#networking

at least is doenst have rgb and stupid antennas

hehe

Oh. not bad

@jaunty talon so the people at cisco did have half a brain

it has a 5G wan port

why is that better?

beats 2.5G

lol

at a lower pricepoint

but not a 10G SFP+

so you need either an cat 7 or cat 6a for that

yeah, its still F-tier

no ISP uses CPE's with anything but 10G or 1G anyway

Oh no..

TPLink. WHY.

https://i.imgur.com/fFVV9Dk.png

WHY.

this is the non gamerside of rog

just the antennas

not the rgb

So much hate :D

Have you even tried their products? :D

@jaunty talon every single tplink router I've had has died

and that's three routers

tplink sure

consequtively

every ~3 odd years

yes, i have an 5 port 1gig switch under my desk from action

its a switch

only good product because it was 10 euros

there's not much you can mess up with those

still a product

but a router product then

:D

the ones you're ranting about

:D

@jaunty talon I had a netgear router too, like 6 years ago

no, rather have an netgear draytek or unifi / ubiquity

but I had lot of connectivity issues with them

specifically, something I've noticed with a lot of home wifi routers

when the wifi, just dies.

and you need to restart the device

I have had asus and netgear routers many times and they have served me well

fulfills the NAT spec etc

oh ye

if you dont need more than a NAT

then it works

well who does at home??

draytek is great because it has an on or of button so for a restart you dont even need to replug the adapter

draytek at least has some more advanced config options

@jaunty talon You're right, nobody. But I also think that someone who has 1G fiber, does not need a $500 router

It's not like you can compare a ASR901 with MX204 even tho they're routers they have completely different usecases

true

I bet you have an ASR901 behind the couch

serving bootleg 4K footage >_>

hello no

i have that netgate

i pasted

super happy

does 4x openvpn tunnels and nat's very well my 1G linerate

@jaunty talon I was done with ASUS the moment I realized they can't even implement a DHCP client xD

It ignored the DNS servers provided by the DHCP server

And then, the downstream DHCP server it provides for LAN, inserts itself as primary DNS server

with no way to override

just let asus build cases but nothing more

and if you browse to 192.168.172.1, it forces a redirect to router.asus.com which resolves to that same IP

but if you manually override your DNS server

you can no longer manage your router

wtf

factory reset

@twin zealot yeah

this is up there with r/assholedesign

@twin zealot no the fix was uhh

https://i.imgur.com/Znd8GHu.png

@twin zealot right here ^

ah nice

linux i see

but wich distro?

Ubuntu 16.04 LTS

https://tenor.com/view/linux-ubuntu-software-gif-13909128

w/ GNOME desktop

ubuntu 16 is normally with Unity

your still on 16

not 20

yep

yep

oh my gosh

Still gets updates :)

@twin zealot using the oldest kernel that is still maintained

4.4.0

let me run

away

https://i.imgur.com/aYy8jIz.png

4.4.252

currently on windows because school applications you have to have

Linux watomat 4.4.233 #1 SMP PREEMPT Wed Sep 23 16:25:48 CEST 2020 x86_64 x86_64 x86_64 GNU/Linux

@twin zealot I modified the crap out of this system

not really keen on having to reinstall everything

so I've been putting off this upgrade for years now

manually patching my system if something breaks

i have an arch (arco) vm

and that one is modified as hell

@twin zealot I just downloaded the ubuntu distro kernel sources

and tossed out all the shit I don't need

also set the kernel to be preemptible, so it doesn't freeze if a background process hogs the CPU

Gnome is very picky. and has a tendency to lock up under heavy load

yea aim thinking to buy https://www.coolblue.nl/product/860856/asus-l210ma-gj034ts.html this one as an coding machin with linux on it

low power machine eh?

i know there better options but look at the lid

yea

64G storage

there better deals out there, but look at the lid

better be upgradeable

its linux

how much you need

still

iam now on my main notebook, 256 m.2 + 500 gb m.2 + 1tb hdd

Disk /dev/sda: 465,8 GiB, 500107862016 bytes, 976773168 sectors
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: gpt
Disk identifier: B61A5F03-6CE2-468F-ACB8-4319E5E765AC

Device         Start       End   Sectors   Size Type
/dev/sda1       2048    923647    921600   450M Windows recovery environment
/dev/sda2     923648   1126399    202752    99M EFI System
/dev/sda3    1126400   1159167     32768    16M Microsoft reserved
/dev/sda4    1159168 381900799 380741632 181,6G Microsoft basic data
/dev/sda5  381900800 967204863 585304064 279,1G Linux filesystem
/dev/sda6  967204864 976771071   9566208   4,6G Linux swap

Oh, so thats where all my storage space went

what kind of swap do you have?

there's different kinds?

@twin zealot pretty sure this is just a swap filesystem, nothing special

yes but not in this example

its a partition

swap files are messy

its what windows does

in windows you can also make an partition you dedicate to swap

oh, that must be new

yes and

no

probably a registry hack

just do nothing with the partition and select it as swap

mh

from what I remember, its somewhere in system settings

https://www.tomshardware.com/news/how-to-manage-virtual-memory-pagefile-windows-10,36929.html

you could resize swap, but not the path or device

it would always be on C:\

oh fuck, it can only be on the partition of where win is installed

^^

@twin zealot did you just once again confirm that windows is ass?

yes and no

I bash on windows all day, but I also use it everyday

to play games on :)

https://winaero.com/how-to-move-page-file-in-windows-10-to-another-disk/

ha

https://tenor.com/view/yes-wink-gotcha-thanks-guino-gif-4620610

@twin zealot oh so you can move the file

but not do a parition based swap

yes

understandable

by not putting anything on the partition

because windows only speaks NTFS natively

and that was sarcasm

I know it does other filesystems

but not by default

https://i.imgur.com/UehfbEO.png

Lovely.

