#networking

grats!

Thanks! Biggest worry was AMD virtualization. EVE just support 3900/3950x and not all images. But with vMX, vSRX, vQFX, vIOS, Mikrotik I was able to get all working. Oh and if you go AMD you have to go Pro license for the most recent kernel that supports AMD

8 vMXs were almost pegging my 6700k and the same lab is around ~5-6% 💦

Yeah, I can't wait until AMD gets their virtualization better supported. Intel has run that market for so long, its crazy how much better their support ecosystem is.

Oh, I got something that would make you facepalm, hard. Past few weeks, I was reworking our golden image lab. That no one documented, networking was all borked, and no documentation in sight. So instead of networking with the really nice catalyst routers that are a part of that kit, pfsense came out, and I just bypassed everything

Good on you. Its better to support with what you know rather than fart around with zero documentation and trying to rebuild the f'ing thing

Yeah. A coworker walked in and asked why none of the routers were plugged in. I told him he could have the hosts, or the cisco networking. You pick.

And whoever used the switches last decided every other port needed a new vlan -_-

Many people in networking for a living actually don't fully understand what VLANs are for. The amount of network engineers for customers I speak with showed me a long time ago you don't have to actually know what you are doing to succeed

^

Oh, and this is a network they want to be able to update all of our images from, but not touch the internet

https://tenor.com/view/bunnies-what-confused-meh-gif-13712192

Hi, any expert here knows about TCP BBR and TCP C2TCP ?

I know a high level, what questions do you have about them?

Which of it more suitable for game server?

Lower Ping in short XD

C2TCP, as in cellular controlled?

@nova igloo

BBR and C2TCP are congestion control. I cannot see a game that utilizes TCP.

and as far as I know, BBR is more bandwidth related, and I hope you're not hosting a gaming server behind a cellular connection. Although @hollow marlin can fact check me on that

BBR does use bandwidth part of its CC. C2TCP is something I have only heard about and have not looked into though. Both of these do not affect ping but instead react to loss/winodwing and adjust windowing on their algorithm.

You make me dearly wish we had a purely networking position on my team.

If it can take voice off my plate Ill take it

No pbx in sight

@hollow marlin Thank you for the correction and info!

@thorny vector Nonono ofc not hosting game servers on cellular network XD

So u mean C2TCP only works on Cell Network

It’s in the name, Cellular Controlled

C2TCP = Cellular Controlled?

I recently setup a NAS

sorta?

raspberry pi using wifi

I'm getting nowhere near wifi speeds of the pi

I mean, I expected them to be low

using SMB

What speed?

oh sorry, my bad, I mean like 1 - 2 MB/s

And don’t crap on my beautiful SMB, it works just fine 👌

That is below expected though

I am using a pi zero w though?

Hmm.

and that's write speed

The WiFi chip should be the same though.

what are you getting?

I don’t use wireless at all. You should be getting at least 20-40 mbps though.

that's what I thought

everything is in the same room too,

so it's not a glorius Samba problem

?

I am very new to samba so

(it all stilll works, so it's fine!)

how do i make my ISP fix my stupid internet weve told them to fix at least 20 times already

swear at some poor 16 year old on the phone

seriously tho, we had a problem, ours was in our walls so maybe get an electrician to test the wires in your walls

there are no wires in my walls

it comes from the road to my router, thats it

and its the nbn, so yeah its probably trash

and probably needs fixing

i had nbn

the wires that run the phone cable

not ethernet

its not in the walls

its under the house

for about 2 meters

just make sure it is good

then its under the garden

ours had a little break in the middle

we had to get electrician in to fix

is there any way of getting them to do it for free given that our internet doesnt work a lot

like at all sometimes

we got telstra to not charge

bc it wasn't working

but check the wires on your side

we were barely able to disconnect our not at all working phone connection because we are on a contract, but eventually we got a refund for that

our ISP is shit

who are you w./

southern phone

yeah

never use them

telstra is alright

telstra is expensive though

tho their default router is dogshit to configure

our router is just shit

doesnt even have 5Ghz

lol

and they claimed it did

but on the product manual it doesnt

nah but just check your wires from road to modem

then get them to send out a tech

kinda hard to get to, we have to dig up the garden

we had to put new port in

no get an electrician to test

ours put a thing on one end and other to check

and replaced the wall port

hmmmmmmm

ok?

we have two wall ports for some reason, one of which doesnt do anything

and its the newer looking one that doesnt work

mebe for phone line & broadband?

i will be back in 1/2 hour ok

bye

maybe, but one of them is downstairs (basement basically) and one is upstairs

see if replacing the port helps

ok bye

I'm getting 14MB/s on this download instead of 11MB/s that's 30 more Mbps, will this cause the isp to throttle me? Or is it in an acceptable range?

