#networking

@hollow marlin I know you probably have, but has anyone else seen an entire data center due from broken STP?

@topaz quarry the device will assign and address for every different RA type. With multiple matching RA, it will choose the higher preference RA for routing purposes. High, medium, low

lol does that not blow up

@thorny vector oh yeah it's definitely a thing. Thats why the defaco design is moving towards L3/VXLAN

Is PiVPN good

idk what are you installing it on

raspberry pi, I don't actually have it but I wanted to know if it was good so that I could purchase it in the future

wireguard

is better

actually

piVPN is just an installer

it says that PiVPN supports wireguard

do you have a web ui management tool for wg?

because managing wg is such a pita

it supports openvpn, wireguard

no, I don't have web ui tool

@hollow marlin why is that when i ask for an ipv6 prefix i get a different prefix based on if i incorporate the interface DUID or not

does this mean if i give different VMs running a routing OS the same NIC mac address they will receive the same prefix?

DUID is a randomizer for IPv6 privacy. Theoretically with SLAAC in base v6 you can travel around the world and will always have the same last 48bits. So they added a mechanism to randomize it

When it comes to virtual and how the address is handle I am not quite sure. Never tried it

so is the DUID unique to the instance of routerOS

but in theory if present the same hardware to my ISP it will always get the same prefix?

Its unique on the client end, just the last 64 bits. You will still get the same prefix

ah

@waxen scroll why is it that states can get away with having poorly running servers for an agency that 2 million+ people depend on? Half of the time I visit a motor vehicle site, it says that I was placed into a waiting room due to high demand. Then it refreshes and says "the site is unavailable due to high demand. Check back tomorrow"

i'm curious as to why the prefix is changing though

@little schooner lmao

lol dmv

Run a PCAP on the WAN in the tik. You'll see the lifetime in the RA. It can change depending how they have it setup

I've heard of ones with business hours. The site shuts down

oh they do that here too. its only open during regular business hours

it doesnt make sense. computers dont need the break

they love working with numbers.

I get annoyed that maintenance is even an excuse anymore. Put the servers with the new code online and take the old ones that you want to update off the load balancer

yeah they should do that

some service discovery tools do that automatically

like if you're using envoy

just turn off the NIC on the server, or put it ins a disabled state

and update the code base

heh and its not like they dont have the money to find the right people to do it correctly

re-introduce it later

@topaz quarry i see

having someone manually go around turnings stuff off and on is time consuming

you can literally have a CI/CD loop where k8s takes the service offline, updates it and re-introduces it

so when you do git push

it all happens automatically

Government on IIS

IIS isn't real

Every job I've had they used it lol

it's not real

la la la la la laaa

IIS is a bane to my existence

Should I get a WiFi Booster, Repeater or extender?

no

all the same thing

and no

what

what waht hwat

what do i get

well depends on your purpose and the environment (like can you run cables)

so if I'm doing key bases AUTH keep in mind I'm using C should i make strings that hold an array of characters to work as a token & compare the 2 strings as a way allowing more code to run?

this is just a scetch I made

im not using strncpy rn

yes cause its only allows a certain amount of bytes to be used

do you understand what im asking

:/

How is it related to Networking?

he'll probably said he uses "networking" for auth

On the subject of networking I wonder, who exactly is the Networking guru for LMG, LS himself, or someone else?

LS?

Are fr

Considering they have a flat network no one

Or all of them.

Schrodinger's network

Hello. I'm having an issue with my selfhosting

Aren't we all

Ok.... Well, I'm trying to host things, like webpages and Minecraft servers on my computer

I'm able to join via localhost and through my internal network IP, but not from my external IP

Do you know port forwarding

Works on my phone, which is connected to the same network

Yes, I set up port forwarding

Can you show us

I hid the external IP for obvious reasons

But I used whatismyip.com to get my external IP

what's the port of minecraft

25565, but this is for my webpage

and you only have 1 rule for port forwarding?

oh nice

Minecraft also doesn't work

If I set up 25565

can you show all of the rules lel

If I set up 25565
go on

What's with the lel

a good lel

Currently I have just these rules set up

Top one for my page, and the other for Minecraft

do you know if your ISP actually allows such ports

192.168.0.107 is the current IP address of the server?

It used to work before though

192.168.0.107 is my local internal IP, it can only define my device on my network, but not from the other parts of Internet

Look at the public IP on your router, is it different than what whatsmyip say?

It all used to work, and I don't know what settings might have triggered this to malfunction

It is not different at all

whatismyip says that it is ||1.2.3.4, Hidden for obvious reasons|| and the IP that I set in the external IP is ||1.2.3.4||

Im saying look at the IP your router is leased. Not what is set in the rules

How do I check that? What name would it go by?

Typically under WAN

I can't find it

What model router?

Technicolor DPC3848V

At the top, network > WAN

Maybe under admin. It's there somewhere

This is in Admin

Oh I didn't see the whole photos on mobile. What's under status

What's under gateway

Yeah its there under ipv4 address. Compare the to the ip you were seeing with whatsmyip

Now this is annoying...

Is that the site?

If so just Google what's my ip and it will show it at the top

It's the same

Ok, just making sure you're not behind CGNAT

well, idk what is happening

I'm getting a "Timed Out" error when I try connecting

It's also good to note I've checked if I tried with a different port or none at all and it gives me a "Refused to connect" error instead

Also, if I disabled my port, it gave me the "Refused to connect"

are you running the server on your machine or do you have a dedicated machine for the server -- either way check your firewall settings.

The thing that is getting me is... It was working before, but now it doesn't...

