L2 network, DHCP/DNS setup is required before it's automatic. And for the gateway that setup will has to be done on it's WAN side.

I actually don't know if Ubiquiti themselves offer a hosted cloud version of the controller, but yeah, you can technically run Cloud Key on a VM on Digital Ocean or Vultr, etc. if you want, but extra setup is required as ChanoAndersen noted.

But you can preconfigure the controller IP in the gateway, and it will deliver it to every device connected to it. The controller can be anyway that can be reached.

@ornate jungle Or on a VM in your own datacenter, as I do. 😉

Well, for my meraki stuff I set everything up before they got delivered, and then it was 5 minutes after taking them out of the box that everything was running

it was pretty cool

and that was gateway, switch, and AP

Haha... How does that work for the router you use to connect to the internet, when NOT using DHCP on the WAN interface? 😛

well, that probably gets a little more tricky

Yup. And in both cases (UniFi gateway and Meraki router with static non-dhcp IP on wan) you need a little preconfiguration, but in both cases, only the gateway needs to be configured, the rest can be setup later.

I have no idea how Ubiquitys own cloud service works, though..

Anyway, it's almost 1am, I guess I better head of to bed. The kid will most likely wake me up in about 7 hours.

Ubiquiti used to offer a cloud hosted controller

There is a hosted option (Hostifi)

But as long as devices can access the /inform URL, it's fine

@ornate jungle Meraki after the license expires

you get a 30 day grace period, then it stops passing traffic

And only Meraki licensing can be accessed iirc lol

That's what you can expect from Cisco. 😉

Juniper(?) is doing a cloud offering

And it sorta does the same thing

It still passes traffic and such

But no config changes can be made until the licenses are renewed

That's one thing that makes UniFi attractive

No subscription/licenses, no cloud if you don't want it

https://blob.rocks/a0kxUujrjt.png 😄

No unifi gateway... 😛

pfSense

😄

https://blob.rocks/SPSYGZYYO8.png

Makes no sense to me. I need something that's silent, and performs well, as the only place to terminate my cable modem is the living room, and that's where the router must be as well.

Mine's just a desktop :P

It's quiet

@real glen Has a pfSense desktop in a small form factor PC

Some people use a thin client for pfSense

Well, I would need to buy something to run it on, and as such, I could just as well buy a router instead. 😉

Anyway, I'm out, need to get some sleep before the kid wakes up.

lol

👌

my pfsense

Congrats

It has to be power efficient

Is it?

@little schooner no. using desktops for routers is dumb

hey I'm a bit of a networking noob, but I was hoping to upgrade my internet to faster speeds, preferably 1-gig or so. I bought a router that advertises 1-gig wireless speeds, 5g, wifi 6, etc. but I'm still getting about the same speeds. What do I need to do?

Nothing because getting gigabit over wireless is damn near impossible in the real world unless you've got like 1 WiFi 6 device as the only wireless device on the whole network and no interference anywhere near you and the stars are in perfect alignment

either way, i'd like to get faster speeds at the least.

so would i need to get a faster modem or...

Well you need to first pay your ISP for faster speeds if you haven't already done so

If you're on the highest speed tier plan they offer then nothing you can do. Better modem/router/etc won't come into play until you're subscribed to a faster tier of service

Faster speeds is a relative term... Faster than what?

also 1 gig wireless is basically a marketing lie

Well, a gigabit combined, but last I checked, it's something like you cut bandwidth in half for every device you connect. So if first device gets 50 mbit, next device reduce speed for the entire network to 25, then 12,5 and so on.. I suppose multiple antennas and difference in timing etc has improved the figure, but I'd expect it to still be true that each additional device will reduce bandwidth for ALL devices on the network.

does anyone know how i can set up a webserver that just redirects to a different web server that on the local network

Nginx

@spare bay nah. I would be changing the DNS at that point

i have some trouble in portforwarding in a jio router

They said web server, not just a dns redirect

it's very easy to do a redirect with nginx, I have a similar thing with my two websites on my network, one domain is on the main server and it redirects the second domain to another server

I am confused between Asus RT-AX88U & Nighthawk AX8. Any suggestion guys?