isnt the speed they tell you you will get the average speed, meaning (great pun) it could be higher

they shouldnt throttle you

Oh, alright then. but if i do get throttled then fucks sake.

ok.

xD

i get 110 plan

i get 150 plan

but am downloading at 14MB

unlimited data

same

i use virgin media

i get like 12 MBps constant

i'm from india

I use JioFiber

oh yeah, jio fiber

XD

yea lol

i used to have airtel

they do 10GB network too right?

with a 40 plan

yeah

but too expensive

ofc

not 10gig yet

how much indian rupees in pound sterling

but 1 gig is

uh

one USD is almost 74 rupees ig

so you do the math

and 1 dollar is 70p here

almost the same then

a pakistani rupee is about 1 pound to 200rupees

oh lol

1 pound sterling is like 95 rupees

where 're you from?

wtf

150 plan is only a tenner

yea lol

Holy

the cost of living is not much here

so

yea

damn thatts awesome

10 dollars

even i can afford that

10 quid i mean

it sounds good when yoou look at it like that

but for us here it is expensive

lol

we get bikes for like 75,000 to 1,00,000 rupeees

£29

that 3000 rupees

yea

jesus

for that you can get 1 gig here

xD

yep

we could get 2 gig

maybe

yeah

but what do you need those speeds for

100 itself is good enough

idk what people do with those speeds

one for faster browsing, like i got this download going but i cant use google quick since the download is taking all the bandwidth

i mean yeah it's cool

i set it to taking all the bandwidth myself on the pc

lol

so downloads will happen at 14MB/s

which gives no space for web browsing

ahh

lol

occasionally it takes a while for a discord message to send

btw where're you from

?

Pound sterling? wheres that from

Germany?

pound sterling...

UK

uk lol

idk why i said germany man

oh the games donloaded

germany uses euros

i swear i'm smart xD

yeah i know lol

how do I do port forwarding

but what do you need those speeds for
@bold canyon Needed especially when multiple users are using the internet at the same time, for example, Netflix. Two people could be streaming Netflix, one person YouTube HD and one or more gaming.

@thick minnow depends on your router and if you have a public ip

how do I check if I have a public ip

In your router, check the wan inteferface address

it tells me to go there whenever I try to forward ports

Ok then just assume you have a public ip

ok

Then go to that link

I did

Trash isp router

ikr

Im upograding soon

to a ax3000

nighthawk ax3000

easier than ever

Needed especially when multiple users are using the internet at the same time, for example, Netflix. Two people could be streaming Netflix, one person YouTube HD and one or more gaming.
@shut perch You can easily do that with a 60/10. It takes a lot outside raw downloads to get close to saturating a gig

one HD videostream is like 7-8mbit compressed

Yeah, streaming doesn't take up that much bandwidth

UHD 4K streaming is anywhere from 15-30mbit/s

Not even just the stream bit rate. As congestion begins hit TCP will begin pulling back and with Netflix's RENO and Googles BBR they will begin to burst and eventually the flows will be within each buffer period

If it was say a 4k live stream that is different but with streaming people definitely do not gig

I was looking at the 100mb image I never even noticed the 2 gig comment 😆

anyone in here electrician(good theory knowledge), industrial controls eng, or electronics eng? I have a weird question that doesn't fit in any of the channels lol

where's brian the electrician

@waxen scroll I can try to answer

I got some experience with electrical systems

i want to know if an unclean sine wave causes A/C or D/C motor whine even with a clamping circuit infront of the motor. if so, how can i test it and what filtering options can take the load of a furnace at 120v/20A max

the former, I can answer, the latter, no idea

generally, poor sine waves on AC motors causes higher current

loss in efficiency

But a motor is a big coil, so whine is expected

its basically making a high freq whine that not everyone can hear but I can and the ducts basically make it echo throughout the house

MORE GOOP

Whine is vibration

goop stops vibration

so far ive replace the motor and blower chassis, replaced the whole furnace with same model, replaced the furnace again with a different blower type (not 100% variable) and still the same noise persists

have you had a scope on the inputs?

nope. thats why im asking these weird questions cause i'd have to pay for it

does this happen without a load attached?

hm so that can mean a few things? what exactly do you mean

Sources say, with synchronous motors or DC wound

In such device, dynamic electromagnetic forces come from variations of magnetic field, which either comes from a steady AC winding or a rotating DC field source (permanent magnet or DC winding).

stator itself

Could be bad windings

or bad signal

or it is not electrical at all

and just a bearing

with a scope you could rule out electrical issues

but beyond that, I'm at a loss, as much as you are

the only other tests ive done was to:

1. remove all extra furnace accessories like zoning panel, humidifier, 24v transformer, etc from the circuits
2. remove "load" by opening up all ducts/openings so theres no air resistance
3. Switched the power phase to the B side

oh and i opened the coil chassis up and the sound is coming from the furnace for sure

furnace?