I'm using my own laptop to run it

It used to work completely fine before

I mean you might not have static IP soo

I had the same IP for a while

How can I possibly fix this?

so you checked if your IP is the same or different

I asked about that earlier. They confirmed the server was running on 192.168.0.107

I mean the external

I can access it from my phone, that is connected to the same network, but my friend that ISN'T connected to the same network, can't access it

Plus I can't access it if I typed the IP from my computer

Your router might not have hairpin NAT, which would explain why you can’t access it internally using the external IP

@hollow marlin do you have any clue what's the difference between listen to interface on OpnSense/Pfsense

and a dhcpv6 client on RouterOS?

I think something just clicked

Maybe there wasn't a problem in the first place...

But I guess my friend I CAN connect to that exact IP, but devices on my own network can't...

Now that raises more questions than answers, but hey, if it works, I'm not ever gonna complain ever again

@topaz quarry no clue on *sense. Its been years since I touched it and that was well before what I know now

if you exposed it using a public IP with a DNS record. then you need NAT reflection

so your router can figure out that it's not actually outside your network

Your router might not have hairpin NAT, which would explain why you can’t access it internally using the external IP
@waxen saddle Maybe that might be it...

that may be what Corewyn referrs to as hairpin NAT

Yep. Same thing.

so find the thing for Full NAT reflection

and you can access it internally

or maintain two DNS records

one for public ip infastructure

and one for your infastructure

Well, I don't care... If I can access it, I'll take it

good stuff

I meant if others can access it.

Basically, you are routing your internal connection through the router, which isn’t ideal. Recommend using internal IP on your LAN and external IP for others. If you have control over local DNS, you can point your dynamic dns name to the IP of your LAN server and you can use the same URL internal and externally and it will be efficient.

yea mainting two DNS records is the least dumb thing to do

like with pihole or adguard home or something

But anyway, thanks to everyone who assisted me. But to everyone, have a good day or evening

and then cloudflare or whatever for public ip stuff

yup, have a good one

I somehow have two IP addresses on one device

Running ubuntu server

how do I get rid of the second connection

I just want one

fixed it

It's because I made a 01-netcgf.yaml but forgot to turn off DHCP on the original 50-cloud-init.yaml

I mean I can make 254, more if I want to configure it so

idk

Well I fixed it but there was 2

You can have many, I don't know if there's even a limit

No more question, I said I fixed it

well now I just look like I'm talking to myself

anyone experienced with ubuntu server network setup here ??

just shoot your question

idk if anyone here is experienced with networking

so during installation , i have my mobile hotspot turned on and i have a usb wifi adapter plugged into the pc. It detects the adapter but there are no options to connect it to my hotspot

how do i do that ??

You don’t use USB WiFi adapters

It’s up to the OEM of that USB WiFi adapter to upstream patches to the Linux kernel

Or provide you with a driver

Neither has happened apparently

so i dont have a ethernet connection for some time

what are my other options @topaz quarry

Buy an AP, put it in client mode

And create an Ethernet connection

It’s essentially a wireless bridge

If you have available PCI-e slots

Get a PCI-e WiFi adapter

Or find a USB WiFi adapter that has Linux support either through the kernel or through independent drivers

I can’t help you with the last one

can i share my internet from this pc to that via ethernet ??

The answer is yes and no

It is technically possible

Or find a USB WiFi adapter that has Linux support either through the kernel or through independent drivers
@topaz quarry I had used it with kali and it did work without any drivers

It is technically possible
@topaz quarry how

But you’ll end up creating problems

You’re basically going to turn your computer into a router

Undoing it is very annoying

But you’ll end up creating problems
i will use the usb adapter by configuring the proper drivers once the image gets installed

i guess i have to wait for ethernet then

what computer are you using that doesn't have built in wifi?

what computer are you using that doesn't have built in wifi?
its an old pc so i am turning it into a home server

Literally any??

Wifi is a premium feature on mobos lol

wdym premium

my mobo have wifi

premium wifi

if you have rgb wifi, that might make sense

My motherboard had Rgb wifi 6 xxl hardcore extra fast

Best home router is a mini-atx case , R5 1600x , 16GB DDR4 , 512GB NVME SSD , Quad 10Gbit port PCIE card, and a Wifi 6 card with at least 6 Antennas
Load this with RouterOS and a L6 License and you have a very cabable network device

it should be a threadripper 3950x
@unborn sluice 😅

Maybe a big Navi with it's more open compute architecture could work very well instead of dedicated NP's

nah, dedicated hardware is the best

with hardware chips

with hardware chips
@peak cloak Given the massive computing power if rumors are to be believed it should at least equal an entry level firewall with NP's if there is low overhead with the new IO fabric

Hello

I needed some help

Any network expert online?

don't ask to ask; just ask

😂

My ISP is providing a shared connection, that is the public IP isn't directly assigned to the router, an internal server assigns the ip. If I want to configure port forwarding in such a case what can I do

so they are doing CGNAT?

Yup I think

yeah, can't port forward

you would need a tunnel

like a vpn

to like a "gateway"

Ip assigned to my router

This is my public ip

to like a "gateway" can you elaborate
@peak cloak

Anyone??

Try running a traceroute

Yes, you have a 100.64.x.x/10 IP, you're on CG-NAT 100%

Do they really nat to a public ip class? I thought they would do that to something like 10.x.x.x

Yup, 100.64.0.0/10 is reserved for CG-NAT

Ah, I see

Good to know, thanks

@clear igloo TIL.

Good ol' brown fans save the day again

No more jet engine s whirring through the room

Yes, you have a 100.64.x.x/10 IP, you're on CG-NAT 100%
@clear igloo

Yup, so by any means I can do port forwarding?

You cannot @rose sparrow

Well, maybe, let me ask, what are you trying to port forward?

