#networking

and IDFs connect back to the MDF at multiple 10/40/100 gig

then clients connect to switches at the IDF

this IDF powers one wing of the school

(the fine arts wing)

school so small we only have a MDF, although I think all the traffic either goes to dedicated fiber to the main campus or via fiber

That's why all of the labels start with F

The MDF at this district powers the ENTIRE district

it has the fat armored 96 strand fiber cable off the street

ah, idk how my district does things

all I know is that they cap us at 30

and that they are there own ISP I think

Each school has 2 strands coming back to the MDF

Going into a switch

never checked if they have an AS number

yep

they do

only one peer

no wonder it's so slow

yikes lmao

who

cogent? he? level3? tata?

zayo?

Sorry to butt in again, but any idea what these are? - https://www.fs.com/products/23298.html?attribute=3044&id=96996

optimum wifi

Cable # markers

at least publically announed

Stick them through the cable

oooooof

oh, thanks

I broke two keystones during termination

how hard exactly am I supposed to push down?

I also did the mistake of have the cut blade inside instead of out

Lastly, when I pushed down hard, the keystone flew and the plastic holding down copper wire snapped

I'm off to a bad start

Nothing wrong with extreme

@waxen scroll is regex rule matching a thing if I pay for o365 email

im sick of free outlook.com not supporting such a thing. the junk is relentless, coming in

with no way of having regex matching or to delete email if body content is empty

i remember exchange having transport rules to configure that does work from one of my win admin lab courses

i dont think regex is a thing in exchange

oh

maybe i remembered it wrong then

Only an Outlook desktop client macro

@rocky badge but not on the server side right?

Nope

:(

@little schooner i want to auto decline peoples dumb invites that say PTO in them and I cant even do that one basic thing

i shouldnt have to script jack for that. it should be a simple GUI option

why can i filter by email headers and take action but not calendar invites????

@rocky badge guess what

they phish test us all the time and theres a header that says phish test

i auto delete and auto report them

got a rule

lol

anyone else on linux gets these things after waking from sleep

ik sleep on linux is weird, but still

sleep on any computer is weird. dont do it

shut down, save more power

true

I really should get used to shutting down

anyone good at linux network config. not sure what i am doing wrong with setting static on pi

yeah sure

what's the issue

also I dislike using statics, use dhcp static leases instead

current conf

DHCP is basically like walking up to the hotel counter and getting a room, DHCP statics are going to the counter with a reservation, and statics are just breaking into a hotel room without telling anyone

when ever i set that. it wont take and takes DHCP. when i put it on a port that is just static. no DHCP. sets the hw address

oh i get that. This is going into an old network where i dont touch the config overlly. just building up some PI kiosks for video loop. setting a static for now to have an SCP script over to it to upload videos.

stoppps the HR lady from walking aroundd with USB sticks.

ah ok

makes sense

i set one pi fine. it worked no issues. copied the conf. Changed the ip to one higher. 101

scp it over to the new pi with my other configs. but no go

hmm, I only know the basics with dhcpcd.conf so no clue tbh, just as a sanity you restarted the dhcp service and if that didn't work restarted the pi

yep did that.

even pulled the SD. rebuilt from fresh. started over again and same issue. so im breaking it somewhere.

I'm out of ideas

Is this the right place to ask about wifi stuff?

yes

@peak cloak no idea what it was but i coped over the conf from the new pi. just edited it there vs upload previous. Worked. did a dif. nothing different. not sure. but its working

Ok, so i have a router at home (obviously) and for now it has been working fine. But when i use my pc (with onboard WiFi on the mobo) the connection is really bad

huh, good that's it working

pretty low signal

That’s what i figured

But the thing is, my laptop got 5bar (haven’t checked rssi)

so its like cell phones. Inital contact can always have high. but then when you use it (chatter) it can drop

well when the laptop is at the same location where the PC is?

Hey guys, is it possible to port forward using pppoe? Does anyone know?

yep

due to interference and or sharing the same channel.

yep, wifi is a shared resource

Yes

is the laptop AC?

But i’m only using the laptop to test for the signal so i’m not using it

hmm

because I only see wifi g and n on that program you are using

Wait, let me check

what is the source of wifi? router. or AP. or repeater or PC with wifi card or USB stick?

It’s a router

Or AP?

what kind?

Don’t really know the diff, it’s the thing that plugs into the modem

Dlink dir-612

pppoe is just a protocol, your ISP may use cgnat or block certain ports

Huh, okay

ok so it's an N router

basic little ap.

how far is it away?

and only 10/100

so you can't get anything over 100mbps

hAh, i’d be lucky if i get above 20

that low of signal i would be shocked if u get that

could be just wifi card on motherboard

Someone suggested getting a new antenna

that low. antenna would have to be disconnected from the card.

You’d be surprised

I have those on my motherboard although now I don't use it

you have something like that fully plugged in and tightened?

I’d rather use it than use a pci slot

If i can

ahh i thought it was a laptop

The laptop was the one i used to confirm that it’s not the router’s fault

ahh ok

best solution is just to use ethernet, but ik it's not possible for everyone

login to the router. look at wifi page. see if there is a transmit power setting

No, i can’t pull a cable to my room

crank it

then also look for a wifi scan too. on your phone or laptop and pick a wireless channel that no one else is on if possible.

that's how it looks like on my AP

From laptop

that looks very good

Anything i should change?

well WPS has been cracked long ago. so if curious kids it could be an issue

beyond that looks fine

Sorry for the screenshots btw, my ISP is having seizures rn so im on mobile

if your laptop shows perfect. but the PC in the same room does now.

not.