yes, where the motor in question is

ah, so its an air duct

isnt that a big resonance chamber?

pretty much. my last furnace didnt do this though... but it was 16 year old motor tech

i dunno about this new stuff

try attaching some magnets to the side, so it changes properties of the duct

cloth, or some dampening

but high pitched noise with synchronous motors is quite normal

old CRTs drive me mad too

they make a high pitched sound

i want to get directly at the motor and run it in my view but this model furnace makes it quite difficult. theres a lot of stuff infront of the door and its such a pain to wire it up to run with the door open

just want to make sure its the motor doing it and not something dumb like bad chassis design

yes

I'm having trouble port forwarding, can someone help me out here? google isn't a bit of help

what router

also you be under CGNAT

It's a calix router, i just got fiber optic

well can you login

Yeah I can log in, I go through all the steps to port forward but the ports aren't open when i check them

I also think it's a dynamic ip but i dont know how to check

what's the IP of the wan interface of the router

you can block the last 2 lbocks

like 123.123.x.x

is that in ipconfig?

idk

all routers are different

ohhh the public ip

152.86.x.x

is that from google?

or the router?

google

yeah

I need it from the router

using pf network utilities it says the internal router ip is 192.168.1.1

no, on the wan port

I'm trying to see if you are under CGNat

example for me

hey guys, whos versed on VPNs?

only finding 192.168.x.x ip's and the 152.86.x.x

ok, the 152.86.x.x is in the router?

if it is, then that's good

I guess so?

I picked up Mullvad VPN and it works perfectly, and so I decided to add their DNS host to my router, this way all PC's on my network are behind their server - afaik this means I don't have DNS leaks and stuff - however my question is - When I do that, unless the PC in question is using Mullvad app, they can't connect to the network - Do I also have to add the same DNS IP from the router, to each PC via the Network Adapter > Properties, and if so can I use the same IP, or would each PC need a different IP

But idk if I have a dynamic IP or not, and i know it has issues with port forwarding if i do

@thick minnow "DNS Leaks", why is that a concern

wouldn't have a clue tbh

@thick minnow I mean for server hosting it is

Yeah i'm trying to open my ports for Minecraft

you would need a dynamic dns

how do i get one of those?

dynu is good or no-ip, but it wouldn't matter yet if the port is saying it's not open

I have no-ip

how would i get my port to open though?

¯_(ツ)_/¯

how do your settings looks like

Settings for what?

port forwarding

- https://mullvad.net/en/help/dns-leaks/
They have information on how to prevent leaks

This is their DNS Server 
Mullvad’s DNS server IP: 193.138.218.74

I added that IP range to my router's Primary DNS Server

And when I'm not using the VPN app - I have to add the Primary DNS range to my Ethernet adapter

Q.) do i add the same IP to my other computers - or do they need a different IP```

@thick minnow well you didn't fill anything in

shadow, each pc has a unique ip address

it is really easy to port forwars for minecraft

I know it's easy to port forward for minecraft lol, but the new router doesn't like it

mhm

what model?

I had filled in the info before but it did nothing so i removed the port forward

calix i believe

how would i go about setting up my second computer to connect to the same DNS Server if i have to use a different IP range, wouldn't that mean it would then not be connecting to that DNS Server? /confused

you need a static ip

How do i get a static ip?

make protocal tcp/udp

what os is the server running?

@thick minnow

windows

ah ok

10 to be specific if that matters

set it in the router settings

nah its ok

@thick minnow if it's a public dns server, it should work from anywhere unless there are firewalls in place

if it was like linux you could set it there

yeah its a public dns server - so i could just add the same ip to each computer on my network?

you could just set it in DHCP lease

@thick minnow Just do it on the router in DHCP settings

but also, why...

like, use google 8.8.8.8 or 1.1.1.1

@thick minnow also set the port end to 22565

I think I read something about DNS servers logging records, and using some private ones who specificaly state they dont log is more ideal

@thick minnow can we dm?

yeah we can dm

25565*

yeah

25565

Using Mullvad’s DNS server ensures that you don't leak information to a DNS server provider that may be logging which sites you are visiting. And if, for some reason, your traffic ends up on the public internet, it goes to our non-logging DNS server.```

yeah true

Unless you're doing DoH then anyone can see it regardless

but most of that is marketing

just like VPN's

Besides, your ISP still can log which IPs you browse to and coordinate that to high level sites anyway
(if not using a VPN and whatnot)

I think ideally you want a non logging VPN that's not based in specific countries like America and are able to not release information if a governing agency requests that data - afaik your ISP when using a VPN can only see you're using a VPN, but not the traffic you're requesting, except for small bits of information like >at this time something was requested

I mean HTTPS is encrypted

But that's the contents, not the destination IP address

yeah

if I want anonymity I just use tor

while logged into facebook right? 😛

You are at risk of leaking DNS requests to Cloudflare, no matter which Mullvad setup you have. To prevent this, open Firefox Options > General > Network settings > Settings, then deselect “Enable DNS over HTTPS.”```

So "Don't expose it to cloudflare with firefox, expose it to your ISP instead", seems legit

yep, if Mullvad doesn't use encrypted DNS, your ISP can see it anyway

unless you are on a vpn of course

Yah

So.