😟

Well, maybe, let me ask, what are you trying to port forward?
@clear igloo
VPN

Ah, I was going to say you could setup a server/VM somewhere and then tunnel from your home to the server and then access the server remotely

I was planning on ftp, rdp and ssh

But then I thought I can just make a open vpn connection

I hope you mean FTP and RDP after VPNed in

Yup

Yah, you could possibly setup an tunnel to a remote server and then when you need to access your local network you VPN to the server and it tunnels back home

It's a good bit of work and has some recurring costs though

AWS?

Probably, yah

Oh I see

It's not 100% guaranteed to work though but it's always worth a shot if you really need to

I have Raspberry Pi running 24/7 can I do something with it

you could do pihole

In case anything messes up the tunnel from home to the server with CG-NAT in the mix, it shouldn't but you never know

you could do pihole
@unborn sluice
I have already done that

Yea, you never know but I haven't had problems in mine

I have Raspberry Pi running 24/7 can I do something with it
@rose sparrow You'd have to use that to tunnel to somewhere not behind CGNAT like a VM on AWS or something

Oh I get it now

You're basically setting up what's known as a site-to-site connection and then you use the remote site (ie AWS or something) as your VPN point for your phone or whatever when not at home

I think better option will be to switch the ISP itself

put down 2 bucks/month

for a VPS

set up a site 2 site, easily

Yah, if your current ISP is doing CG-NAT I'd say there is a good chance the others in your area are too

@tame carbon which vps is 2 bucks

linode is 5

spill it

i'll use it rn

ISP should just ipv6 already

@unborn sluice https://aws.amazon.com/ec2/instance-types/

those CPU credits is a bit of a tricky thing

your core is shared with others

The CPU credits used depends on CPU utilization. The following scenarios all use one CPU credit:

One vCPU at 100% utilization for one minute

One vCPU at 50% utilization for two minutes

Two vCPUs at 25% utilization for two minutes

ah yikes amazon

but do they actually have $2

yep

and its free, if you sign up as a new user

for 1 year

that doesn't count

if you dont want to be limited by their stupid vCore crap

get a linode or DO box

even t3.nano the lowest is around 4 box

wdym linode is also shared

yeah but you can push 100% cpu at all times

cores arent shared

amazon is selling you vCores here

so the micro vm

you have a baseline of 10%

so your average cpu is at most 10%

if you use less, you build up credits

which you can use briefly to 'burst' to more than 10%

that's the T class

yes

which is why they so cheap

but for a CG-natted internet connection as a site2site

its totally reasonable

dont need that much cpu

since the encryption can still be hardware offloaded

since its x86

Yah, if your current ISP is doing CG-NAT I'd say there is a good chance the others in your area are too
@clear igloo
Actually the service provided by our government isp is unCGNATed but it's too slow. I was thinking if I could use a load balance router for that purpose

how slow is it?

and what service do you want to run?

how slow is it?
@peak cloak

It advertise 8mbps for 10usd but I barely get 3mbps cuz it's running on old ass telephone lines which are present since 1990

hmm, yeah. I don't think you would be able to run anything stably on that

Yup

and what service do you want to run?
@peak cloak
Can you please read the old messages cuz it's a pretty long story

oh I see

maybe ssh could work

Yup only ssh will

But if I could use a load balance router?

By any means??

yeah I think it could work

need someone to help me get the best ping out of my router XD

like need help with all the settings and stuff

what settings?

qos?

@peak cloak like normal settings

you can't magically increase your ping

once it's out of your router, it's all up to the ISP

idk I feel like my internet in general is bottlenecked somehow

then test directly from the modem/ONT

I have 0 understanding of networking tbh

what's your ISP

How are you connected from your PC? Are you wired? Wireless?

^ first question I should have asked tbh

via magic?

are you using your tongue to physically connect the devices?

Magic can have different latencies 😛

@clear igloo pc with lan

@peak cloak im not from the usa so u prob wont even know my isp

XD

if you're connected to the ISP assigned box

with ethernet

that's like all you can do

@topaz quarry but im getting like 100 ping

on good days

lmao

to close by servers

like my ping is about 60 to my isp

run a traceroute

how ?

to the game servers

do I do that

on windows: tracert <server ip here>

as I have said 0 understanding when it comes to networking

so like tracert 1.1.1.1

still dont get it

gimme steps to do

XD

you know command prompt

yep

well input that

we can start off with 1.1.1.1

it's pinging 172

once it's done show the output

got some packet loss as well

can we switch to dms ?

it's saying request timed out? well that doesn't mean packet loss nessicarly

sure

hey can someone help me, im setting up a steam cache but my docker is always saying "Restarting"

you can have a 5ms ping to your ISP's datacenter

and a 100ms ping to the game server

the game is not hosted at your ISP's datacenter

you need to provide more info than restarting for us to figure it out

provide logs

@thick minnow check logs

i have

steam cache is outdated

installing lancache now

Dotty, do you have it installed on Ubuntu?

its 11 pm here so im heading to bed im going to attempt again tomorrow ill keep you updated

docker logs steam-cache

If it's restarting, then you've got it set to come up in an auto-restart mode and it's terminating for some reason.

so now that I'm out of game: so a couple of things that you should check, I can't tell if you've configured them: Whether those containers have been given networking privs/config to be able to talk to each other, for one, are they exposed to the host machine, because you have no ports open - but as I said, if they're constantly restarting, somehting is killing or causing the process to finish.