I’m trying to get Apple AirPrint to work over two VLANs, a secure internal and a segregated IoT. I’ve been unsuccessful so far.

Is there a certain port that needs to be whitelisted?

I have the mDNS repeater turned on.

What nitri

Rebooted it and it started working again, hm.

I’ve rebooted it before and it still didn’t work.

wat

Omat

guess you aren't linked with them

@tame carbon thats why I give up

I changed to using unique passwords for every site

I must have 100 passwords now

Does anybody know how to configure a voice vlan on a HP 5130 core switch? I can’t find any good documentation on it from HP

have you tried finding out what they call their OS and then search that way? if you only search the switch model it wont help

What do you need out of a voice VLAN, is it just traffic segregation, if so its the same as any other VLAN unless you are really hammering your LAN traffic wise, or are you using it in addition to classify and mark the traffic for transport over a bandwidth constrained WAN link? If so a search for "hp 5130 qos configuration guide" top hit from page 16 onwards goes thru QoS. An alternate over all the manual QoS setup would be to do a search on "HP 5130 Auto QoS" which comes up with some examples and gotchas on the subject mainly to do with LLDP.

@distant radish pretty sure they mean a VLAN for voice services

its not uncommon for ISPs to deliver different services using VLANs

voice VLAN is a thing

isnt that just SIP over a VLAN ?

Its used with LLDP-MED to advertise a specific VLAN for voice devices to use for voice and will allow access ports to use untagged for data and will tag voice traffic

The voice VLAN its mapped to is just a normal VLAN, just "voice VLAN" is typically referred to the port level configuration

@hollow marlin is that what those IP phones use for flex-work ?

Not sure how to explain this, since Idk the terminology

I've seen these before

a desk, with a phone, that has an ethernet out

you log into the phone, and then get internet through that

so that if you are connected, you are also reachable by phone

Typically yes, the pass through LAN is just untagged unless the phone is configured to tag it and the phone will tag it's voice traffic

neat

oh those phones were everywhere at my old school

oh that's what they did

@peak cloak cisco sells phones like these

yeah they were all cisco

PoE, quite a neat solution

no cable clutter

Cisco, Polycom, Mitel, etc. Almost all IP phones support LLDP-MED and should be configured to do so

@tame carbon Oh I agree, it depends on the transport service provided by the SP and on how they require that the network based traffic is to be presented to them. Are they providing a L2 based service for example E-Line or E-LAN or a L3 based service for example MPLS, Internet etc.. Is it wires-only or with some sort of SP provided CPE. An NTU for L2, router for L3. Then how is the segregated traffic presented on the CPE, separate LAN ports or VLAN trunk. Lots of options.. I agree go for the easy straight forward option 90+% of Enterprise networks I've worked on have either used Auto QOS + LLDP or nothing on their LAN's

@distant radish I got into enterprise networking from the consumer market

bunch of the standards they use are still new to me

ever since I got a 0-bs internet plan, and a proper router, I have been enlightened

https://i.imgur.com/ImAgKCU.png

@tame carbon All I've ever done is Enterprise, been working on Cisco since '94. Consumer is constrained to my home network, even thou I've git Cisco and Meraki test networks hanging off it 😕

@distant radish oof

basics of TCP and such I learned through coding

implementing networked applications

at some point, you just teach yourself how 2 networking

moving away from consumer routers, and getting mikrotik was the best idea I ever had

and I had to, since my ISP forwards a /29 to my WAN

and consumer routers cannot deal with this

@distant radish https://cdn.discordapp.com/attachments/776722183119699988/777646103775674368/IMG-20200922-WA0001.jpg

best I could do xD

I think it looks pretty good, for someone who's never dressed a rack before

Yeah one of the best things i did was move away from consumer network gear. Whole network is ran by Fortinet here at my home.

https://arstechnica.com/gadgets/2021/01/wi-fi-6e-arrives-at-ces-2021/?comments=1

I posted this earlier today

for the memes

@tame carbon one of the main reasons SP's split traffic across VLAN's as you have shown, is that so they can apply different contracted service policies on them. For example internet best effort, TV with X always guaranteed bandwidth, with Y latency and so on. Not bad! things to consider are, if you have to replace a device in the future, 1: can I install next to it and swing cables across, 2: radius of any bends on optical fibre

@distant radish yeah, that's one of the major benefits. internet is 250 mbit guaranteed, regardless of TV or not

I've a right mix here, Huawei, Netgear, Cisco, Draytek & Meraki

on ADSL, IPTV takes away from the internet bandwidth

@distant radish https://i.imgur.com/GHlrOW9.png

all mikrotik xD

Nice

Oh i do have Ubiquiti for PtP wireless bridge

@surreal finch https://i.imgur.com/orGbOxt.png :D

this is such a cool feature

@tame carbon pardon the ignorance here, but what is this feature

Ah uh

Controlled access points

ahh

haha

CAP got me thinking CAPWAP for fortinet

so you can just hook up any kind of mikrotik board

and one device can assume the role of 'controller'

if I go onto the actual mtik with the antenna

you see this:

https://i.imgur.com/9MBHFgc.png

I've only seen Mikrotik on networks, where I've been looking at doing a WITO (Walk In Take Over) of their LAN estate, usually its then been transformed out to Cisco or Meraki as that way the toolsets exist for the high level automation involved to make the books balance. Did one network last year where we replaced 2000+ Nokia switches for a Cisco SD-LAN for the heavy automation we could do on it

@distant radish what's WITO?