Point the routers DNS to Mullvad’s DNS server IP: 193.138.218.74
Point each PC's Primary DNS to the same IP ^
Use Firefox and disable DNS over HTTPS (only while using the VPN tunnel)
But enable DNS over HTTPS (when not using the VPN tunnel)

Point each PC's Primary DNS to the same IP
just do that in DHCP

I'm not quite sure what that is or how to do that

example for me

that's the ip of pihole

then pihole forwards to my router which resolves hostnames, and then forwards to 1.1.1.1 or 8.8.8.8

So I would set a DHCP address to the ^ ip above instead of the primary dns?

show a screenshot

b/c idk what you mean by DHCP address

i dont even think my router has a dhcp setting

i can only see a table and i cant edit it

what router

this is my DNS page (billion 7800nxl)

ah i think i found it, is this the page

yep, there it is

it's using the router DNS

So what would I change here to get all my PC's on the network to use Mullvads DNS server

so you can test it, by setting windows back to automatic and see what dns server is uses

nothing

you can test by doing ipconfig /all

what am i looking for exactly

DNS Servers in CMD just shows the IP range to connect to my router

(atm i haven't got the mullvad dns applied, all default settings for now)

yup so for me that one is 192.168.1.254 (ip i use to connect to router)

and when i apply the mullvad dns in my router page it changes to that one

so it probably is doing dns forwarding

so it goes to the router first, then the mullvad dns

if i add 193.138.218.74 <-- mulvads dns to my routers dns page - unless i use the vpn app i cant connect to the internet (ie the other pcs on the network)

so i then add the same ip to the ethernet adapter ipv4 address and it conneects

you can connect to the internet

just it's not resolving hostnames

so I think the dns server is vpn only

because you need to pay right, so they want only vpn users to use that

if i dont use the VPN app, and i set both these IP's here - im able to use mullvads public dns - and connect to the net

but if i dont set it on the ethernet properties (left) it doesn't connect

yep, just try that and don't use router DNS forwarding

then any device you connect to your network will use those settings. (up to 20 devices) unless you increase your dhcp pool.

oh yeah, why is the dhcp pool so low

cause its a isp dslv2 router.

DNS Servers . . . . . . . . . . . : 193.138.218.74

awesome!

cmd shows the ip set in the router - without needing to change the adapter

and without using the VPN it's all green lights

happy days

so this means that all other pc's on my network will be able to connect without needing to configure them

paranoia averted subverted ---- correct

thank you guys for your help! much appreciated, enjoy your day/night

dito

Alright im back again, port forwarding still not working

port forwarding is an easy task, just take the port and present to the IP address you care about internally

@thick minnow windows firewall open?

use a firewall that makes your life easy

firewall is turned off

if your ISP blocked the port you're trying forward

there's like 0 point in doing this

It's minecraft

25565

choose a higher port

40k+

MC can run on arbitrary ports

What's your isp too?

Yeah

I have BrightRidge

btw you need to create a firwall rule for port forwarding to work

With an srv record you can tell mc to go to a specific port too

so if you're not using pfsense or a firewall

which will automatically create that firewall rule

the port will remain closed

I just turned back on my firewall so how do i create a rule

look it up for your specific firewall

btw i'm talking about the firewall at the network level

not on Windows

oh lmao

in Windows you just tell it the application is okay

port forwarding = port rule + firewall rule

responsible network firewalls automate the second rule for you

what does pfsense do

It's a router

pfsense is responsible

if you're doing port forwarding in pfsense

and it's not working

it's because you pissed off Lucifer in your past life

well i don't have pfsense

https://cdn.discordapp.com/attachments/387022787480387605/770711367492960326/aec92efeeaabd914f9201081b8919ceb.png

@topaz quarry generic isp

oh port forwarding on a modem

that's gross

yeah tell me about it

you probably need to create TCP and UDP rules

I have

then add a firewall rule

your modem probably has a firewall

it's very popular for ISPs

because people meme themselves

if it's your ISP's equipment

you have the virtue that you can just file a support ticket

remote ip address has to be any

wan ports has to be your desired port

local lan ports has to be your locally mappend port (probably the same)

local lan IP has to be the IP of your MC host

verify your MC host is actually running

if nothing responds to the port, it will simply respond as down

it's like saying we should go to room number 5 to ask joe for coffee

woah thats a lot information

joe is in room 6

you go to room 5 and get no coffee

I guess i'm not gonna port forward anytime soon lol

is MC actually running?