I had the restart problem because Ubuntu runs a DNS server on port 53 and the container couldn’t start.

is there a decent workaround for openvpn on the UDM pro?

yes

run openvpn/wg in a docker host/vm host and port forward to it

seperating your control plane and your data plane will cause you less pain later

more plane less pain

like have a separate wifi network setup

to just portforward

to that host?

my goal is to be able to connect wireless devices to etiher US based IP or local based IP

for streaming

you want an openvpn server to vpn into your network yes?

or do you want to do it the other way around

other way

then setup a docker/vm to act as an OpenVPN client

and set that as your default gateway

instead of your router

the docker/vm host will still use the router, it will just encapsulate it over the tunnel

can i do that for only specific traffic? like whichever devices are on certain networks?

yes you can use VLANs

if you have ubnt

i have a udmp

then just associate different SSIDs with different vlans

make 777 or 888 your lucky vpn tunnel vlan id

to tunnel over to other region

and leave your default lan for everything else

What's a decent gigabit wifi router that I can buy used? I had mine bugging out or something once in a while, lost WIFI across all devices, but LAN (only one device using it) kept working. So I then set it up to auto reboot at night (DD-WRT), but it's still doing it. It's not very often, but when it does it's inconvenient.

You are a power user and want a bit more freedom?

Get a hap ac3

@south blade

Any one here have the new UniFi WiFi 6 devices and have any suggestions on optimal settings?

I don't think that exists

Yep it's not even in the product page. Sorry bro you got some china ripoff

@rocky badge y so quiet

So you made a mistake. No reason to run away

@hollow marlin I can't get through to him

Blob where you at

@waxen scroll Unifi 6 exists...

It's in early access so you wouldn't see it unless you had a UBNT account

I have a ubnt account

Then you don't have early access then ig

But it exists lol

https://store.ui.com/collections/early-access/products/unifi-6-mesh-beta

Does anyone think this idea could be stupid?

2 routers in one modem connection. That was my whole plan originally, too stupid?

How about one router and a mesh

Set up different point in your house with a mesh

What would be a good mesh you can recommend me with?

Google

Google Nest...?

jk

Ahh Tp Link

Asus

I was gonna say didn't Google just discontinue their Nest line up of products? Lol

as in google for your area we have no idea where you live.

I live in the central valley of California, so my ISP is Comcast/Xfinity.

area/region

How do you mean?

does comcast have fiber?

Comcast does now.

engenius look them up

But in my area, I'd have to consult Xfinity first.

I believe I can get 10G from them, according to a sales rep since I would be the first one to get fiber connection in the region I'm in.

At what cost tho

I was originally going to upgrade from my Linksys router to the Xfi system, where Xfinity would provide you whole home coverage -- but their repeaters were said to not be as good as expected.

https://www.youtube.com/watch?v=4G2g7Txgzgw watch that. :p

(Hence the unlimited data offer they have, Xfinity just started issuing data caps at 1.25TB, after that you have to pay $20/50GB -- which is stupid, thanks to FCC.

And alright, thanks @primal ice -- I'll check that out right now.

Anyone knows how Carrier Aggrestion works in 4g? My isp supports bands 3,7,20 even tho b7 doesnt work for some reasons

Random website says i can CA on 3,20

Those bands individually work but they never CA

hello anyone have exprience with 5g Router?

is the HUAWEI 5G CPE Pro 2 anygood?

dunno

but id expect them to be pretty similar to 4G modems except 5G vs 4G

my internet provider offered me an add-on service to my existing 6mbps service
with 7us a month they will provide a unlimited 5G with HUAWEI 5G CPE Pro 2

@whole trout is that per day?

that is so passive aggressive lol

any good 4g/5g router recommendations?

Aren't 4g/5g routers generally work just like hotspots?

there are home 5G router

https://consumer.huawei.com/en/routers/5g-cpe-pro-2/

do you want a 5G modem?

or like

what is it that you want exactly?

just want to know if its stable for something like gaming/torrent./etc

if what's stable for what?

are you asking about the random huawei thing?

can the router handle multiple use + torrent

are you getting a FIOS 4G/5G plan or something?

if you want cheap stuff that works just get mikrotik stuff

i wouldn't trust huawei equipment with a ten foot pole

it's a single unit with roughly no feasible way of cooling and I assume you're going to have the clients in multiple rooms. So the answer is probably no

ok thanks
stability is crucial as we do real time stock trades at home.
f the huawei

my home is using two 6mbps lines, n can use some upgrades though lol

your answers are ubitiquiti or mikrotik for reliable cheap home networking

if you want low latency you sincerely need to setup a mesh network or just rig everything in a wired fashion

already has linksys mesh

oh in my experience linksys is pretty bad

considering cisco basically uses it as their trash brand

is it working out for you?

no problems so far

just need more download speed

don't run multiple wifi networks in your home unless you know what you're doing

you'll end up making them fight each other

@serene ridge 1.2TB/month

@topaz quarry Cisco hasn't owned Linksys in years

Belkin owns them, I think they were sold in like 2011 or so

@brittle estuary Huawei 4g and 5g modems are absolutely garbage i have first hand experience. They're adequate until you use it for like 30 seconds and then the speeds drop by 80%. Will prove it later on if you don't believe me 😂

@toxic citrus is there a 5G router that’s doesn’t speed drops?

1.2TB/month is a lot

we use IPTV, and even that doesnt use so much

what happens if you go over 1.2?

this is just fair use policy what they are running

so generally, they are lenient, 1.2TB is not bad. I get 1-2TB of monthly transfer on a $5 VPS in a datacenter

rarely gets to the limit

@toxic citrus is there a 5G router that’s doesn’t speed drops?
@brittle estuary no idea but definitely wouldn't be a Huawei because they're awful lmao

5G will suffer from environmental effects

so lightning storms, interference from other 5G communication, as well as rain and objects

but its way faster than 4G, and scales better

line of sight to the tower, is preffered

gets you good signal

thats why those boxes are often installed on the roof

apparently in the last 12 days (how long the router has been up) I've used 158GB ~13GB a day and I haven't been gaming. thats just youtube and netflix and discord. meh.

well

you got 40GB/day

on average

https://i.imgur.com/ja5TwO9.png

https://i.imgur.com/u20dS7I.png

is there a usb dongle that has both Wifi ac n bluetooth 5.0?

or should i jus get them separately
Asus usb-ac53nano
Asus usb-bt500

go with pcie wifi

basic question, if you directly connect two machines, does it use an inbuilt DHCP server to assign IPs? And also, can they instantly communicate with eachother or should there be some more setup required?

wdym directly connect

you mean without a switch of some kind?