Yeah having the router/firewall as the wireless controller at the same time is super nice. One of the features I love about my fortigate.

@surreal finch you can even do multiple SSIDs

and then define a VLAN for them

heck yeah!

have a guest network, with a queue to do rate limitng and such

love commercial grade gear

enterprise*

haha

its all commercial grade

true that

in that, it makes money

enterprise is a better way putting it

Walk in and take Over the customers existing LAN/WAN estate, where you manage it on their behalf. Usually Enterprises sweat their LAN estates and its common to see a lot of end of life switches/APs in the network with no support beyond whatever hardware still exists in the supply chain or EBay. Business case is based on doing it cheaper/better than they or their existing supplier can. Only really works well if you can leverage existing tools and skills within you org. For example its no good taking on X vendor switches if you are a Y house.

urghhh why does unifi have to be so annoying. I bought the Unifi switch flex mini because it was the cheapest active poe powered "managed" switch and now adoption is failing

I needed to be able to use vlans

I have heard a lot of complaints when it comes to ubiquiti. Mainly when it comes to techincal needs like that.

@distant radish I guess I do some of that too. I have two companies in the area that ring me up when they need someone to look at their network

and I also provide IP services for two entities

yeah it's very prosumer, sometimes simple things are complex

its the apple of networking

yep

Yeah that is what I heard as well. I was looking at going with them awhile back. But I was fortunate enough to have my companies Fortinet sales engineer hook us up with some pretty sweet gear from them, fortigates, switches, AP's. As well as Fortimanager and Fortianalyzer which I run in a VM.

I've used the Apple vs Android for Meraki vs Cisco. Mainly as there's no real cost difference to be had in them, until you try and factor in the operations costs for either

@distant radish it suddenly makes sense when you compare mikrotik to unifi

😛

then its like pc vs apple

speaking of pc just added 32gigs more of ram to my workstation

so thats why the ram prices hiked

my first PC had 16MB ram

ran windows 95

and I could play age of empires on it

OMG, I can't remember what my first PC had. I was lucky and paid under $150 for 32 GB 3200Mhz 16CL ram

haha

I dont remember the specs

it was a hand me down

I wasnt tech savvy back then

just into computers

same here

not like I am now lol

well, now its like 10-15 years later

right!

and am still using 'mostly' the same PC I bought 10 years ago

over the years, its received three graphics cards upgrades

haha that is awesome.

and just recently, I swapped out the board after 9 years

the i7 2700k ran at like 4.5GHz for 7 years

only its last two years it ran at stock speeds

before daily crashes happened regularly

Early 90's RAM raiders was a term used for thieves breaking into businesses and just stealing the RAM out of PC's it was silly

and I got a replacement board, ram, and PSU for good measure

Yeah I just had to completely upgrade the PC early 2020. Need a good workstation/gaming rig. Didn't think I would be working from home as much when I built it or I would have put 64GB ram into it. I now run my fortianalyzer fortimanager, cisco virl stuff on there. plus other VM's not essential to networking

The i7 2700k was the hot shit back in the day

cost me like 400 euros

yeah I have a i7 4790k that has been running for over 10 years now.

its my sons pc now lol

wat

its not even that old

uhhh

4790k is like 7 years at most

I retired my 4770K last year I'd got it in 2013

yeah it just feels that old

it launched in 2014

so yeah 7 years

yes @cold geode

@surreal finch https://i.imgur.com/YXwB2TF.png

tighter twist and I think larger guage of wire @cold geode

rated to a high freqency

people be wining that intel is slow on the 8nm

I was using 32nm in 2019

no 'slow' as in, 'slow to deliver to market'

Only if you are looking at some limited 10G on your LAN

cat 6 will provide up to 10Gb, cat 5e 1gig

I built my first pc like 5 years ago I think with a i5-7600K and still use it to this day. Just upgraded the GPU to 1070ti

don't do 10G on copper

yeah that is the biggest difference between them, that and cost probably

the level of shielding required

Depending on your SFP costs of course

ultimately the kicker for the i7 2700k, was when I put in my GTX980

kinda

Just the bandwidth on that PCIe 2.0 bus

was really limiting the graphics card

haha right!

the biggest cost of fiber is the SFP or SFP+ pcie cards

^^^

I also ditched intel completely

AMD is firmly king for me

yeah I just ditched intel and went back to AMD

I had never used amd

except a really old xp laptop with athlon

that thing was garbage

the 4790k was the most recent intel chip I had used. Before that was using AMD

now running the 3900x

Mind you Cat6 will prob work better on 2.5G or 5G.

@surreal finch the laptop I run linux on, is one of those pathetic i7 chips that intel came out with

lol

i7 5500U, duo core with HT @ 3GHz boost

oh yeah!!

only thing it has going for it

is the sweet sweet memory bandwidth

27GB/s

3GHz BOOOOOOoooossttt

so doing hardware operations

and writing and reading from memory

was still very fast

like, my quadcore i7 2700k did maybe 32GB/s memory bandwidth

I use that as a 'rough' estimate of how fast the system is

nevermind those stupid cinebench thingies

haha

memory bandwidth is usually a good indicator of raw speed

if you have all cores doing a memory copy operation

and you just see how fast it goes

@surreal finch lol this laptop is so trash though, the moment it needs any form of number crunching

it just turns into an oven

haha dang

What all are you using it for?

well, I mostly write code

and that's not so heavy on the resources usually

ahh yeah

depends on size of project and language ofcourse, compilation can be very heavy

my largest projects take about 20 seconds to compile

on the desktop maybe 5 secs

partial compilation when debugging is nice, takes half a second

@surreal finch but when new kernel version comes out, I need to rebuild it

and that takes over an hour

Good times

Hi all, sorry to interrupt. I can access my CCTV system from outside my network (without a VPN) and I am wondering how this works. I did not configure any port forwarding and I'm pretty sure it doesn't sync to external servers.

