#networking

With queues

I think it is best to make it free.. and yes you could have a free one that everybody can use with limited speed

And then allow them to upgrade

then a higher tier that gives more

Then again its just opportunity costs now

Currently they pay 1,50 euros/gb

And thats not the guests

That's my dad, privately and for business use

So that will already relieve lot of costs

Wifi free is also easiervto config

@tender hazel couldn't I just create a 2nd ssid and use EAP?

Give them username and password

yes, that's exactly what I was about to suggest

you can have one wifi ssid for free

Allow up to 2 devices

one EAP for cost

in that case, depending on how soon you are setting this up, you may want to use routeros v7

even though it is still in beta

Is there an easy way for someone no savvy to easily manage access tokens?

Or do I have to whip something together in a webapp using the api?

yes, that's why I mention routeros v7, it has a redesigned user-manager that supports EAP

and paypal billing

@clear igloo I'm watching Netflix from my ISP https://blob.rocks/cYZiB1QipP.png

@tender hazel nah they can just buy vouchers at the front desk

I can just create a script

that will generate a bunch of them

or create them as they go

ok

and then delete them at the end of the season

that works too

can you set traffic limits ?

but you'll need something for EAP RADIUS auth

cant the mtik self provision auth?

not with EAP, unless you use the new user-manager in ROS 7

otherwise you'll need to run freeradius on some linux box or raspberry pi

so

free wifi yes

paid wifi, wait for ros 7

yes.. ros 7's user manager has built in support for EAP so you can use it for authenticating wifi clients.. I tried it myself on my home router just last night

I made an enterprise SSID with EAP and my phone is now logging into that

there is no practical purpose for that in my apartment, but it was cool 🙂

@tender hazel do the clients need to have rOS 7 ?

I could just update the router to beta

and leave the rest on stable

unfortunately yes, I'm not sure why, but CAPs that are 6.xx will not connect to a capsman that is on 7.xx

the reverse works, strangely

oh

you can have CAPs on 7.xx connecting to a capsman on 6.xx

odd

I'm not sure why that limitation is there, but it is there

I only discovered that through my tinkering on my home network

but we do have a server there

its a small vmware box

I could install a vm

and run some kind of software to manager the accounts

oh yes, if you have a vmware box, that solves everything

yes, you can use daloradius

probably

it is a web frontend for freeradius

it does billing too but we don't use it for billing

we just use it to give a web frontend for editing the radius data, otherwise you have to go to mysql command prompt

that's cool too lol

if I can just use sql directly

cus I just want a simple program

where you press button

it prints an A4 piece of paper

with your login

and instructions

and if i can just query an sql database

that's splendid.

I've already done plenty of pdf generation

yup, sounds like you have a good handle on that then

latex :)

ahh

if you have a vmware server, you might also want to set up librenms on a VM

for monitoring

I';ve never used any sort of active directory system

so all of this is kinda unknown to me

I mean you could use the dude for a small setup like that but I've never really liked thedude

I know what it does in practical terms, just not how its configured or works fundamentally

active directory? that is microsoft's LDAP server in windows

or dot1x ?

I assume dot1x is what you use for EAP

but Idk what all these components area

yes, but you don't really have to configure that

and how they are configured

you need to configure the RADIUS server

EAP itself is really simple

802.1X consists of a supplicant, an authenticator and an authentication server (RADIUS server). Currently both authenticator and supplicant sides are supported in RouterOS.

so authenticator is the agent

supplicant is the guy trying to connect

and radius server is what... software?

/caps-man security
add authentication-types=wpa2-psk disable-pmkid=yes encryption=aes-ccm name=security1 passphrase=obfuscated
add authentication-types=wpa2-eap disable-pmkid=yes eap-methods=passthrough eap-radius-accounting=yes encryption=aes-ccm group-encryption=aes-ccm name=EAP tls-certificate=none tls-mode=
dont-verify-certificate

okay ,and what do you use as radius server?

http://daloradius.com/ ?

/radius
add address=192.168.54.3 secret=obfuscated service=ppp
add address=192.168.54.3 secret=obfuscated service=wireless
/radius incoming
set accept=yes

we use freeradius as a radius server

that address is the local radiusserver?

daloradius is a web front end for freeradius

yes

ideally

the radius server needs to have the capsman defined in it, with the source address for the packets and a matching shared secret

I want a smaller 1U low profile SBC server

I can mount underneath the router

that other server is all the accounting and NAS stuff

@tender hazel my idea was to put all the mikrotiks themselves on vlan 1

and then put the caps network on a seperate /20 vlan

can I just filter based on those subnets?

or how does that work?

why ppp and wireless?

caps is not listed, or does wireless count as caps?