@cedar igloo if you plug two computers directly to one another, you'll have to use static addressing

since theres no dhcp

You could use the APIPA address if you just need to talk between them only. Just look at the 169.254.x.x address on both and they'll be able to reach each other

Could always configure a DHCP server on one of the boxes, but that's really, really unnecessary work for something like that

just use a switch + static ip

Use the KISS method. Just APIPA and done

You really don't need a switch

As long as the NICs are relatively recent (Auto MDI-X is an optional but in practice pretty much always there part of 1000BASE-T spec) you don't need any cross cable tomfoolery either

I've not had the need for a crossover cable in literally 15 years

pretty much all modern ethernet interfaces have support for this out of the box

I needed to use a crossover cable once
It was in class a few years ago & we had to put together some old Cisco gear

People still very regularly claim that no no no you need a crossover cable to put together two PCs

We have some legacy voice gear that is legit 19 years old that supports auto-mdi-x. Its really not a problem anymore

used to just hook laptops together

to play age of empires when we had no internet

or command & conquer: generals

good old days

missing lan parties

Now you have WAN parties

VXLAN parties?

Yus!

You guys wouldn't happen to have any literature recommendations on learning SQL?

Just learn SQL without literature

@unborn sluice literature for learning SQL is actually the best place to learn it

because ANSI sql is pretty much what works on all systems

I actually don't know whatd you mean by literature for learning SQL

is that a website or something

a book

I got one here, some 400 pages lol

but its in my own native tongue

gotcha

you can understand sql better if you know how the engine will use your query

how to optimize indices

and set up constraints properly

i learned oracle

sql server is actually the easiest if you want to do ANSI sql

it adheres to the standard quite well

No Starch Press has a SQL book out but they cover stuff through the perspective of PostgreSQL.
I think I'd probably benefit most from MySQL/MariaDB focused content

@dire flare nah

PostgreSQL is actually quite ok

just learn any SQL

but I wouldn't learn on mysql

you just need to start somewhere

whatever the first engine

I was taught with SQL Server

I use mysql only for hobby projects

I was thought Oracle but we used Mysql (mariadb)

cause php

I've used oracle before

that stuff is complicated

yea

real complicated

cus you have to make SEQUENCE for everything

but I learned how to deploy the shttest to work

and bunch of other mappings

@dire flare choose your poision

TSQL or PSQL

@dire flare mysql lacks some of the constraint features, CHECK constraints do not work

though MariaDB addresses these issues

I still prefer other engines for it instead

just save your data into text files

or .csv for that matter

ew

at least you can use XPath with XML

I kinda considered XML as config files

not data

so clunky to use as data

though , yes html

html is not xml

i mean markup as general

I use .properties

xD

html is not xml
xhtml doesn't exist

and json for more advanced configuration

just create object output stream then yeet them into whatever

most of the message passing I've built with pubsub

is just json yeeting back and forth

main reason why I prefer using xml, has to do with JAXB

yea I agree

I use GSON to pass java objects over whatever

I thank google for such a useful library

dont need gson

gson is bad

I only use it for parsing json that I dont know the structure of

https://www.eclipse.org/eclipselink/#moxy

This is my preffered lib for handling json with xml

This allows you to use jaxb bindings for json

I still remember jackson

there's loads of libs

but moxy is easiest to use

PTSD when converting json to/from object using jackson

I have it as a standalone jaxb context

and it also works with Jersey

the rest framework I use

so you can just send headers to the server Accept: application/json

and it gives you json

and application/xml for xml

I have no problems with connection whatsoever, it's just how to handle the conversion

I like python can do such with less insane ways

meh, lemme find a context provider for moxy

though i'd say the python way is the sane way

its not that much code

I mean sure, you can code it in whatever

nah but to get moxy going

to tap into jaxb

public class DiaxJsonContext {

    private static final String PACKAGE = "me.diax.srv.stubs";
    private static final String MEDIA_TYPE = "application/json";
    private static DiaxJsonContext context;

    private final Marshaller marshaller;
    private final Unmarshaller unmarshaller;

    /**
     * Creates a new context based on the given package
     *
     * @param packageName the package where to look for models
     */
    private DiaxJsonContext(String packageName) {
        try {
            Reflections reflections = new Reflections(packageName);
            Set<Class<?>> types = reflections.getTypesAnnotatedWith(XmlRootElement.class);
            JAXBContext context = JAXBContext.newInstance(types.toArray(new Class[types.size()]));

            unmarshaller = context.createUnmarshaller();
            unmarshaller.setProperty("eclipselink.media-type", MEDIA_TYPE);
            unmarshaller.setProperty("eclipselink.json.include-root", false);

            marshaller = context.createMarshaller();
            marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
            marshaller.setProperty("eclipselink.media-type", MEDIA_TYPE);
            marshaller.setProperty("eclipselink.json.include-root", false);
        } catch (JAXBException e) {
            throw new RuntimeException("failed to initialize context", e);
        }
    }
...