yeah

can you connect to it locally?

eg another laptop or something

can it connect to your MC server on your LAN?

not sure

I connected on my pc

make sure it's running locally first

and you can connect to it from outside your PC

cant connect from outside the pc

otherwise all of this is pointless

can connect inside of pc

I feel like it's firewall

do you have another computer in the room/apartment/house?

feelings aren't fax

not available currently

then when you know you can connect to it from something that isn't the MC server

True, phoenix

you can proceeed

wanna try connecting?

it has to be on your LAN

behind your firewall

@topaz quarry you know of an nmap like tool for phones

So he could port scan

can you connect to an MC server from a phone?

you can

i only use iphones

okay then connect to the MC server from your phone

It's java or bedrock?

Because java is pc only

I can connect to the chat using minechat

that worked

so it's working on my side

you need to connect to the server itself

like load those cubes

It's the same thing isn't it?

not necessarily

I connected to the actual server but i can only chat

then find someone that can connect to the MC server

behind your firewall

nobody

Or use a vpn to test

That's what I used to do

what vpn do you recommend

https://www.zerotier.com/

you can do scrub tier port forwarding

tell your friends to install this

I mean, I used tunnel bear

and then you can all pretend to be in a LAN

Just for testing

It worked

What's all I needed

Phoenix, I used hamachi previously, im just tired of using it

he needs something to test his MC connection

Oh, on the lan?

Then yeah

then find a coputer that can test it

zero-tier can help you eliminate MC server as problem

i'm not sure himachi and zero-tier work the same way

Hamachi is just a vpn I think, zero tier works in a different way I think

i can try zero tier

it's a multi point vpn

it creates UDP tunnels from each point to each other

I used a vpn to connect to the server and it worked

anyone wanna try connecting?

1.16.3?

yeah

I can give it a shot

192.168.1.50 is what the ip is set to

You'll need to DM the WAN address for me to connect

if he's using zero-tier

he just gives you token

you're not accepting friend requests

Ah, 1 sec

try now

@rocky badge slide ur new WAN address in my DMs. lets make communications

I have like 6 MBPS download and 1 MBPS download

Help

Edit* 1 MBPS UPLOAD

hey is there someone here who might be able to help me with a problem installing pfsense on my unraid server? 🙂

@spiral rapids well what are you buying from your ISP?

W

oof, pfsense on unraid

idk

What

wait what is ISP

U mean like

Frontier

your Internet Service Provider

yeah

Frontier

40$ a month

for what

For absolute garbadge

what's advertized?

I’m planning to get metronet

It gives 200MBPS download and 150 upload

Pretty good

For 60$ a month

W

Is there a port-security feature that satisfies the following requirements?

1. The switch access port must only allow traffic to flow from a device with a specific MAC address AND a specific IP address
2. The switch access port must be protected from spoofing attempts
3. The computer must be dropped into a generic VLAN until it proves its identity to be assigned into the correct VLAN

I don't know if the edgeswitch provides the first two

I haven't used these type of policy before.

Are you making us do homework?

https://www.google.com/search?client=ubuntu&hs=Jvb&channel=fs&ei=la2YX7qME7LI5gKWsonQBA&q=ethernet+port+security&oq=ethernet+port+security&gs_lcp=CgZwc3ktYWIQAzIFCAAQyQMyAggAMgYIABAWEB4yBggAEBYQHjIGCAAQFhAeOgcIABBHELADOgkIABDJAxAWEB5Q1BRY9xtgjx5oAnAAeACAAVGIAbMDkgEBNpgBAKABAaoBB2d3cy13aXrIAQjAAQE&sclient=psy-ab&ved=0ahUKEwj6qq719tXsAhUypFkKHRZZAkoQ4dUDCAw&uact=5

as punishment you can behold my google query

For #3, 802.1x

Spoofing attempts.... Like what

You're not going to detect a spoofed mac

#1, the switch doesn't speak IP

And all you smart asses be quiet

@little schooner Google your homework

@waxen scroll It got me wondering how the college's switches were doing all this crazy security

via magic

they even block outbound requests after observing just a little bit of the traffic coming from the device

it's via magic

no.

@waxen scroll It clears it up a little bit. I may have been looking for the wrong thing

Do Ping of Death and Smurf Attack still happens these days?

if you piss the right person off yes.