There's no interruption in chat

no worries

upnp @cedar igloo

@cedar igloo disable UPnP, make sure the fw is enabled

@peak cloak this is such bs lol

why would a camera upnp by default

its so stupid

yeah, upnp is basically automatic port forwarding, pretty insecure

I'm not complaining that it does this. I'm just wondering if i can configure my own web servers and stuff to use this

you don't want to, it's a security risk

http://www.insecam.org/en/view/238286/

you want to be able to know what's being opened to the internet what's not

@cedar igloo I see you

insecam.org is quite the site

maybe you end up on it too

that is hillarious

the site

wow

luckily mine has authentication

Yeah @cedar igloo, personally I would lock the firewall down, and set it so it is only accessable via VPN

http://www.insecam.org/en/bycountry/-/

having it exposed like that, just opens you up to potential security risks...

You can just look into random people's backyard

cus they didnt secure their routers

even with authentication

lost most of these ip cams have 'security'

90%+ of them are easily rootable over the network

and most have backdoors

or easily exploitable software

yep

https://www.shodan.io/explore/tag/ip cams

Good luck

There's a database of devices, software versions and hardware that can be exploited

if a device is on this list, I would think real good and hard before you actually turn it on

I have mine on a completely isolated subnet and vlan, only accessible by one virtual machine on my network

I've always thought the CCTV wasnt very secure as it uses HTTP and both the username and password is present in the URL

@cedar igloo you can set up a local proxy for it

that does SSL offloading

tbf, I dont "own" the CCTV. It's my parents but I set it up for them, and do everything when it goes wrong. Now it is working, i cant do anything to it as their thinking is "if it ain't broke, don't fix it"

https://www.youtube.com/watch?v=V4IDVkwsQwo

still have to fix my other amplifier

headphones just not as good as real bass :/

and I miss being able to party ;(

does that site you sent - insecam.org bypass auth? i've clicked a random camera and it's showing a login prompt, but the site has the live feed...

@cedar igloo yeah these are all exploited cameras

this is why you never connect the camera directly to the public internet

hopefully manually exploited though, right?

like its not automated?

at this point

it could well be automated

I've seen oneliner scripts that can exploit the device

and drop you into a root shell

or change password and give you details in your terminal

just watch some DEF CON talks

I should buy some random camera and try to exploit it for fun

you'll never feel the same after that

could be a nice learning experience

would be a great learning experience

ah

for this !

I am all about doing things like that

I have a talk you must watch

https://www.youtube.com/watch?v=B8DjTcANBx0

This is a great one ^

ay, I just switched back to linux, time to setup KVM again

Black Hat 2013 - Exploiting Network Surveillance Cameras Like a Hollywood Hacker

xD

he basically shows that after you pwned the device

that you can manipulate the video feed

like in movies

@peak cloak https://youtu.be/B8DjTcANBx0?t=146

lol how he disses on dlink

https://i.imgur.com/vHpW5vx.png

I mean, rightly so

that program there, was unprotected, and ran a shellscript as root

And it goes both ways xD

https://i.imgur.com/aLkSVyU.png

pretty cool vid

just watched all of it

@peak cloak yeah and consider this

all smart home devices

could have these bugs

this is why I am quite weary with smart items

I don't trust a company who makes toasters or TVs to know anything about cyber security

and what he stated

'I am in your network, and I am root'

is still a great place to be in as an attacker

I can see you, is just a meme

then you should see what APC's parent company is doing... lol

https://www.se.com/ww/en/work/campaign/masterpact-mtz/

be very afraid

hi, im looking for help on my powerEdge r710 server im runing proxmox and its not geting accses to the internet can any one help me out?

I agree IoT (Internet of Things) has been quite the buzzword for some while, I refer to it as the IoS (swear filter for the S) Which will only get worse with 5G deployment and low power, low cost devices spread far and wide. Yes there will be stellar devices with some really good RTOS setups, but they'll be swamped by the devices with zero or minimal patching, built to a cost with hard coded passwords. It will add more credence to zero trust networks which will be a right PITA to setup and manage. More so when the PHB demands that you allow unfettered network access to her/his network connected coffee mat, with an allow any-any rule as there's naff all documentation for it, and it has to be on the network yesterday.

@waxen scroll https://i.imgur.com/sEMdkP2.png

I wonder how fast those can switch on and off

could be a lot of fun

need to make sure I have pwned the power grid control room's IP cam

so I can see their faces

when their grid starts modulating the word 'rekt'

in morse

I guess you could call it very low frequency FM

aww yis https://i.imgur.com/cAtFI2S.png

new minecraft sucks. 1.7.10 is king

A proper power control network (SCADA) will have a genuine air gap between anything on any other network. Most utilities operate under some quite tight regulatory overwatch. So they are prepared to pay for network availability and full separation from their corporate network. If any I'd say that water is prob at bottom of the list, mainly due to the locations pumps and sensors can be (up in the mountains etc..) as getting cost effective connectivity for a hell of a lot more sensors/controls than gas or elec in the back of beyond is a real challenge. Smart meters will connect back via a multitude of methods (2G, 3G, 4G, 5G, LoRA etc ..) to basically a billing platform, that should HOPEFULLY have zero inter-working with the SCADA networks.