I’m trying to eliminate factors here

router looks good. not much config change

So should i buy an antenna first

ohhh click advanced

it's a wifi card issue then, I guess you may be able to try to get better antennaes

they're already in advanced?

oh

almost

one tab to the right

Advanced tab is just acl, url block, dns stuff

oh, I get what you mean

ahh ok

but that's all router stuff, no wifi

already in wifi advanced

its been a while since ive been in dlink

but router looks good. laptop looks good.

time to look at PC.

maybe move the antenna's? If they are behind the pc like that, it could be an issue?

I’m looking for a new ISP, time for a new router too

So I should turn off WPS?

yep

I’ve tried it

i would personally

it wont help any issues but its just good to have off.

my AP doesn't even have WPS, there is no need

WPS was great when on vacation though

find the router, click the button

@serene sparrow look at the PC antennas. Take them off. Test. put them back on. test. See if a change. if not. open device manager find the wifi card. Right click. uninstall. Reboot

reinstall drivers and try again

Even switched to my multimedia player’s antenna. Rssi went from 85 to 79

I haven't done something wrong here, right?

In regards to port forwarding

doesn't look like

what are the first 2 octets of your WAN IP on your router

octets?

so like 123.456.x.x

each group is an octet.

^

91.236

Nice to know

on the router right? not searching on google?

Oh, I searched on google

yeah no

need to look for WAN IP on the router

Ah

look under maybe the PPPoE interface

10.1

yep

you are under cgNAT

you can't port forward

Oh

do you have ipv6 by any chance?

Nothing that I can do?

Not on my router

does you ISP have it though?

Not sure

I would assume it does

because in ipv6 each device gets a public IP, each house get's at least a /64 block which is 18,446,744,073,709,551,615 addresses

So if I had ipv6, I could port forward

well no such thing as port forward in ipv6

Well, yeah

just open the firewall

How would someone connect though? Just use public ip or something?

use the ip of the device

Wait that’s minecraft?

let me show you an example, give me a sec @slate sonnet

I'm trying to setup a server, yeah

Well I'm trying to figure out how people can access A server on my network

Would love to host more than a minecraft server for my friends

I just do this

So are your friends within your LAN?

Or outside

No

@slate sonnet So I get a /64 from tunnelbroker. This is the network 2001:470:___:111::/64 (omitted one octet for privacy). My router's IP would be 2001:470:___:111::1 A device that is on your LAN would get an address like this 2001:470:____:111:123:456:789:111 So you would open port 25565 though the router to 2001:470:____:111:123:456:789:111 and give your friends this IP

Outside

You don't understand @slate sonnet is under CGNAT

Oh rip

you can't port forward under NAT unless you have access to the router that is doing NAT. His ISP is NATing so he doesn't have access

ipv6 is great because no NAT

unless you are stupid to NAT ipv6

Can you connect through ipv6 on mc tho

on bedrock

not on java unfortunatly

yet

Well rip me then

annoy mojang about it

Guess I'm gonna have to switch houses lmao

Use hamachi?

Too complicated

take a look at zerotier

Every time I would have to set it up, etc

How many of y’all have switched to ipv6

you don't really switch persay, you run dual-stack

We don’t have it available at all

so ipv4 and v6

me neither

I use tunnlebroker to get a ipv6 tunnel

but my ISP (verizon) doesn't have native v6

https://tunnelbroker.net/

HE also does ipv6 certifications

you need to setup an ipv6 webserver and mailserver

among other things

So if I use zerotier, my friends won't need to dl it too, right?

Or do they have to have it too

they would

I'm not an expert in zerotier but lots of people recommend it

Btw what kind of antenna should i get

¯_(ツ)_/¯

no clue

so many available

dBi rating?

idk wifi tbh

dBi is all foreign to me

@drowsy lava ?

Oh sorry was in pi world. ahaha

any high gain antenna off amazon would do. but i like these kind the most

https://www.amazon.ca/Eightwood-Antenna-Connector-Magnetic-Wireless/dp/B07JVDNDCR/ref=pd_bxgy_img_2/132-8485282-1437101?_encoding=UTF8&pd_rd_i=B07JVDNDCR&pd_rd_r=8c1d431d-441b-4e45-bd2f-f590c1a8a5af&pd_rd_w=21mc2&pd_rd_wg=HdSQg&pf_rd_p=42339929-297e-4141-b7b2-fe55db70f4b7&pf_rd_r=P1FA1SGER1KQ7NV8XQGJ&psc=1&refRID=P1FA1SGER1KQ7NV8XQGJ

that way they can go above all the power noise or closer to the source

Is 22dBi realistic?

ive also used these before.

https://www.amazon.ca/COVVY-Dual-Band-Connector-Wireless-Extender/dp/B07TQ4Y47D/ref=sr_1_8?dchild=1&keywords=PC+antenna&qid=1613615462&sr=8-8

No its not. its all sales BS. best case possible in a lab with no EMI aruond. not even human body EMI

Ok, so lets say i got a 6dB antenna

im just not convinced its the antenna right off. they are generally solid beyond the bend point.

its just a thin copper wire and or copper mesh

so pretty flexable

That’s the thing

Ooo, so its an app that allows my pc to be in a lan environment, while being out of the network?