@hollow marlin NAC is just placebo for a school

@little schooner it will go unnoticed that an attacker went into a computer lab and used it to jump to the datacenter

lab computer is white listed in NAC

students are also real easy to phish with fake school emails

theres enough of them that someones going to give up a login

@little schooner 3. The computer must be dropped into a generic VLAN until it proves its identity to be assigned into the correct VLAN

that makes no sense

it makes a ton of sense

what doesnt make sense

Access ports are never vlanned

Pretty sure you're looking at a Dot1X config here

access ports get assigned to a single vlan

yes

and that vlan can be changed

yes, but isnt there easier ways to manage per client traffic like that?

thats all automated, its easy

first vlan is not trusted and only has basic network access, like to patching servers. then when security policy is satisfied it switches vlans

you can automate stuff like that

interesting

the routerOS API is really fascinating

and the way you automate that, depends on..

ok

that answered itself

for non smart switches eg ones that don't have an API

you use ansible or something

and use managed ssh access

ansible?

pretty sure one uses that for instance configurations

its a NAC like Cisco ISE or Forescout

like with autheniticated telport access (a ssh key manager)

you can use ansible with a variety of things

it has plugins for a lot of stuff

I wonder if you can buy a hardware ssh server

like vyos

and juniper switches

RJ45 ethernet on one side, RJ45 console on other

switches already let you ssh into them?

not this old managed switch I got

its not important

just thought about it for a sec

fascinating

can you telnet into your switch?

no

its only with that hardware port

how do you manage it?

its some crappy 3com shit

commandline

oh so there is an answer

9600 baud

you can use ansible with anything

as long as you can make a connection between point A and point B

would be interesting if you can configure getty to spawn a telnet session when you ssh into it

instead of bash

there's stuff to take Serial connections and put them on a network

like Serial to RJ45 signaling and stuff

normally they're used with fpgas for random af reasons

but it's the same principle

could do this on a pi quite ez

you could

Anyone have a recommendation for network card for my pc. Wireless. I have a really really slow connection
I'm downloading cod mw rn at 5 mb/s and its a 250gb file

5 MB/s = 40 Mbps

what's your internet plan?

Rip

@waxen scroll I haven't been keeping up my network knowledge since I finish the Cisco ccna exam. I'm forgetting the stuff.

I haven't had a need to touch a Cisco switch or apply it to a problem as of yet

On the flip side, I've been creating some powershell scripts to automate more and more parts of system and application deployments

I've changed enough of it to make a big impact

The position is more automation with scripts

powershell

way to think ahead hrhr

can the shield itself reach the internet?

@mystic latch I'm not too familair with pfsense

but two vlans, shouldnt be an issue if the router can route between them

I had an issue like this before, I needed to enable hairpin NAT

It's also called NAT loopback

or NAT reflection

but it shouldn't matter, because the original problem is the intervlan thing

probobly not

it may work, but you need to find the root cause

inter vlan routing / firewall rules

are you properly untagging the traffic?

@mystic latch try see if you can reach the device with arping

router is not routing

odd.

Im at a loss

maybe it didn't automatically make routes?

example for the automatically made routes in my er-x

but internet works, right so idk

@peak cloak not entirely sure

on mtiks if you have two subnets on different VLANs, you can just route between them

as long as they are on the same bridge itll work

yeah, idk pfsense

@peak cloak kek. just watched protests in Italy

started seeing a pattern

its not a real riot, without a dumpsterfire

What a cool channel this is

Never been here before

@glass coral welcome to the home of networking

and linux

its also the secret place all the linux gurus hang out

can't do networking with windows, or can you🤔

you can try

Cisco and Linux is pretty much the only thing i have on my resume

then you realize

you need windows server

xD

Windows, very good for what its made for. Not so good for what it is not made for.

I tried to do software raid on windows server once

had to give up

if it was made for wasting time

then good on them

Best linux distro for a daily driver desktop?

Planning on making the switch

Ubuntu? Fedora?

@peak cloak Ubuntu is generally quite ok

really comes down to personal pref

I like Fedora, is it stable though

also easiest to find support for on the net

not sure what fedoras release schedule is

with Debian you can use stable, or testing

debian testing is rolling release

https://www.opensuse.org/

oh yeah opensuse too

Tumbleweed is quite nice

never tried it

its a pure rolling release

For me, OS choice comes down to the package manager

and any flavor of debian satisfies my needs

true

I like KDE visually

anyone care to discuss coaxial router/modem work arounds? in laymans terms?