}

@unborn sluice ^ this is pretty much all you set

too many

imagine if you could do parse it in 1-2 lines

oh wait

python

yeah

but this is the minimal amount of code to use json with xml classes

@Getter
@Setter
@ToString(callSuper = true)
@NoArgsConstructor
@XmlRootElement(name = "profile")
@XmlAccessorType(XmlAccessType.FIELD)
public class Profile extends IdentifiableModel implements Serializable {
    private static final long serialVersionUID = -7330255948705861599L;

    private Long discordId;
    private long xp;
    private long balance;
}

Gotta love the number of annotations

yeah xD

its either that

For such cases I'd rather have a function already

or a bunch of boilerplate code

feels like annotation is abused

wat

the first 4 annotations

are not even jaxb

https://projectlombok.org/

Yea, that's why I want to have functions max 3

@Getter just generates getters for all the fields

its just compiler sugar

@unborn sluice these are just models

data containers

that can be turned into xml, json or serialized into binary

python is not type safe, and so you don't need this

but java, you kinda need some binding to program against

otherwise you'll be forced to have string references everywhere

which is not checked compiletime

🤔

Typesafety is nice, but my usage are usually automation

so python is

@unborn sluice craziest beast I've built... was probably a script host

wrote a program that was ment to do health-checks on server instances

the healthchecks themselves however, had to be flexible

never done that before

cause prometheus suits me good

yeah, these people used zabbix

and had their own collection agent

but it was a hardcoded piece of junk

that had to be recompiled everytime they wanted a change

we also have a system to collec these alerts

written in java

yeah I rewrote it

so that's why I got the json to java objects nightmare

made a js scriptable environment

with context to java objects

I'll want to rewrite this in python

some of the libraries they used to talk to the backend systems, were java only

so you had the individual tests, in a directory in /etc

and the script engine would load these at a set interval

and execute them

the script host provided the urls and configuration properties to the scripts with its own object

using the other configs from /etc

it's time you migrate them away from java

var host = properties.get("commserver.cli.host");
var port = parseInt(properties.get("commserver.cli.port"));
var user = properties.get("commserver.cli.user");
var pass = properties.get("commserver.cli.pass");

var logger = new Logger();
var context = new CliClientContext(host, port, user, pass);
var client = null;

var success = false;

try {
    client = new CliClient(context);
    client.connect();

    var resp = new DefaultCliResponse();
    client.doRequest(new CliRequest("PING"), resp);

    var responseList = resp.getResponseText();
    if (responseList.size() === 1) {
        success = (responseList.get(0) === "PONG");
    }
} catch (e) {
    success = false;
} finally {
    if (client !== null) {
        client.close();
    }
}

zabbix.set("backend.commserver.cli", success);

@unborn sluice I mean, as a script host, being able to do service testing like so

there's util commands like cmd()

for shell commands

this is javascript sandboxed in a java vm :)

sadly, oracle has deprecated this now

https://i.imgur.com/woJygVw.png

file structure is at least interesting ;)

this is javascript sandboxed in a java vm :)
good thing some people implemented js in java

(iirc)

thats the NashhornLoader for me

it sets up an environment

wrote that myself

after experimenting with the jjs engine

final class NashornLoader {

    private static final List<String> PRE = Arrays.asList(
            "load(__LIB__ + 'init.js');",
            "imports = new JavaImporter(java.util, java.io, java.lang);",
            "(function () {",
            "    with (imports) {",
            "//BEGIN SCRIPT"
    );

    private static final List<String> POST = Arrays.asList(
            "//END SCRIPT",
            "    }",
            "})();"
    );

    /**
     * Wraps the given code with the environment code
     *
     * @param code the code
     * @return the wrapped code
     */
    static String prepare(String code) {
        StringBuilder sb = new StringBuilder();
        for (String s : PRE) {
            sb.append(s);
            sb.append("\n");
        }
        sb.append(code);
        for (String s : POST) {
            sb.append(s);
            sb.append("\n");
        }
        return sb.toString();
    }

    /**
     * Gets the linecount to account for corrections
     *
     * @return the linecount
     */
    static int getLineCorrection() {
        return PRE.size();
    }
}

all this did

is inject your code into a context

with some of the lib stuff xD

    /**
     * Executes a script
     *
     * @param script the script
     * @param bind   the object bindings
     * @throws ScriptException if script execution failed
     */
    void execute(Script script, Map<String, Object> bind) throws ScriptException {
        ScriptEngine engine = new ScriptEngineManager().getEngineByName(script.getEngine());
        try {
            for (Map.Entry<String, Object> entry : bind.entrySet()) {
                engine.put(entry.getKey(), entry.getValue());
            }
            logger.debug("=== Script Execution ===");
            logger.debug("Script: " + script.getName());
            logger.debug("Engine: " + script.getEngine());
            logger.debug("Bindings: {");
            for (Map.Entry<String, Object> binding : engine.getBindings(ScriptContext.ENGINE_SCOPE).entrySet()) {
                logger.debug("    " + binding.getKey() + " -> " + binding.getValue().toString());
            }
            logger.debug("}");
            registerEnvironment(engine, script);
            engine.eval(script.getCode());
            logger.debug("=== Script Finished ===");
        } catch (javax.script.ScriptException e) {
            correctColumn(e, script);
            throw new ScriptException(e);
        }
    }

//init.js
load('nashorn:mozilla_compat.js');
load(__LIB__ + 'logger.js');
load(__LIB__ + 'utils.js');
load(__LIB__ + 'sql.js');

mozilla always

yep

then you pretty much got a good environment to work in

you can import java classes as prototypes

and make instances

and pretty much everything works

boy do I understand nothing

just like when I look at my old programming projects

@peak cloak I bodged a script engine into a daemon that supposed to do healthchecks on bunch of services on a customer environment

this was for a telemetry backend

for sewer and traffic management

over 300k tracked objects

a lot of the propietary libraries they had were java, so I needed be able to fall back onto those

so nashhorn was the only way to satisfy that requirement, as well as it being reconfigurable without recompilation

so the sysadmin dept could adjust things if need be

not every environment had the same test configuration and setup

boy does do I understand nothing
@peak cloak

me everyday

@unborn sluice the framework I built, was designed from the ground up, to support more than one scripting language