I’m not sure as well

So kinda like hamachi

i would try the drivers first

But less difficult to use

yeah, it tunnels L2 over the internet

friends need to download it as well

That is fine

I remember hamachi was much harder to use than zerotier

How can i test if the built in wifi is broken ?

reinstall drivers first.

and or boot up a linux os that supports it and test it that way

limits software issues

boot into bios. turn it off

reboot.

power off.

Then power on and turn it on

see if any change

Ah shit i have to deal with linux now

dont have to

its an option

Also never fear linux. its everywhere

Not that i fear it or anything

try to reinstall drivers. as with windows that is normally a problem no matter whta

I have to set up paritions and whatnot

no no

linux boot on USB key

then reboot to USB

remove USB when done

running on linux rn

yep

just do a live boot

but first. Try drivers first. Cant say that enough.

Oh so that’s what i’ve been doing wrong

🤪

Ok, so i uninstalled the drivers

reboot

then see if it auto detects. if not use laptop. go to mainboard driver site. download. move them over to PC vis USB and install

@drowsy lava that is... if there are linux drivers

I have the drivers, needed to update a while back

the pc is windows right?

Yes

ok

then use device manager. remove them

reboot

Done

it may auto install again.

then see how the PC sees things

So it autodetects

ok let it do its thing

then see if there is an improvement

Nope

Nothing

remove the antennas for a moment. see if it changes anything

it should drop the signal to nothing. but thats not much lower than what your getting

https://www.amazon.ca/TP-Link-AX1800-WiFi-Router-Smart/dp/B085288G3M/ref=sr_1_5?dchild=1&keywords=router&qid=1613616035&sr=8-5

is this any good?

eh

tplink

tplink cosumer is eh

trying to replace the combo unit

it will work

better than combo unit?

https://www.amazon.ca/Ubiquiti-UniFi-Dream-Machine-UDM-US/dp/B081QNJFPV/ref=sr_1_1?dchild=1&keywords=UDM&qid=1613616319&sr=8-1

thats better

personally speaking hahaha

oh no not unifi!

hahahah

I mean... it is 4x the price

to me, that is a combo unit tbh

but yes the TP link will be better than the combo

so it better be better

yeah, although depends what you define as better

its only better if you have an issue to fix.

I've heard of tplink having firmware issues

if there is no issue and you just want more power. then its gonna cost ya

the combo kicks me out once in a while

change channels?

will the router changing channels kick me out of the network?

I personally have this for wifi https://www.tp-link.com/us/business-networking/ceiling-mount-access-point/eap225/

thoes are nice ones. used them before i went unifi

@drowsy lava i just don’ understand how a router 5 metres away has the same strength as another AP past 2 walls about 15m away

hahaha there are so many variables with wifi its hard to say

you have never messed with the wifi card config settings in windows did you?

I dont understand why this goes from 1 bar to 3 bar from time to time

while both are at the exact place

sounds like interference.

switching between 2.4ghz and 5ghz?

idk

always on 5ghz

ah ok

I got them split

had that once years ago on 2.4. was a compressor in a fridge kicking on

I cant use my microwave on 2.4

5g seems fine with microwave

wait, what

your microwave is wifi connected?

no

oh

nevermind

like with microwave on, 2.4 gest messe dup

yeah lots of things are on 2.4 ghz

so what can be messing with 5ghz?

@drowsy lava does any antenna support any freq?

should I lock the channel?

to the basics. yes.

@serene sparrow to the basics yes.

are these settings ok?

@wise sedge i would not. its auto logic to move to a clean channel should be fine.

again WPS hahaha

I enabled band steering on my AP

Wait so, 5GHz.... λ=6cm?

yeah, it keeps my laptop on 2.4 always...

ok, I guess band steering then

what channel options do you have?

not a lot

try the 157

its in the 5g range.

lots of older devices cant talk that high

normally is clear. Unless your in an apartment

but again. Older devices may not be able to use it

I have an apartment nearby

well, theres always 2.4 for older devices right?

I want my laptop to stop dying in the middle of a call

try it and see how oit goes

Just be nice to it and politely tell it to stop dying

Computer speaking nice is kicking it in the front panel.

so 40 is still 5ghz? but ~157 is better?

I dont get how those are different

and why the big jump

with my app I see a bunch of things on the ~157 range

157 has less devices that can use it

hmmm

then you may just be in a congested area

wifi 6, with taging/painting could help but thats still a bit off from consumer.