But at that point why even point the second domain to a server it doesnt belong to

theres justifications for it, sure. but when you control both servers theres no reason

In your case you have both servers already.... in Kringe case they want to spin up a second server just to redirect? Nahhhh

because you can only have one port 80/443 forward?

@waxen scroll better bring out the NAT artillery

I saw some ssh attacks trying to use credentials like admin/admin, root/Calvin, user/password123

None of which are interesting but I was hoping to see something more exotic

Nope most of the attacks look the same

😄 What the fuck. Lawrence posted a video on the CenturyLink incident and showed this website that shows how everything is connected to Level 3, from that I can see a local smaller ISP is using one of the ISPs in my town. I have a 400Mbps line for $90, this smaller ISP which uses them sells a 5Mbps for $120! xD How do I get in on this business!?

they probably have to manage the lines and thats a money sink

If you are going to bother explaining what went wrong, you better have an understanding of BGP, which Lawrence did not have. Nothing against the guy but his interpretation was wrong

So what's the real on what happened? Intern pulled some RAM on a running server? 😄

We don't know for sure yet, CF releases a theory on what happened which Lawrence was reading. It was related to BGP flowspec which was confirmed but his statements on how it was caused was wrong

Flowspec is just a way to automate specific ACLs/firewall filters by advertising them in BGP. No routes were injected

@hollow marlin ive never seen flowspec used

muh non-ISP

i dont listen to lawrence but i know of him. looks like LTT

@clear igloo free esxi isnt licensed to run acisim 😦

it needs more resources than allowed

RIP

Woooooh, Threadripper is up and running, with an RTX quadro 4000 and AMD 5700XT

https://twitter.com/coriplusplus/status/1300502910728654849

What should I look out for when buying a third party router?

@nova sierra What do you mean by third party?

You mean smth else than the one your ISP provided right?

@clear igloo i love how marketing is like GAMINGGGGG

gaming works fine on 5 mbit

Wi-Fi 6 is the latest spec for Wi-Fi. There are new minor specs for Bluetooth that exist (5.1/5.2) but they aren't really significantly different in ways relevant to your use case. 5.0 is great.

Wifi 6e is the same but it supports the 6Ghz band

Only better if you actually are going to use the 6ghz band

as for bluetooth, 5.0 is better than 4.0 because of low power BT but there isn't much difference between 5.0 and 5.2

Make sure your internet speeds make it relivant

and you actually have or will have wifi 6 devices

Idk if any product does. Is 5Ghz not enough?

Just because a standard exists doesn't mean it has been implemented into devices yet

If you use the 6Ghz band and you have internet speeds to support it, maybe 600mbp/s?

but the range is slightly worse

Higher Ghz band = faster but less range

might as well use ethernet for most devices

450mbp/s of 5Ghz should be enough

antenna and router quality and the thickness of walls are all going to be relivant

mbps

If you don't need to stream 8k to multiple devices that cannot use ethernet and yet are close to the router whilst having insanely fast internet, I'd say don't bother with 6E if it costs any more.

Nope

I don't know if Wi-Fi 6e is even implemented in any pcie card

If you really want the best speed, latency and reliability use Ethernet if you have a desktop.

Make sure the cable is at least cat5e for 1gbps speeds or a better cable if your motherboard and internet can use the extra bandwidth.

Im fine with wifi 6 no e

6ghz is less range

💁

What im waiting for is power over wireless that has no compromises

wireless ac outlet

wireless 300W power

oh you

we have that

its called a tesla coil

@waxen scroll now to translate that into home use for any electronics

Anyone can offer some of their precious time for some advice? I just moved into a new apartment and I was going to set up a new internet account and my new landlord told me we could hook up to his. He has relatively fast internet. He said he only uses it for business and netflix on his tv. I am about 50 feet from his modem/router and there is two walls and a hallway inbetween. I tried an extender and it works great, when it works, sometimes it drops speeds down to 20mbps but for the majority of the time it is 200-250 mbps download. I was looking into either a MoCa adapter or powerline adapter. Of course the best solution would be a straight ethernet connection but that is my last option.