I just didnt spend any time implementing any

just nashhorn

Why reinvent the wheel

was only 60 hours

Look, these people sucked at planning, and during my 2 years working there

I was done on thursdays with all my assigned jobs

and just did some stuff on the side

and this was one of the nagging issues nobody wanted to tackle

but I managed to build an overengineered script host that was installed as a debian package alongside the main application as a systemd service

xD

took them couple hours to integrate

so they were quite pleased

Look, these people sucked at planning, and during my 2 years working there
why do I always hear these stories

their code was a mess too

I cleaned up a lot of things

seperated modules with pure interfaces and added DI

@unborn sluice they implemented the unix permission system with an enum

I asked them, and they told me it was faster this way

but you can just do bitwise operations with an AND

which is even faster

why do I always hear these stories
@unborn sluice Because as soon as people start being management/project planners, they lose all sense

sexy

probably just windows

use linux

no honestly idk

can't really

it's probably something with windows "querying" traffic or something, I don't know much about it

maybe QOS too

idk

https://cdn.discordapp.com/attachments/623265423533801483/769729734912901170/20201024_211102.jpg

F

Put a raspberry pi in a case the wrong way and I cracked it

I was so close to deploying pi-hole and grafana

Wowww

Muh samsung pro endurance

oh it could be worse..

it could have been my 128g version of that card

which was very much not $20

Who needs grafana? Its all about that splunk 👈

just dump everything into files

then read them

YYYYMMDDHHmmss.txt ez

You monster

@thorny vector you got splunk, kid. Real splunk.

I just had to type that out lol

who needs anything like that, its a home network

plug, go, stop worrying

you can just send your data with a curl shell command

to influx

Hello, anyone good with setting up an FTP server for external access... I am having a few issues connecting externally.

ISPs sometimes block FTP traffic

Use secure methods of file transfer

Well why do you need an ftp server. There may be better ways for what you want to do

@topaz quarry the workaround is use port 80

an ftp server on port 80

which is also blocked by some ISPs

is just straight up cancer

If the FTP server is just for downloading and no authentication is needed, FTP is fine. For anything else, you’ll want to set up a secure FTP server. Or check out another protocol entirely.

Anyone else in here content creators?

@next roost like what?

Weird flex

Everyone here is a content creator. By using discord and typing out a message, you created content

yeah i was gonna say that

decided not to be a smart ass

but since you started it

i create daily, get paid, and you're not allowed to see it.

the funny part is @clear igloo is allowed to see it

he has an NDA signed

😛

is just straight up cancer
@topaz quarry

Is it possible to convert an old router to work as a mesh or an access point?

If anyone has any idea, please do share. ^

Right, and wouldn’t matter what brand of router it is, right?

I wanted to make a TP-Link router as the main one and then the old Linksys router I had as an access point (or mesh).

If anyone knows, I’d really appreciate it if there’s a tutorial.

And yeah, it’s not even me who is taking on this project.

depends honestly

if you can disable NAT or it has an AP mode

or you flash an alternative firmware on it

like DD-WRT

Does disabling HDCP work? (According to the person taking on this project, yes it “could work” but I sort of doubt it. Any takers?)

HDCP?

you mean DHCP?

DHCP is one thing you need to disable

but you also want to turn off NAT

otherwise you will not have one network, but two instead

*DHCP, sorry yes.

well I have like 5, but in VLANS

So this all goes to two different SSID’s now, rather than one?

Idk this part

probobly having two will work

Well two networks, I just read that now.

well double-nat is

Can anyone show me how to do this?

(Private message me instead please?)

There's a lot of factors, there isn't ONE specific way

So does it vary in between brands or how does it go?

that's one thing, but also just network design

Got it.

Double NAT is not a good solution

But to XFinity tech, they said paraphrasing "because it was in bridge mode, it was preventing your modem from getting an internet from the line"

what does that sentence even mean

it sounds like when people just use big fancy words randomly

I know. This was at the dentist office

Prof asked me to get a modem selected out for the business to use and he got the right one from bestbuy. He proceeded to install it and the old XFinity unit was in routed mode. I listed the steps for him to switch it to bridge so the modem can get the signal and go to the router from there.

Some reason the XFinity unit locked up or something and instead of calling me he called XFinity tech in

And XFinity was telling him lies about the modem we were using and bridge mode junk

I was disappointed.

@waxen scroll Im about to try out an engenius access point in a few days to see if its more reliable than unifi flex HD. It's been acting a little weird on reboots

Yeah this isn’t anything with the set up I have, I have Xfinity but I don’t have their modem/router @little schooner

Even outright blocking wifi clients from connecting to it for 2 minutes after its up and running

old engenius was not reliable, i dont know about recent

Yeah I heard the old ones werent the best

Hoping this one will be different

wendel really likes the new ones

@whole trout what I'd like to do is use unraid to run a firewall/router like opsense and a Linux server on a low power mini pc box, replacing my Edgerouter

@primal ice thats good to hear

I still don't like the idea of a virtualized router for core applications, like being a core router for my home

@whole trout are you connecting the tp-link and linksys via ethernet or wifi?