6e also introduces higher freqencies

with your app is there any channel that has the least amount of chatter?

the free channels are not available on my combo unit

ahh

that sucks

haha

well select the least of the worst.

then see.

the app says my ap is 36m away..., but it is like 7

If I use ZeroTier, can I technically ssh into my pcs at home?

as wifi is still Radio. one thing talks at a time on each antenna.

dont worry about that

Or any pc on the network

the apps will always be wonky at distance.

yeah

unless its a pro tool. its not worth the guess

That's sick

@slate sonnet I actually have a vpn set up

Thank you for showing me this

so I connect to my vpn and then I'm in my network

Oh, it stopped being so bad

I use wireguard

Ok, i think the solution is to buy a new antenna for now. See where i go from there

where is the best place to place a router?

like in a single room but need to access it in other rooms

and really never in that room

think of wifi like a bubble.

and you get to the center of hte bubble to get your signal

straight line of sight through anything

in the middle of everything

that wont be possible with the combo unit, the cable goes into the garage

I have my AP on my stairwell wall

Wifi is best in the middle. BUT>>> your light of sight should not go through. water. Steel. TV's. Appliances. Bathrooms

I am like above the garage on a bit to the side

true

NA houses are better with wifi penetration because wood and drywall

NA?

north american

Debateable.

tin studs are becoming common.

wifi bad

Insulations

Inside wetwalls. Bad for wifi

would it be close to walls be bad?

Wetwalls?

drywall

tin?? Those are the metal studs?

wet walls are walls that have water pipes behind it

it is in the garage

Yes. metal studs.

Horrid.

um, no idea

worse when some idiot grounds something to it. MY gof

wood studs I think

we are using those to renovate the basement

place your AP in the center and see what you get

hahah seeee.

I don’t understand NA houses lol, y’all use gypsum and plywood for just about everything

guess I'm getting another AP for the basement

so like, I should stick the router as high as possible in the garage

faraday cage

so I am closer on the second floor

easy to contruct

?

would that help

?

right, that wall has the electric panel on it, so that does not help ?

we aren't using wooden studs for basement in case water comes in

@serene sparrow Glased tiles in bathrooms and kitchens have metal in them.
Running water creates an EMI field. the faster it runs the larger tthe field. the more interference you get
Appliances and all have their own issues.,
Bathrooms due to metal tubs for older homes and running water. Heair dryers and glased tiles.

there is a wet wood you can get. but it aint cheap

better insulation though. we use it in ours but then foamed the whole thing so its water tight from penetration

leaks are another story ahahha

@peak cloak when renoing the basement. Run network cables.

my parents bought the house which was like really old and completely renovated so everything feels new, although no ethernet everywhere so I had to add that. Also used foam insulation everywhere

Nice 😉

will do

I was getting around 30-40 before...

less noise.

but see how stable it is tomorrow on the calls.

i live on 20 download and 2 upload

won't drywall the basement ceiling just doing snap ceiling probobly

so, should I raise my router up so it is closer to me?

and get rid of any metal round me?

the router*

@peak cloak thats what we did. though i cheated and did foamed crown moulding. very lite. its Velcro on with cables behind it

well straight line of sight.

Hey, who here has a physical linux box they could run a command on? Need to test some grep regex.

Radio waves dont like going around things. They go through it. like bull in china shopp

thicker the thing or more dense. Bull go slow.

= Wifi go slow

on linux rn, what do you need

ip link show | grep '[1-9]: ' | cut -d ":" -f 2

output of that command

 lo
 enp0s31f6
 wlp4s0
 virbr0
 virbr0-nic

btw https://slavesfor.rent/vVf8UAAb

no one cares

it's just the boasting of speeds

its the rules 🤷‍♂️

so he gets a tisk tisk. move on

@peak cloak Thank you. Most of my linux boxes are VM's, need to make sure physical nics don't have any craziness

that url is... odd

i could of picked a completely inappropriate one but didnt

if u want a invite to the custom sharex urls dm

I just use snipping tool

lmao

and paste in discord

Yup

discord hosts images

ik blob has his own though

blob.rocks is a nice domain

and any files up to 50mb on this server

Cuz boosts

So videos too

dont use pxl.blue as well

they log everything

eh

I just use discord

Self host best host

true, just don't have the need to

although, email

use pays.host

Get yo cloudflare outa here

not paying someone to hold my data

yeah I ditched cloudflare

yeah cloudflare is ass

moving to protonmail though

for email

use dns.he.net for DNS

Cloudflare is fine

no

cloudflare is fine

¯\_(ツ)_/¯

Gandi is a superior registrar though 😉

Cloudflare is not just a registrar

I need to find a good domain

that's professional

I use a mixture, google domains, cloudflare, namecheap

I know, just saying people that use it as just a registrar are missing out

All 3 have been fine

don't want presentmonkey.something on my resume

yikes

It makes sense as a cdn and security net

And most people are using cloudflare as a nameserver & proxy

Not registrar

Although prices for cloudflare are really good

no way

I'm paying like $8/year for a .com

That include a ssl?

While most others charge $12

lmao paying for ssl

Cloudflare provides free ssl and let's encrypt exists

let's encrypt all the way if you are not anything big

Even big corps use let's encrypt

really?

I thought you want a custom SSL

Lets encypt is eventually not going to be as trusted, because it can be automated. Most malicious domains use it.

Google uses it by default for their google cloud load balancer

Although aws provides ACM for free too via their Amazon Root CA

I mean it's just for encryption, not for if the site is good or not

Most public certifications can be automated

https != good site

Digicert, AWS ACM, let's encrypt/acme

But most of them are pretty good about verification

Yeah, but most people see that https is on, and disregard other security practices. It's security theatre, and something malicious actors take advantage of

yep I get what you mean

It also means easy automation of encrypted C2 channels.