@distant radish i dunno, I've heard from employees that worked on solar inverters for 10MW stations

that said that the control interface for those PLCs are sometimes still hooked up to public internet

happens from time to time

and even the systems that i'ev worked on with IoT, sometimes were merely dialup lines

with a plaintext password

@tame carbon madness, and see my comment about regulatory. I'm in Europe, where most likely the Operator would never even think of such a thing. As it stands war-dialling is a thing of the past, so dial up is prob more secure than the internet, unless its a targeted attack.

@distant radish Germany as it happens

that this story came from

and its not the operator

rather the equipment manufacturer

and service installer

whats the difference between a router and a modem

Ah, that makes sense, bet the operator wouldn't be happy with that approach.

@orchid shell router routes packets between different IP packets over ethernet networks

a modem translates ethernet to some other type of signal

though a modem doesn't have to be ethernet per say

https://upload.wikimedia.org/wikipedia/commons/e/e5/Analogue_modem_-_acoustic_coupler.jpg

this is also a modem

A router breaks a broadcast domain, a modem as Crystal states translates a binary signal into another signal

very old one xD

@distant radish but do they know what a broadcast domain is ?

I was trying to use as little technical terms

Hopefully! if they want to understand what Ethernet is

yeah thats kinda the fundamental thing we rely on

I didn't understand until recently

nvm fiberchannel cough

I knew that ethernet was wired wifi and that was it

now I know

wired wifi

wat

I think you got that backwards

like 2 years ago, if you asked me what was ethernet that's what I would have said

wifi standard is between the L2 ISO IEEC-whatever, MAC specification

it basically adds an additional HW address

the regular ethernet implementation is stacked ontop

@peak cloak I didnt know about LLC

only about MAC

what's LLC?

WiFi until WiFi6 (802.11ax) was how Ethernet was before switches, when everything was on a hub or co-ax. only one device could transmit at a time. Then Ethernet switches allowed multiple devices to transmit at once (breaking the collision domain) WiFi6 allows in an ideal world for multiple devices to transmit at once

Logical Link Control

https://i.imgur.com/pvDqgB4.png

I hate you captialism

ah ok

LLC takes me back to ISDN and X.25

So the physical layer can be any one of these

Perfect!

this is all 802.2 at the end of the day

these protocols are very near the hardware

unlike the network layer

if you can shove bytes in both directions, TCP/IP can be implemented

so bluetooth tethering, follows much the same structure

Bluetooth out of all the training I've ever done, is the only one that sent me to sleep

@distant radish I've implemented some smart watch apps before

and I remember writing the netcode as being infuriatingly awful

hay what is a dns2 for setting up a static ip for a server?

because bluetooth itself just presents itself as a duplex pipe

... with packet loss

fallback dns ?

unless you go into an encoding mode for audio or tethering

pure serial data exchange is horrible

Whatever your second DNS server is. For example if you are using Cloudflare 1.1.1.1 for DNS1 and 1.0.0.1 for DNS2

google would be 8.8.8.8 and 8.8.4.4

@distant radish can you also enumerate the IP addresses of your local network? xD

There's like a list of over 20 addresses in my head now

public and local

ok thanks i been doing every thing wong this intier time:/\

@deft fog DNS has two servers, incase one is unavailable

its basically a phone book

DNS issues are really annoying

yup

OR you have your default gateway as DNS1 with nothing in DNS2 has hopefully your default gateway is resilient and the IP for that is a VRRP/HSRP address. With the default gateway then being configured with various upstream DNS servers

yeah that's what I do

https://i.imgur.com/4fqxVXO.png

small cache and a local static dns list

:( https://i.imgur.com/npKsGR1.png

Gosh the number of packets

Local DNS running in Docker on my NAS for me

doesnt even do 9999

wow what a buzzkill

Hey guys, what do you think about this product QNAP TS-230 2-bay NAS? Is it good for home use ?

so if im running proxmox with a ip of 192.168.1.105 should the server be running the same ip address as proxmox or diffrent

so a VM of inside proxmox?

no it the server it self to set up vms

proxmox by default does mac-"spoofing" I think it's called where it fakes the mac address of packets depending on the VM it's coming from so each VM looks like a sepereate machine

I don't understand

@peak cloak macvtap

on sec

ah that's the name

its a network tap

that manipulates the mac address depending on what vm sent it

You mean virtual mac

ok to explian better if the server that proxmox is running should or should not be running the same ip adress

You mean same subnet ?

@deft fog you can use macvtap to give the VM its own IP address on the local network

@deft fog only issue is guest-host communication, that won't work

For example 192.168.101.0/24 of real network and 192.168.101.0/24 for vms to ?

Depends how the Proxmox host has been setup. Is it bridging or routing

by default it bridges I think

im unshure ive been playing with it all day

I found that VMware esxi is much easier to configure than promox

@peak cloak it bridges between an internal network, and uses nat-traversal

proxmox is pretty easy

but i do notice that the subnet on my computer is say 255.255.252.0 is that even posible?