As i attempt to replace my home fios roouter with something better

@naive tartan fios uses moca in your home

It doesn't need a modem

On the ont there are 2 outputs, moca or ethernet

currently Im using the fios provided gateway router which is hooked up to the coaxial outlet on the wall and its spitting out wifi, ive relocated my desk to a room with no coaxial for the router as such im wanting to buy a new better router for the home and run ethernet to it from my PC, the issue is the newer routers dont hav coaxial ports

so im wondering if i can run a moca adapter out of the coaxial in the wall to a new router

You need to know the difference between different coax protocols

Dociss is for cable

You need modem for dociss

@naive tartan where is your ont?

in my closet, i live in a condo

If you aren't using tv, you can switch it to ethernet and run that to a router

so currently im using the coaxial on the tv wall for the tv but im switching over to youtube tv so ill be able to switch that coaxial line to whatever it needs to be on the ONT, but the new router still likely wont have a coaxial plug on it, hence my question of will i be able to get a ethernet/coax adapter just to be able to use the newer router

What is the best way to fix A Verizon FiOS G3100 Gigabit Wifi Stuttering and Lagging? without resetting it and having a new password or SSID

im trying to not run and fish new line in the wall

It's not ethernet/coax adapter, but a moca/ethernet converter, just to make sure you get the right thing

ahh

The problem is, is that they are expensive

For me it was cheaper to run ethernet

It's like 100 bucks for a pair

And gigabit isn't guaranteed on moca

the easier solution would be just trying to find a router with a coaxial port i guess

Moca port

Make sure it's not dociss

Also I would strongly advise against all in ones like that

Can I use my laptop as a rounter?

Technically yes

Pfsense

@peak cloak are they just problematic

Would a usb wifi adapter work

I have a network card and a usb adapter

@naive tartan lack of configuration and stuff like that. If you just need wifi then sure go for it. But I need more more than just that

@thick minnow if you have ethernet and a wireless card then yes

@thick minnow Use seperate internet than everyone else better speed and for security and customazation

@peak cloak I need wifi for general home things but the need for this new router or a hardline is to run to my gaming PC for streaming, im capped on bandwidth by my plan anyway at 200/200 so gigabit isnt 100% needed at this point

Separate internet or separate SSID?

How would that work

im asking because of my question above about the router

Like show a diagram

@thick minnow How would I do that what is the name of the OS?

@naive tartan I guess it could work. You only need one moca adapter not a pair because the ont output is already mic

@thick minnow pfsense

Wifi support is lacking

Thats Fine

What architecture should I pick?

@peak cloak so the moca adapter would go from the wall where the cable currently is to the new router, and that would work for 200/200

what's your laptop using

arm, x86, amd64?

@naive tartan yeah probobly

@peak cloak Is it possible to install it to a usb instead of a hard drive?

well yeah

im using 64 bit

so amd64

and select usb installer

serial or vga

the screen is broken on it

so I use a monitor instead of a screen

I honestly don't know the different between serial vs vga consol

select vga

The serial image is for a serial console, connected to a laptop with a serial cable for example. You probably want the VGA image

ok

Should I use ether

etcher

or rufus

I use etcher

I never installed pfsense on metal

how come?

I used it in virtual machines

ok

my laptops are garbadge

https://www.userbenchmark.com/jkalter66/User?id=275790&tab=PBenchmarks

true

never uses OPNSense myself

I knew a bit, I used it initially as an edgerouter for my homelab

so use that instead

yeah

ok

I just use an ER-X

not a fan of software routers

planning on upgrading to a mikrotik later

https://mikrotik.com/product/hex_s

does anyone have a response to my question about my verizon router?

not really, pretty vague of a question

@tame carbon

powerful, but not the prettiest or the easiest

Im hungry Like the wolf xD

@mystic latch http://demo.mt.lv/webfig/

they have a demo online

I use pihole, what can pfBlockedNG do that pihole can't.

shame you can't install it standalone

also what up with yewtu.be

some open source youtube mirror?

@peak cloak The Hex S seems nice

its got good specs for 2gbit/s

the enc chip is only 400mbit/s but oh well

what the enc chip?

IPsec acceleration

ah

most mtik routers have support for that

won't be doing ipsec so that's fine

I'm more a fan of the RB4011

xD

its the beef that can do it all

out of budget lol

yeah, its expensive

@mystic latch you'll find that RouterOS is a lot more intuitive once you know what you want to do on your network

https://i.imgur.com/tYglMOo.png

if my link speed to my router is 866mbps, i should be getting a bit over half of that when I do a speed test right? im getting only 200mbps on wifi

it depends on your wifi version

wifi is complicated

the maximum speeds for consumer wifi is about 450 Mbps if you do everything basically perfectly

that means one AP per room, with a wired backhaul

im on ac

it doesn't matter

even next to the router its at 220

then either you're to close (yes that's possible)

your WLAN NIC on your testing device is really bad (yes that's possible)

you're not in the expected dicharge area of the AP (yes that's possible)

you have band conflicts somehow

Number of wireless devices on the network and number of other wireless signals can impact it as well although less so on 5GHz

what speed should I be expecting?

also keep in mind that some consumer equipment simply can't do better than what you're seeing

at least half right?