Whether it be dns or well known http

explaining it to my older familiy is hard

although one of my aunts doesn't trust online banking at all

https now just serves as encryption really doesn't mean it's safe

With it you know you know it's verified and nobody's snooping on your traffic assuming default Mozilla root CA store

You know this, and I know this. But people still see it as a sign of trust

yup

Because that's what the industry has told them for a while

See the green padlock, which is now just grey, or https

A Spanish root CA just got booted out of Chromes trusted certs for having an unregulated sub-CA, and too many malicious domains without an answer of how stuff happened.

Symantec

/s

What do you do when you see mcafee on a computer?
Burn it. Burn it with cleansing flames.

destroy that disk /s

You go ahead and remove that /s

lol

what are some scanning protocol standards?

I'm setting up a linux scan server because that stupid scanner only has USB linux drivers

ik I can use SANE on linux over network, but what about windows?

🤷‍♂️

I just let windows handle all my printing and scanning. Don't feel like reinventing the wheel

the windows client software also sucks

you need a licence key or something

Ah.

lol i just found a vulnerable sql injection on the skindex

Best free WiFi analizer for android?

I dont think the one I have right now works

I’m not getting it

Why

My rssi is still so weak

I use WifiMan from Ubiquiti

its free and a good analyzer

dont have to have unifi stuff to use it

thanks, I will try that

@tame carbon Sorry for pinging you gain but I have another question, can a plex server, apart from initial installation and occasional maintenance, run without an internet connection and can I connect it to my non-smart tv via ethernet and run it?

oh wow, the signal strength graph actually works

tried 2 others out and they kinda just did not move and updated real slow

What would be the reason that i cannot connect to my main WIFI at home. But i can connect to others WIFIs with my Laptop. And i can use phone on that wifi, just my laptop doesnt want to connect.

@thick minnow that machine would just be like a regular computer on your network. You still need an internet connection to install and update packages

@peak cloak Yup. CUPSd + SANE

the go-to stack for multifunctional office printers

Okay thanks, but the second part, can I run the server offline to my non-smart tv over ethernet?

@thick minnow You'll need a device for that

without a smart TV, you wont be able to stream directly

@thick minnow a cheap solution would be a raspberry pi with KODI installed on it

https://kodi.tv/

KODI has a plugin called PlexKodiConnect

allows KODI to stream from Plex

KODI was formerly called XBMC or "Xbox Media Center"

can wifi interferer with coax?

my internet comes form coax and my router is right next to it

not unless you've got like a few hundreds watts of power applied to the antenna 😛

any consumer wifi, no

@flat yew hi guys

hi

What a wonderful surprise no 4G all day

if ive opened a port on my isp provided modem + router combo, if i get a new router, would i have to forward on that aswell?

well if the ISP box doesn't have passthough mode then yes

this is called double NAT

Hardware is so nice stacked, no Ciena but right up there looks wise

that feel when you're a neteng and physical HW aint your problem anymore

#blessed

At least I do not have to rack it. Just getting it ready for the sysadmins

s-sysadmins? eeeeeeh

i used to work in a few datacenters so ive done so much racking and wiring I screen employers to make sure thats not my problem

its not sexy anymore

Yep, enjoying it for the first few times but im good.

i had an employer hang up on me once

https://tenor.com/view/old-gif-5627986

was office depot. crappy company. dodged a bullet

They asked questions, I asked mine and then they were like "OK lets move on to the other part of the interview." [CLICK]

lmao

someone in that room was prob like hell no and hung it up

@desert briar its not that im old. I love money and you work less the more money you make. I'm not doing non-engineer work

Yeah, I mean same. I work in security, this thing is a big passion of mine though. I'd kill to work with some current hardware for a bit

and here @clear igloo is deep into his career and touches gear and wires constantly

looking for 10G switch with at least 10 ports but affordable, less than 650 USD

any suggestions ?

@sour saddle SFP+? Or strict ethernet?

@desert briar its basically like getting 100k and taking out the trash. You try to justify it.... hey im well paid trash man but over time the mental thoughts get to you and you get depressed

brand new or refurbed?

thats me and cables+racking

doesn't matter SFP+ or ethernet

https://mikrotik.com/product/crs326_24s_2q_rm

new

500USD

24 ports sfp+ and 2 40gbit ones. I have it myself. Just dont expect too much l3 functionality out of it, its a tik after all

I mean I guess. Still, its just the fact of exploration. Ive never seen an actual data center

or anything aside old, refurbed hardware 😄

datacenter teching can be a mental rollercoaster. You're doing tech stuff but you're also cleaning, taking out trash, working the dock when deliveries come in 3-4 times per day

are you in IT?

I do pentesting, yeah

the company has no colo?

They do have an actual data center, but I havent managed to persuade anyone to let me in yet 😂

oh. shame.