Not like esxi

thats a subnet mask

So the VM's in bridging mode would be in the same subnet as the vmbr0 interface if its default

@deft fog 255.255.255.0 is equivalent to /24

/22

255.255.252 is I believe /22

255.255.252.0 right ?

ye

Ya

ur right

Finally 😂

value of three is 2 bits

After along time I got it

so a /22 yes

I want external subnet of /22

my public IP is on a /22 range apparently

Too expensive

22 one's = 255.255.252.0

I want the subnet

and I have a /29 routed as well, with my own public IPs

My external IP address is a part of /16

meanwhile

US DoD sits on like

a bunch of /8's

But I get only one

Here to

I had once before I moved to a dedicated (static) IP

Now I got ugly IP

But easy to remember

I don't even remember my ip

ok im still not geting any acsses to my internet thro proxmox any sugestions to fix the isue

I'm paying for 5 IPs 1.5€ in germany for my server

Here I'm paying 10$ for one IP for my home ...

If you have done some network config changes to the proxmox host, have you rebooted or reloaded the new config?

look at this https://i.imgur.com/QIRWywS.png

so unfair

Where do you see that ? In iana?

Ripe?

this is IANA

or ICANN

@distant radish how would i do that

can you access the web ui?

nope

I think you just ip like in debian

to show current ip it's ip addr show

I forgot how to configure the ip exactly

I want to see all ISP subnets

My ISP sometimes assigns me a DoD address Lolol

so what is brd

All ISP subnets there's 800,000+ of them

wouldn't be the first to squat on their space

fuck the US DOD

They use a portion of th DoD IP space for inter-ISP routing

Not publicly routable of course

hamachi used to be on 5.0.0.0/8 lol

until they got in trouble

Lol now it's here in Israel too in some ISPs and Germany all over the world

I want to get 1.0.0.0/8 😆

It’s ok with IPv6 we can assign every person on earth their own IPv4 space

Sexy IP

My ISP can't provide ipv6 alongside ipv4

why? old eqipment not capable of dual-stack?

They making me decide if stay with static ipv4 or dynamic ipv6

Because they are lazy MF

Most likely it isn't the routers in the ISP network, it will their OSS stack (Operational Support Systems) that have the trouble

They already have the equipment for along time

I mean neither does verizon fios

my isp

They just don't care what the customer asks

Every system that has something to do with IP addresses needs to work with IPv6 that includes all the processes and staff too. Mucho cost

I have their fiber here for 11/12 years disconnected from both sides

They said from 2008 that they're providing ipv6 but never did it

verizon supports ipv6 only in certain areas

At 2012 they said they're starting providing ipv6 for everyone but nothing changed

Than they said the same thing again at 2015

Or 2014

If your internet router is capable, then do a 6to4 tunnel from that to someone that does. I use a Draytek router and run 6to4 to Hurricane electric problem sorted 🙂

yep that's why I do

Nah no tunnels please 😆
My internet is not that stable so adding tunnel on it ...

problem is, my speeds are terrible. Idk if it's my switch or something. When I do a speedtest on the router directly it's like 30mbps which is usable unlike the 30kbps I get on my pc if I connect via ipv6

For downloading from ubisoft / steam / epic games or just downloading files that 1gb and more I need to use my vpn for not making my network crash

I need to do some troubleshooting later

Or just cap everything to 3.0Mb download speed instead 4.5Mb

I'm literally paying for air

Ahhh but thats the same as using a VPN. Your ISP is probably routing your speedtest direct different to your tunnel. Depends on the destination IP. run a trace route and see where the dest IP goes. Chances are its exiting your ISP via a different transit/inter-connect

I'm connecting directly to my server in Germany via TCP + ssl + tls vpn

😅

While downloading files and games

Traffic encrypted everything on TCP

Doesn't matter your ISP wil route the dest IP address a certain way across its network as will all onwards AS's along the path.

Somehow it's faster

Than access my servers like this

So trace route your dest IP for the end server. Then traceroute the IP address of the end of your VPN and most likely the route will be differenet

Usually the same

I already tested it

Because my servers are in the same place and my ISP connected directly to Germany with fiber

So all the time I get the same trace

In that case you have a pretty naughty ISP who's doing some horrid stuff with their traffic management. usual case of speed issues is the peering/transit your ISP has, everything down a congested route.

Nah no pearing this time just bad management from the ISP side

I hate ADSL/vdsl2/vds/xdsl/dsl

I have adsl/vdsl2/xdsl

Worst configuration ever

They say vdsl2 the modem says xdsl

Fiber when????

Gimme yours

I worked for 19 years for a worldwide top 10 internet provider. Network design so I understand the challenges really well. xDSL is usually limited by the QUALITY of the copper pair (aka phone line) a bit less so by the ISP's config of the line quality mechanisms they use. my primary low latency link is VDSL2 39Mb down/6Mb up low ping and very stable. My topup link is 4G with 100Mb down 50Mb up but high ping. I run QoS/App rules to direct my traffic onto the best link for the traffic type

I wish 6 up

😂

I get 0.5 up

Finally another SP engineer in chat

1Mbps/up

44Mbps / down by the modem

1: have you got a clear phone line, no crackles on phone line? 2: whats the sync rate up and down on your router? 3: have you got access to the xDSL line starts showing FECS CRCS etc?

4: have you tried the router/modem in the first line socket in your home where the line comes in with all the wiring disconnected?

Yap

Same result

I learned networking to

But the issues always were here

Wait, what plan are you paying for?

It was ok until 5 months

40/3

But gets less then 3Mbps/up and less then 40 down

Ok how long since those stats were reset? they look really decent, unless they were reset a few hours ago. If router hasn't been reset in ages. then it isn't the xDSL line that the problem, its something elsewhere in the network

@lean pebble you have a pretty nice router now right?

Not long time ago

Ya it's good fixed the main issue

Now new / old problem

Since 1.1.21

That's when I took the picture

Are the OH/RS stats incrementing on path 1 if you refresh the page?