@peak cloak what concerns do you have with it

@primal ice what do you recommend?

just reliability and also the fact that it doesn't have dedicated routing hardware, so it uses more power

@whole trout ethernet 100%

Do you think 10W is too much power

I mean if you have a dedicated low power box then that's fine

Yes it would be low powered like that. That's my goal

but like people running core routers on their r720's

1gbps is enough speed

yeah

yeah connect them with ethernet, turn the dhcp off on the linksys (turning it into an l3 switch basically) it should get its ip's from the tp-link and then set up your ssid's the same on both units. don;t use the wan port on the linksys to connect them. the vlans should be set up already for the wifi to just work. you may also want to set a static route for the linksys on the tp-link. this is basically what I have done to my buffalo router dhp1750 to make it an access point.

but, you are still double NATing

nope nat gets shut off by not using the wan port

oh yeah, I guess that would work

though you can also flash dd-wrt or what ever on it and then just bridge the wan to the other ports but that is just complicating things.

I never had to really work around issues with consumer routers, so I didn't think of that

is a cheap network card better than intergrated network on the motherboard?

I currently do 10mbps download, max 12mbps if everything but the download is closed

i wanna up the download by a bit.

Well, what are you paying for

From the isp

we are getting 110mbps download on 5ghz

and 10mbps upload on 5ghz

im not sure the price but its quite a bit expensive since its virgin media and virgin media is the fastest in uk

So you are probably paying for 100/10

Your pc is on wifi

its on ethernet

Oh

cat 6

theres a steam download going on rn and its saying 11mb/s

Comcast died on me so I guess I get paid not to work

@scenic void 11 MB/s or 11Mb/s

11MB/s

i believe MB is megabit?

and Mb megabyte?

so yeah

you are gettting max speed

11MB/s around 110Mb/s

it feels damn slow

ah

wow, my message had to be resent "ah"

if it feels slow, like when browsing the web then it could be DNS

https://www.speedtest.net/#

if speedtest says it's around 100, then it's fine

ookla i try every now and then, ill try it now with pausing all the downloads

107 download

and 9 upload

yeah

then it's fine

k

I guess only other thing is to get a higher speed package from isp.

but dont need it rn

@waxen scroll at work, I noticed that you don't want to say "I know how to fix that", because if you do, they will pass and assign you that responsibility for current and future occurrences forever

Strange, I'm now getting 4.2MB/s on this download

and discord messages are taking longer to send.

most likely it's on your ISP's end

I guess.

also, just for knowledge, What do dns' do?

so when you type google.com in the browser your computer needs to know what IP to go to. So it sends a DNS request to whatever DNS server that is configured (if it wasn't changed then it's most likely your ISP's DNS server and can be slower than other public one's) and asks for the ip. Then your computer will send an HTTP request to google's ip address

@little schooner if it's not related to your job, yeah. Don't say anything

Basically, if the DNS resolution is slow, your pages will take "longer" to load as your computer is waiting for the DNS server to provide an IP address

I'm using my ISP DNS.

https://www.grc.com/dns/benchmark.htm

that's a DNS benchmark

just opening that link drops my download to 2.8MB/s

is ipv4 better than ipv6? or the other way around

ipv6 is newer than ipv4

basically we have run out of ipv4 addresses

so ipv6 was created about 20 years ago

adoption has been slow tho

so basically, there is no need to NAT in ipv6

because there are so many addresses

and restores the original point-to-point idea of the internet

whats a subnet prefix length?

i am trying to change my preferred dns to the .8 one instead of the .4 since .8 is faster

why do you need a subnet prefix for DNS?

idk

are you changing it in windows?

mhm

or in your router

windows

you don't want to change IP settings

just DNS

ooooooooooooook

k

its on automatic dhcp for now, and its using ipv4

yeah, that's what expected

don't mess with that unless you know what you are doing

like if you want a static ip (even then I would use a static dhcp lease instead of manually configuring a static ip)

hm

my download is now on under 100KB/s

under 30KB/s

steam may have slowed down the download

now its 4MB

wheres the 12MB/s gone. lol, also this message took like 7 seconds to send

look at the drive data, steam is probably writing to disk

For mobile networks, GSM mode is the one that has best signal?

CDMA is pretty fast too. Verizon uses it

It has great coverage

ok, so I have a weird problem with DNS. dig on WSL reports that ubnt.presentmonkey.tech is 10.10.10.1 which is correct. However nslookup on windows reports ubnt.presentmonkey.tech is ubnt.presentmonkey.tech.trust.presentmonkey.tech and 69.123.176.255 which is my old public ip

I'm pretty sure this has something to do with the DHCP domain which for trusted is set to trust.presentmonkey.tech

and windows is adding that to the end of ubnt.presentmonkey.tech ?

oh, you know what I think it is. I configured a wildcard cname before for *.presentmonkey.tech which pointed to presentmonkey.tech

and that still has my old public ip

let me see if that works after DNS propagates

yep, that was the issue

yo so i want to use my domain for a website and i used ips to host it. i got the domain through godaddy and i cant make it work i can only access throught like this www.ipadress:port

ips?

like linode

oh

I thought you were talking about a company

what port can you only access it on

8000

beacuse im using a basic html and python to test it

wait, so do you have full access to a VM with it's own ip?

yeah

what web server are you using

caddy, nginx, apache?

just for testing im using the simplehttp in python3

hmm, yeah idk that

well in all the 3 that I listed above have a config file which tells the webserver on what port to listen on

yeah it listening on port 8000

well then that makes sense

http is only on port 80

unless you specify otherwise

or you put a reverse proxy in front

oh ok

    listen 80;
    server_name www.example.com example.com;

    location /app {
       proxy_pass http://127.0.0.1:8080;
    }
}```

example for nginx

listens on 80

and forwards them to a local server on port 8080

and if I rememmber correctly, only for example.com/app or www.example.com/app

because of the /app location

or as LZ said, just bind it to port 80

Got a new toy for the EVE-NG lab

Yeah, boy, she sexy