• im an intern

so doing everything requires me to go through my team lead, then through his boss etc. etc.

funnnnn

I wanted a dev splunk license as its free and im elligible for it, but my request got lost somewhere in the corporate chain

yeaaaaahhhh know that feel ;p

Certain someone in this chat offered theirs, and im really grateful for that 😄

For now im just learning ELK

current job is very locked down. if i wanted non-standard software its a whole ordeal, takes forever

yeah, same. It is what it is

VMUG for the win 🙂

I learnt a tonne about vsphere and what not, these things are unusual for what I do. Having a server allowed me to make some cool active directory labs and what not

i used to buy licenses and just use them at work but now in 2021 everyones auditing your software and you'll get caught

def one of the best purchases I ever made

yeah, rather safe than sorry

the new thing is also to MITM attack everyones SSL

last two jobs did it 😦

tho it depends on who is doing the audits 😂

from security perspective, man in the middle is a bad idea often

or well, from the "stealth" perspective

it reads everything i do and kills connections if it doesnt like whats being sent

not sure how its not a violation of the law, but whatever. i stopped doing personal anything

no emails, nothing

I mean you cant even strip TLS nowadays, that attack wont work. To some extent it might but browsers will always alert the users at this point.

• a lot of browsers have hardcoded HSTS lists, so if you try to connect to facebook without https per say, browser wont even connect

Overall if you were to attack someone you share a network with, there are much better ways than doing mitm

idk how it works. i know the proxy opens the actual connection and decrypts, then the encryption between me and the proxy is an in-house CA/cert

browser doesnt complain

LZDanger, circa 2018

Ah, yeah well. You can do that if you install a certificate into the trusted cert store. That is different though. You install the cert in the PC, you can decrypt the traffic on the fly. As an attacker, you do not have that possibility.

Hello

Can I provide myself 4G?

😆

@clear igloo IPv6 working in Wireguard VPN via pfSense

https://blob.rocks/JhMSvcnPFF.png

blob

what image hosting platform are you using? Is it self coded?

Self

https://tenor.com/view/frodo-keep-your-secrets-alright-then-lotr-gif-12907121

which is just a node API infront of S3

Was thinking about hosting my own url shortener / something similar like what you have

dont really wanna code it myself, have way too many ongoing projects at this point

shlink for url shortener

Run it in Docker

https://shlink.io/documentation/install-docker-image/

either femtocell, or bust. Broadcasting LTE signals requires a license

Anything you can recommend for image hosting?

Depends on how you wanna do it

Wanna do it blob style

You could either setup your own minio S3

Use DigitalOcean S3/AWS S3/Google Cloud Storage Buckets

Use a PHP/Python/Node uploader on a webserver

How do you actually upload the image though? Have some self hosted front end for it? drag n drop, it gets uploaded?

ShareX

I don't have lte since today morning...
This stupid support guy insist not following my instructions of what to do for fix it.

I think I'll ignore him and just wait to tomorrow morning for the business support like always.
Fixing it in 1 sec

sharex is so awesome

makes it fast and easy to share ss

I get drained easily having to install dual monitors setups when everything has a security lock and cable. Needs to be removed to plug in anything new under the cover of a Dell 3020M system. On top of that, need to bend forward just to work on the dang thing for long periods of time. Then, cable manage everything back in the 3020M, run other cables through the monitor hole and connect.

If the desks in the office had a way to go behind them, the job would be 3x easier. I hate doing the physical part of IT. I'm kinda weak for that stuff. The software side of things is my best ability.

Last time my coworker offered to take over the cart of PCs because he saw how I was struggling to push them lol

One ended up falling anyway, but I think those were PCs to be recycled

I'd like them to hire a student worker because they were doing this part of the job

yes, you get it ❤️

Lol

Sounds little annoying to manage it like this

I am trying to place my router at the best spot. would better signal be more stable speed?

yep

because I was getting ~80mbps at a lower signal spot than a better spot

like from 80 to 1 or even nothing

but signal is great

it can even say signal great, no internet

I dont know what is going on

hey guys

i have a question about webserver/ or just servers in general

basically, let's take the hosting as a service scheme

companies like digitalocean offer a variety of options when it comes to chosing hardware

but when it boils down to the low level stuff, i can assume it's just a virtual machine using a hypervisor ~ please correct me if i am wrong

my question is how they handle assigning IPs to each one of these virtual machines/ droplets

yep, although the actual specs matter in a VM. A vcpu from one specific cpu can be better/worse compared to another cpu

you can also buy bare metal servers

virtual routers

Could you shine some light on them for me?

idk exactly how and the specifics since I don't work for a DC

https://vyos.io/ for example

so it's virtual router huh

but i thought routers could only manage ipv4 and ipv6

i guess it's a special case

wdym manage?

@hollow marlin know much more about this, maybe he could answer if he's online

routers route

well, i'm used to the idea of a router sitting in between my PCs and internet

i get only 1 Ip

but the router hands out IPV4/6 to all of my local devices

well that's your router's DHCP server that is handing out ips

and for ipv6, router-advert

right

but a router itself all it does it router between subnets

no DHCP

no router-advert

no DNS

hum

so router-advert is specifically for IPv6?

Sorry if i am getting this wrong, i haven't heard of it before

router-advert is SLAAC, there is also DHCPv6 but it's not advised

basically the PC itself decides on what ip to get

https://www.pcmag.com/encyclopedia/term/slaac

android for some complicated reason does not support DHCPv6

i see

in ipv6 NAT is the exception not the norm like in ipv4

you know what NAT is right?

network address translation?

i believe

yeah, but you understand the concept or no?