I had this problem in 2018 that got fixed by switching the card in their rack outdoors

They switched it again this time but no change

I think

I'll be able to check it later now it's almost 00:00am here

Need to take a long sleep after last night

Okay starting at the top. SNR looks fine, anything less than 6db and you'll start seeing line drops. Interleave depth at 16 on downstream is a bit high, but not silly high so still ok. Correctable errors as it suggests means there's been some errors but they were spotted and were tiny so fine, no uncorrectable errors great. No HEC OCD or LCD. Total ES is errored seconds so 63 so how long since last reboot? SES is Serverely Errored Seconds which is 18 and UAS is unavailable seconds which is 643 seconds but when you reboot a router you expect a few mins for it to sync up which will be those.

Keep an eye on ES and SES and see how they go

Well check and if yes then check setup/advance and see if bonding is enabled. You shouldn't be sending/receiving OH/RS words on the second path. Since traffic is going over that port that means some sort of syncing is happening which will indeed cause issues.

Last reboot was at 7.1 I think when the technician was here

Well 24.12.2020

I had a technician here

The ISP router is a bridge to my router only transmit the adsl line

Connected via lan port in their gear to my router

With different modem my internet is not loaded at all

Or immediately crashing

Im just talking about the modem. Bonding is when two DSL pairs are interleaved to achieve higher bandwidth. That is the path 1/2 which is DSL pair 1/2. You are sending/receiving traffic on the second pair which if bonding is configured will cause issues if you are not setup for it on the ISP's end

ISP end

Let me correct you internet infrastructure - the ISP and the internet infrastructure are separated here 2 different companies

The ISP did good job by checking everything from 0 to 100 no problem there.
The only company that does 0% checking is the internet infrastructure

Sent a technician that was here for 2 minutes and walked away

Does absolutely nothing

I get that, but you still need to check some of the settings in the modem. The lines are clean but if the modem is setup for bonding or a second active pair is in the RJ11 then you are going to have issues

Only 3,4 I think

They gave the cable with their modem / router / whatever it should be

If I remember correctly it's blue and green

Cable in rj11

Red+green and yellow+black is pair 1 and 2. Still going with a configuration on the modem being the issue

Modem used default settings just runs as bridge

DSL configuration in the modem

Default

After factory reset

ugh, yes, what I am saying is default does not mean correct. If D-link enables bonding by default it could keep causing re-syncing as there is an active pair and the modem is occasionally rx/tx traffic over it

Haha bingo

It's dlink

😆

Dlink dual band ac dsl G256DG

.

Going to crosspost this here to see if anyone has any ideas

https://linustechtips.com/topic/1295965-long-distance-pc-extension-to-upstairs/

ZERXAL

HIIIII

👋

Can you use cat5e plugs on a cat6a cable

not that I know of

maybe, but now you have a cat5e cable

cat5e isn't shielded

plus isn't the guage different, so it wouldn't fit

If I care about privacy tplink is a good company?

@thick minnow I'd be more worried about security with tplink

rather than privacy

What about Edimax?

never heard of them

I ditched all consumer brands in favor of mikrotik

I have some routers can u tell me if they are good?

so unless you have an inquiry specifically about mikrotik, I won't be of much help ;)

Can u recommend on some models?

@thick minnow really depends on your needs

https://mikrotik.com/products

@tame carbon do you have commission on mikrotik? :D

@jaunty talon they should give me one

haahaha

totally

@jaunty talon and you're not the first one to make this remark lmao

friends of mine said I should become a rep

haha

@jaunty talon heck. I don't know all the enterprise thingies it can do. But I have enough experience with them to know its a liberation to use them

I need it for: Vlan, vpn for content my home net from any place and security

@thick minnow what kind of network speed we looking at?

Fastest

all the mikrotik routers run same operating system, and support the features you just mentioned

1G

@tame carbon hehe, not saying theyre not good =) I think theyre in many cases a perfect match for need vs price

@thick minnow what about wireless? built in? or you want seperate access points?

@jaunty talon yeah exactly. You get what you pay for

Built in

@thick minnow if its just a simple home wifi router you need

either hAP ac3 or ac2

https://mikrotik.com/product/hap_ac3

Ac3 is the newest?

yeah its the upgraded variant of the ac2

it sports the same hardware, but has external antenna's

I have a hAP ac2 at home here behind the TV

for wireless and as a tiny switch to hook up the TV and IPTV box

Ok th u so match

the hAP ac2/3 also has an IPsec accelerator chip onboard

for ~400mbit/s IPsec VPN encryption

and naturally, it has support for 802.1q VLANs

Agin th so much

@thick minnow if you need faster VPN handling than that...

there's not much of a choice, you'll end up with an RB4011

like I did xD

https://mikrotik.com/product/rb4011igs_rm

This thing is a beast

@jaunty talon sleasy fuckers. I am using Umbraco Heartcore. Hosted, headless CMS solution

and every day, they just shutdown my development instance

:(

and when I start my dev environment up

takes about 1 min before my app starts working

I get that its a dev environment

but this is a $900 monthly plan

kinda unacceptable behavior.

agreed!

hello

hello

Suomi

how are we today?

fine, and you?

good

trying my best with not crashing my network while downloading files xD

because there is a problem here for more than 2 years...

I'm capping myself to 3Mb/s sad

on wifi or an cable?

nope

cable

if I disable this cap than after 1 minute my whole net is down

not just your connection but the router or switch?