https://i.imgur.com/QYnKJ3j.png

oh I get it

yeah.. and Its getting late. O.o 3am

I should go to bed

wireless counts as caps

and what I would do is I would not put the mikrotiks themselves on untagged

@tame carbon

the issue is that if someone manages to plug in to a port they shouldn't be plugged into you don't want them on your management network

if you used vlan 1 for anything, it would be for your regular wifi access network

that way if someone plugs in with a cable to a device they shouldn't be plugged into they will have no more capability than a free wifi user

and most people are not going to know how to set up VLANs on their laptops or phones and probably cannot guess the VLAN IDs you are using for management

so I would either leave the untagged VLAN unused entirely, or use it for the main network that all the guests are on

also, just FYI, you only need the radius server settings on the capsman itself

not on the caps

im gonna be local hosting my mc server from my pc, is it possible to get another IP and give that out instead of my pc's IPV4? i dont feel right giving that one out to everyone

you'd be giving out your network's ip not your computer's

unless you mean hosting on a LAN

regardless there isn't much you can do about that. no matter what you give out its trivial to do a DNS lookup to find the IP

hi , is 802.11 b/g/n wifi standard capable of 5 GHZ networks

by definition no

oh wait, n can do it

the others cant

Howdy

I got a question

What’s the best WiFi 6 router for around 65 dollars?

50 dollar minimum and 80 dollar maximum

Idk

Maybe tp link has some cheap routers that support WiFi 6

thats really cheap for something wifi6 compatable

only thing i see is the TPlink archer ax10 for 75

^^

Good 😄

@tender hazel I might not use vlan 1 at all.

no end user will be plugging anything into my gear

@tender hazel I made a guestimate for the total costs of the network

and I got my dad to agree to roughly 2500 euros

total equipment costs

You can use cloudflare

@clear igloo pretty sure that the free version of cloudflare doesnt do TCP tunneling

They have minecraft support on the free plan I'm 99% sure

but everything else is paid

The tcp tunnel is a paid service past a certain usage

Today

I am learning a new language

Cypher.

Cloudflare does have a a pge dedicated to minecraft

but cloudflare spectrum is paid only

Is there anyway i can run windows and a server software side-by-side? I have storage server running freenas, but i want to use it as a gaming pc for the living room (along side my consoles). Will unraid do the trick? If yes, please tell me how.
i will upgrade the server if i get to know how

You could run the server OS as the base and virtualise Windows

I assume that the OS is Linux

ah, good catch, I thought you could proxy through with minecraft for free but I checked and I was incorrect 🙂

it's running freenas

and vm in freenas is confusing

You can do the minecraft srv records and stuff but that uses the ip in the a record

srv records only help with port mapping in minecraft

because it doesnt support vhosts

I have done some shady stuff with a cheap vps running hamachi to tunnel it so the MC server isnt on the public ip but all traffic is forwarded tot he secret ip at home/dorm room

@mighty wind I recently helped someone do that, but with wireguard

they were behind a CG-NAT

Yeah I only did hamachi since those didnt exist at the time and other VPN were blocked in the dorms.

wireguard would be a good purpose for that since there is little overhead in keeping the tunnel open if no one is on the server.

Eventually I just got a kimsufi bare metal server for a while and now i upgraded to two SoYouStart servers

Yea I think you should install another Server distro (such as unraid) and install freenas and windows as VMs, I wouldn't personally recommened Unraid because it is paid, but the others here can give you suggestions

unraid is just LTT shilling

same with people who ask about glasswire

Either way there are some hardware things you will want to look at to make sure you can do GPU pass through without major headaches.

I have heard good things about xcp-ng but it seems like its for more advanced users. I personally use proxmox so its the only one I can help with. Unraid is the big name as far as LTT goes though.

which reminds me I have an abandoned project I should work on

Hey guys someone can give me an idea of how to connect shared folder between 2 centos machines.
I have my domain ssl on one vps and I want to connect the Letsencrypt folder of the domain to my other vps.
Certbot doesn't support subdomain:port

Scp?

Rsync?

anything you suggest?

i would like all the software side of things be free

Nah I want it to be always connected to the second server

hey someone recommended promox, should i try that?

😆

I use it, what are you trying to do?

@peak cloak

Oh yeah proxmox will work

Use pcie passthrough for the gpu

And I forgot exactly how but you also need to stop proxmox itself from using the gpu

blacklist the kernel module

on the host

I have truenas core server I saw that I can create vms on it

So you can just plug a monitor in and it will be on that vm

It's freebsd

Apparently it's annoying

@peak cloak you can blacklist the kernel driver and then it wont load it

Yeah, that's it

Anyone have a good solution for my question 😅

Can't rsync do mounts?

I'm not sure

With rsync the ssl not working o_O

ssl?

wat

its ssh

Trying to move the ssl certificate from my other vps to new vps

For some reason not loading the new ssl into the second server

.