I've just heard the term, never actually looked over what it means or how it works

i just saw a video online

Ok so in the beginning of the internet each device on the internet got their own public IP address. However as ipv4 addresses started to run dry NAT was used a solution. Basically each home would only get 1 public IP (nowadays some even don't get a public address) and that one address is NATed so a private ip range like 192.168.1.1/24. This way many devices can share one public IP. However this breaks the point to point concept of the internet because a device outside cannot start a connection to a device behind NAT without port forwarding. In ipv6 there are many more addresses so each household should get at least a /64 block which is ALOT of addresses and the smallest publically routable prefix. Most ISPs give out at least a /56 so you can subnet within your housenet. Now each device gets their own public IP

And the device gets their IP with SLAAC by asking the router for the prefix and generating the rest of the IP themselves

So for example I get this: 2001:470:___:111::/64 (ommited one octet for privacy)

my router's IP is 2001:470:___:111::1/64

and the router advertises this whole block to my LAN 2001:470:___:111::/64

So a device on my LAN could have the ip of 2001:470:____:111:123:456:789:111

And it's a public IP

in ipv4 lets say get this IP 123.456.789.111

My router NATs this one IP to a 192.168.1.1/24 network

so a device may have an IP of 192.168.1.38

But this address is not a public address, in order to lets say access a webserver on it, the router would have to port forward port 80 on the WAN interface to 192.168.1.38

And people would access the websever via the public IP, not the actual IP of the device behind NAT

ah yes

it's port forwarding

an incoming data transmission is port forwarded to a specific port on a specific device on the local network

if available ofc.

yeah, all other connections need to be initiated by the device behind NAT and the router holds a connection NAT table

@clear igloo Wireguard stronkkkk https://blob.rocks/osmQTAiZjZ.png

Its maxing my upload

Nice!

give more bandwidth!

wayyyy better than ipsec

Thanks for the mini lecture

i'll be sure to look this stuff up and understand it fully

ipv6 takes a while to understand

you have to think a lot differently than what you are used to

Yes, i agree, it's still quite vague

any recommendations for a good router ???

budget like 200 USD

@peak cloak that was a good writeup

thanks, I'm getting better at explaining

Can i ask a wifi problem here? Pleade

Please*

yeah this is networking

Ooook

Could i possibly ask a sorta tech related question? I’m having a problem with my drivers on my laptop and for some reason also cant update my laptop either?

Maybe both problems are connected but its not there 😦

Dose anyone want to help me create a video sharing service we are doing this because of YouTube taking down the coco distrack we decided that we want to create a platform not riddled with over censorship this will not only help creators make more content but also make more money we will only take 20% and the will be no sub threshold for ads if you you can dm me if you want to help

Do you understand the amount of capital, connections, and knowledge it takes to build something like that?

There's a reason why youtube remains king

God a video platform has a lot of parts to it

Video ingest, video playback, video storage, community interaction

Live ingest, rtmp routing and streaming

Analytics and recommendations, content reporting, etc...

i think that falls under promotion

its obviously political too rather than about actual networking so its off topic at best

bless you both for attacking the engineering aspect immediately though lol

Isn't this essentially floatplane kinda?

First they want to make a streaming service, then a game then a video service all in a few days

Yeah kinda

Honestly you need hundreds of thousands of dollars in hardware and infrastructure for that

It's not easy

Nor may it be legal

I’m using the base of my streaming service to make it easier to start and I’m doing this because YouTube removed the coco distrack

Wdym

You might run into some issues with antitrust and other things

Not too sure

My studio that is making it is trademarked in Japan

But I have the licenseing to do business in the states

Hmm, I guess go for it then

Doesn't hurt to try

You'll have to heavily advertise though

And also be good at development

Well the devolopment part is the problem we are only two people we can’t do that much

Clubhouse started with 2 people, but then again they are good at developing

My advice? Do something, even if it is one thing, truly unique. “We are better because we have a video another service took down and we have greater profit margins” isn’t very compelling in my mind because that’s what all the YouTube competitors are doing.

For example. LTT does NOT make videos. Sure they do, but that’s not what they DO. They make a story. You know, the stuff that has held captive hundreds of generations of people for thousands of years? That’s what LTT DOES. They focus on story first.

Will be attending a lecture by the IBM Z lead architect for APAC

I am very excited

So sure, you can make yet another video hosting service, but unless you set your sights on something the competitors aren’t doing, you’ll drown in the noise.

What is APAC?

Asia pacific

School WiFi in the morning (6 devices) and then 569 devices

But y tho

I mean that is how it works

Yea ik

In my opinion schools should have 1Gbps

They can clearly afford it

(assuming its a private school)

Yea it is

I mean the teachers speakers are Harmon kardon

Yeah they can afford gigabit

Yea

does this look like an alright server config for high avaliability? for a case study

Debatable. If you want maximum uptime Id change some things. Possibly 2 power supplies and 2 network cards

if either fails you have a failover

I dont like using software raid, but thats just my bias

ty for that, case study wants a server cluster, do i just make 2 servers? or cloud @desert briar

I mean, you can cluster with 1 server. You install a hypervisor and at that point make many smaller VMs which work in a cluster (for example kubernetes)

The more servers the merrier though

depending on what you use having multiple servers allows you to migrate live VMs, load balance the traffic etc.