/modem

all stable just no connection to the internet

connection lost , modem and router are up with no change in their lights

so its between your pc and router i guess

but no internet all over the house

otherwise a light will go down if no connection

it goes down to 10 seconds

thats almost imposible, if your router or modem doesnt have an connection the connection light will go out

I think

I know that is why its weird

All the devices and wifi going down at the same time thats happens but ADSl is up and everything is running

mayby contact your provider for an solution

they can't do anything

They don't know how to do their job

for 10 years I had connection issues that every evening the network crashing with no reason

i dont know if they can know what is going on

until I decided to get my own gear

@tame carbon help

he already tried xD

everyone tried

I asked for help is so much places xD

@lean pebble you turned off bonding?

someone yesterday said that

oh thanks for remind me lets check it

lets seee what this modem have there

where this should be?

@peak cloak do you know ?

no clue

I just looked at the convo yesterday

so much unicast errors on the lan ports and broadcast drops to

.

This is what you meant?

can people banned from the internet still use the internet wonder if possible

you kinda can't get banned from the internet

lol

has happened from what ive seen

but not sure how its possible

https://www.techdirt.com/articles/20121109/16132820999/teen-hacker-banned-internet-six-years.shtml stuff like this i dont get

oh, by the gov yeah

Your ISP can cut you off or a court can order you not to use the internet but there is nothing stopping you aside risk of jail time

but from the internet, internet itself no

yeah use public wifi, vpn and a phone

No there should/might be a section that specifically contains bonding

Nope nothing that say bonding or something like that

this is the only place that talk about the adsl connection

what

@twin zealot wat

nothing anymore

He wanted you to help me with this weird Network issue that I have.
But already told him that everyone tried 😆

Well at this point it seems all over the place now you mentioned wifi dropping but the DSL staying up. Have you just tried pulling your router and putting a PC in its place and running speed test to see if it still drops since you only notice it during a load?

Dsl is stable but no internet on all the devices

Thats why its so weird

all seems up but no connection

maybe the dsl is broken

like some random fiberoptic cable

wat wat

maybe try to connect a laptop directly to the modem just to make sure the router isn't the issue

@lean pebble does the DSLAM assign you an IP ?

like, DSL can have an active link, with no data path

where the modem on the other side is functional, but nobody is responding

I'm pretty sure that I don't have external IP when it happens

Because I'm losing connectivity all over the house

Sometimes losing access to my router to

Like the DHCP is going down or something

@lean pebble can you check DSL status?

probably under the advanced page if at all

Working as usual

it should be SHOWTIME

and you should have a PPPoATM lease

The photo I sent earlier today is the only page I have in this router that indicates the ADSL stuff

@peak cloak Not sure if you were the one helping me, but I got a dns load balancer to work

@lean pebble those are just the settings

well, "load balancer"

not the actual running configuration/status

there should be a DSL line status somewhere

with information on link quality and speed

Uptime 20 days

This modem

yeah thats not interesting

get me the DSL line status

should have a bunch of information

Don't have it here in this modem this sucks

call support

They do nothing except telling me that my gear is broken

https://setuprouter.com/router/dynalink/rta1046vw/dsl-29948-large.jpg

This is a random modem

but you're looking for this kind of info ^

if a modem doesnt support this, then its tits up trash

Again, I would plug in and see if you get an address. If not its PPP and the modem is handling the routing. What WAN address is your router getting?

This status ?

This is the only status I have here

didn't you send something yesterday?

with like DSL stats

@lean pebble that looks dead to me

no external addresses configured

Not here

The mikrotik does the connection to the ISP

and this is PTM

The modem is just bridge adsl transfer

Ya

@lean pebble so where is your PPP config?

Mikrotik

So now, plug a PC in to the modem and use those credentials

All pppoe connection handled by mikrotik

wat

Yes

@hollow marlin does this behave like an ethernet bridge?

Yeah

Yes

@lean pebble can you look at the PPPoE client status in your mtik ?

@lean pebble also, I asked for the statistics of the DSL line

that screenshot isnt the full story

That and should turn on logging for PPPoE and see if its dropping

if you have CRC errors on your line

your internet will behave very strangely

spikes in latency

and packet loss

Where do I see it

show menu

Mikrotik is new to me

oh

err

@lean pebble click on ppp

on the left

K

should be in the interfaces tab

do you have a client configured there?

Yap

hold on, my clipboard sharing between two PCs is fucked

keep copy pasting the wrong thing

[2021-01-20T18:31:54] INFO: got ipc shutdown message
[2021-01-20T18:31:54] NOTE: disconnecting client "watomat"
[2021-01-20T18:31:54] NOTE: client "watomat" has disconnected
[2021-01-20T18:31:54] NOTE: stopped server

cool

it works now

ok

https://i.imgur.com/VQ5A3DC.png

click on that

https://i.imgur.com/TMWTc1s.png

Add a new one ?

@lean pebble chances are

its just PPP

and not PPPoE

Oe

but you have a PTM line, which is 'Packet Transfer Mode'

which I assume would be ethernet then

I'll show you

if you already have a client configured

show me the settings

download winbox

dont use webfig.

if you go to the login screen of the router

there's an option called 'winbox'

click on that

https://i.imgur.com/dbmpFnY.png

I know I had it

It disappeared from my pc 😂

Let me redownload it

it doesnt need installation

if you click on that link

the router just gives you a client

this works even if you dont have internet

I have it

works no?

you have traffic

Yap

open the client

go to status

https://i.imgur.com/Ljk9sCp.png

Ok

17 days up

Link down 2 times

right

@lean pebble so what are the issues you are experiencing then?

losing connectivity while downloading files that almost 1gb in size and more

maybe its the mtu?

the ISP provides 1480 and the lan port is 1500

I just noticed