Wireless is not a X to Y comparison

correct

you basically asked the same thing 3 times

the answer is your expected speed is based on a bunch of factors

some of which are honestly uknown

Also, are you paying for over 200 to 300Mbps (assuming you're doing a speedtest) from your ISP?

yeah i have a gigabit connection, over ethernet i get around 950mbps

are you using the modem's AP capability?

How many wireless devices do you have connected? a dozen? two dozen?

I tried it with just me connected

@topaz quarry what does that mean?

are you only using the black box the ISP gave you?

yes

then that's why

ISP hardware isn't going to be the end all be all of performance. They give you something cheap to get you started and if you're lucky it's got some wireless capabilities

the black box is responsible for 3 roles right now, authenticating (modem), routing, and access point management

200/200 is remarkable for what the ISP gave you

remember the contract you both signed

probably only stipulates they're responsible for gigabit up to the modem

not past it

I see

ISPs just do all this stuff for customer retention

If you can go wired on your main downloading devices and get ~200 on wifi for the rest, I'd call that pretty good

since requiring customers to have a 9th degree blackbelt in network fuuu

I am considering a powerline adapter, but i dont think that will get me anywhere near 1gbps

would probably disuade customers

powerline adapters are weird

9th degree blackbelt in network fuuu means we all get paid

it depends on the layout of your house

lets keep it that way

Yah, you might get decent or you might get junk speeds

You could look at an aftermarket AP that's wired to your ISP's box and then turn off wifi on their box

yea like I don't use the wireless capabilities from my iSP's box

yeah i thought of that too, its cheaper than getting a new router

okay cool fun fax

modem != router != access point

you can route but not be an access point

you can be an access point and not route

most consumer boxes do routing and act as an ap

so that black box you have would only be responsible for authenticating

which in reality is the whole point of the box from your ISP

https://www.youtube.com/user/TheTecknowledge/playlists

https://www.youtube.com/c/CrosstalkSolutions/playlists

they both explain the stuff with more words and better english

i see, thanks

so basically the black box is an all in one deal

yup

anyone knows about MTU and how to get the perfect value

the MTU of the internet is 1500

do you want jumbo frames or something?

The perfect value is over 9000

LZDanger is correct

It's both a shit post and the truth

it's shitastically true

9216 or bust 😛

oh you're talking about the actual L2 MTU now

instead of just the requested amount

L2 - 9192
L3 - 1500
Golden

Not sure how to explain this but I need help hooking up our Ethernet around our house we just finished building

Wifi etc is working but not quite sure how to get the Ethernet part

wdym by help hooking up the ethernet?

like wiring it

Yes

or is there wiring already installed

It’s wired from al the rooms

And comes to one place

oh

Just hooking it up from there

is it terminated?

I know nothing about this so dumb it down

What room do all these points go back to - garage, study...?

Terminated meaning

Mud room

there are ports connected?

Terminated meaning there's an RJ45 socket on the wall.

and that connects to another endpoint.

if you took a pic that would help

Okay, so in that room, you might have say 8 outlets. They all go to your switch.

Yes

We have 7 and they all are going into a switch

Picture sending

ok, so they are all connected?

Yes

Eg

first, I would recommend getting a patch panel

What is that

a mess ;p

XD @peak cloak

see the white outlet on the wall in my photo? something like that.

though you can get them in different formats, eg a single long panel.

Can I make it work with what I got ?

you appear to arelady have them all connected.

Yeah

They are

They should be live on the other end, whereever those cables run back to

It isn’t though

I would suggest getting some tape and labeling what rooms those cables go to.

That’s the problem

They have that

On then

oh yeah, okay, hard to see, the black on blue

go plug a device in to the other end. See if you get a link light on the device or on the switchport that goes to that cable.

Green light ?

Blinking

I’ve able to get it to do that

wel, in that image I can see the end port has a link light

But no internet

cant make out what model it is but I assume that end port is a wan port.

back soon, meeting.

Netgear s350 series

@vagrant verge when you plug in a device on the other end, do you see lights on the ports on the switch

Yes

They blink

ok

can you plug a laptop into the switch using ethernet

Actually

Hold on

Ok

Only problem is I’m not sure if the cable I made works

Correctly

oh, you made that white cable?

No no

I made one I’ve been using

The wife one is bought

oh

White

you have a tester?

or a multimeter?

Nah I’ve got one I’ve bought we can use

oh ok

Don’t wanna add another issues if it’s there

Ok labtop is plugged into switch

do you have internet?

Nope

Ethernet no internet

can you ping your router?

But it’s connected

How

Console and ping my ip?

show the output of ipconfig

In command prompt?

yeah

What am I looking for

show a screenshot here, but you are looking for an IP and a default gateway

Sending

all ip addresses are local, so you can't leak your public ip

All good not worried bout it

can you ping 10.31.3.254

So ping then that ip

yeah ping 10.31.3.254

Ok

Done

did it get a reply?