With one server you can "simulate" HA, however if you need to do a maintenance on the server itself (update the hypervisor, bios, etc.) there will be downtime

cool

im quite new to it all

im guessing having an active and passive server with shared storage is just easier but costs more money?

the whole idea of clustering is that its better to have 4 tiny servers (which together compare to a power of 1 big server) compared to just 1 big server

Or have 4 big servers if you can afford it 😆

Mind elaborating?

like having 2 servers that share the same data, if 1 of them goes down the other one takes its place

Yeah, you can definitely do that :). Its a common approach for HA in fact. If you use VSphere you have a technology called DRS - https://www.vmware.com/products/vsphere/drs-dpm.html . It can take care of VMs if one host goes offline, needs to be updated and so forth.

If by having same data you are referring to shared storage

Yea

You can do clustering on more or less anything, even a Pi

https://www.youtube.com/watch?v=kgVz4-SEhbE&list=PL2_OBreMn7Frk57NLmLheAaSSpJLLL90G&ab_channel=JeffGeerling

This is a pretty nice video too, as to why clustering is a thing - https://www.youtube.com/watch?v=hGyJTcdfR1E&ab_channel=MichaelKlements

of course, the use case depends on what you need to do 😄

Right

They do

Just split over hundreds of devices

Hell my school district is technically an isp

So just wanted a second opinion, just been told by engineer that came out, that my powerline adapter is the cause of all of our internet issues (dropping out everywhere, etc) and that we should switch to pure wifi or proper ethernet. Is that actually right, i cant imagine it causing complete drop-outs and low speeds for our wifi as well

Also dont really wanna be having to buy a wifi card, seeing as proper ethernet isnt an option

Not mine

And how do you know?

End device bandwidth != the bandwidth the school itself gets

What?

Just because you are not getting gig over wireless does not mean the school does not have a gig connection

its not that, i've tested ethernet and it was only like 100

even ethernet, it's throttled

We provide circuits to almost half the schools in the state. All are minimum of a gig. Chromebooks, phones, streaming presentations, etc. basically require schools to have a gig at bare minimum or they cannot function in todays world

yeah

Why would they allow a single student to consume most the bandwidth? Each devices is throttled on purpose

when you have 1000 mbps / 400 devices that leaves 2.5 mbps per device assuming each one was maxing out the connection

that's an unrealistic scenerio but still

ah

hmm idk

If I have a kas does the fact that the drives are different sizes?

Nas *

well depends on the NAS

and what filesystem it uses

Errrrr dunno

RAID, ZFS, BTRFS?

I think raid

Its just a Linux based 4 drive enclosure

idk much about storage but I think RAID doesn't like different sizes drives

Ah ok so they should ideally be the same size

yeah

Sweet, ok, having soem trouble with setting up a lan

You got a tutorial by any chance?

setting up LAN?

what does that mean

Yeah I'm trying to use a mobile hotspot for my WiFi router, and have everything connect to it

Is that even possible?

What do you mean?

what are u using

so use a mobile hotspot as your internet source?

Every time I configure the WiFi to connect to my hotspot the ip changes, then nothing connects to it?

@peak cloak EXACTLY THAT

💯

what devices do you use

Samsung note 9

and how do you want to connect wifi to a phone

idk if a phone would support it. How are you connecting it to the router now?

I've done so.e research and it might have something to do with dhcp

Or a server setting idk

i’m moving soon and the internet is 500mbps for $60 a month and 1 gbps for 80 a month? is it worth getting the full gig? these are my current speeds so anything will be an upgrade

I know things like some mikrotik have a USB port that you can plug a 4G dongle in and use the mobile data

@minor girder get a 4g router and put your sim in that

Hmmm, I can connect via wifi

how are you connecting the phone to the router

@thick minnow that means I can't use my phone lol

@peak cloak WiFi

you cant connect an acces point to your 4g from your phone

Essentially I'm using mobile hotspit thingy

So essentially my unlimited data to a router then to all my devices like a switch

Is that even possible?

does your provider allow that?

they probably do not like that and fine you lol

Trust me

it's possible, but much easier with a 4g modem

yeah ^

I've downloaded over 300gb

There cool 🤣

thats not that much

I use terabytes a month

Its just tv Spotify and xbox

I work alot 🤣

Would be nice to just come home wack my hotspit on then... boom everything on the WiFi

*bangs head on desk

Is it something like port forwarding or something?

no

it'a matter of routing everything though your phone

but you cant connect your router or acces point to your phone to extent the signal

Hmmmm

maybe you could connect via USB?

🤔

only if the router supports that

and the phone

phones arent made for that

much easier to just get a 4g modem

Can I ask what seems to be a dumb question?

4g modem is only possible solution

maybe your provider has them

call them

@peak cloak it has a sim card slot but I use the phone itself

If you're using WiFi primarily, probably not. It's difficult to get speeds over 4 or 500 megabit over Wi-Fi... Might get there with WiFi 6, but not many devices support it.

Does the ip addresses of my devices have to match the ip of my phone

no

that isnt even possible

you don't want it to

Ok

it wont work

that would cause IP conflicts, very bad

Ok

local ip adres 1 per device never the same

think of IPs are physical street addresses

So say for example my ip address on my phone is 192.168.1.0

you can't have the same house number on the same street

My devices would be totally different right?