@tame carbon

Certbot not working because I use different port than 443 to go to the internet on my specific subdomain

you can use the standalone webserver to get the certificate

yeah i registered a free domain, set it up with cloud flare domains, and then had it redirect mc.domain.net to my local IP but i feel like they can still find my IP

Yah, if you don't have it proxied then they can find your IP

uhh

will cloudflares “proxied” option be enough when adding DNS records

If the cloud is grey then it's not proxied

cuz i have them on

Yah then you're good

alright nice

the only struggle i’ve been having was finding actual mods that don’t crash minecraft all the time

but i’ve been able to set up the server so far

@thick minnow you can check with this https://toolbox.googleapps.com/apps/dig/

Type in your hostname

And it will dig it

Check the ip

dig dig dig

dig all the stuff 😄

 crystal@watomat  ~  dig yourmom.com

; <<>> DiG 9.10.3-P4-Ubuntu <<>> yourmom.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54011
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 0

;; QUESTION SECTION:
;yourmom.com.            IN    A

;; ANSWER SECTION:
yourmom.com.        21600    IN    A    208.113.233.166

are the 2 IPs way i’m supposed to look for

neither are mine

am i good

You can do a whois on those IPS

And check if they are cloudflare

so annoying when services hide behind cloudflare

soon, the entire internet will first go through cloudflare

I think 1.1.1.1 is owned by Cloudflare

ie. the DNS server

Yes

It is

1.1.1.1 and 1.0.0.1

tfw you allocate 8gb to your mc server and still runs behind

Well ram isn't the only thing

Processor speed

i got a r7 3700x

You want at least 3 ghz

been clocking at like 4ghz

Are you using the official minecraft jar?

i’m using forge

Oh

uses both i think

Yeah forge

That's modded so pretty resource intensive

yeah i allocated 8gb

since i have like 50 something mods

keep getting ticking entities too

you dont need that much

i have 32 total

I run a server with about 200 mods on 4GB ram

gave it 8 just to be safe

Because I was going to reccomend papermc for vanilla

The VM or the server.jar startup var?

is that similar to spigot

@thick minnow are you running a forge server?

yeah

@thick minnow install https://www.curseforge.com/minecraft/mc-mods/spark

forge 1.12.2

Install this ^

That's a profiler

it helps identify what code in the server is running slow

and helps pinpoint a specific machine or mod that is causing it

now i have to reupload a new zip and update the modpack

no

its server side only

you dont need it on the client

it just uses server commands

wouldn’t it reject it client side

nah

oh

i thought you did

hmm

not all mods are on both client and server

you can have a server side only mod

didn’t know that

there's also client side mods

such as Journey map

the server doesnt need journey map for it to function

works in vanilla just as well

do u use mo creatures by any chance

and had issues with ticking aquatic entities

I run FTB Revelation

what’s that

modpack

oh

with its share of issues

i thought it was a mod

https://www.feed-the-beast.com/

These are just a bunch of curated modpacks

ohh feed the beast heard of it

all running ontop of Forge

i made my own

but

making your own modpack is messy

you need a bunch of compat libraries

for different mods to work together

i was always very hesitant about adding mo creatures since it would always crash the client and i’d have to despawn the entity over and over

i think i’ve got it fixed now tho

@thick minnow spark is a magnifying glass for any server lag you might have

the only issue i have now is getting a ticking entity when killed by a dragon

you just turn the sampler on

and after 2 minutes to tell it to stop

it then generates a url you can visit, that has all the information on it

it shows you everything the server is doing

and gives % of total load of each block of code

so if a specific machine is lagging, then it will be high usage on their code

ah

yeah it sounds pretty useful

it is :D

it's helped me weed out any lag issues on modded servers

with gigantic bases.

do you think it’s a good idea to use that one mod that allows you to run spigot plugins alongside forge

ehh forgebukkit has always been a bit messy

it works fine for adminstrative plugins

but breaks when it has to interact with the world

yeah that’s what i wanted it for, essentials, luckperms

If you want forge and spigot then I recommend mohist 🙂

maybe a prefix/chat formatting plug-in unless there’s something like that for forge

@lean pebble you may have to use Dehydrated

Instead of certbot

What is that ?

I just figured out that the problem is not nginx the problem is this pufferpanel with the certificate

https://dehydrated.io/

No the problem is my old ssl certificate just noticed that it's from 2019 😆

the longest a certificate could be valid for is two years. Recently reduced to one year. Perhaps it was a two year cert you got in 2019 and it just expired

Fixed

Wrong folder

I have 3 folders in letsencrypt 2 old 1 new

Transfered the wrong folder

😆

best emoji

How are you using the cert on a different system than certbot runs on? Or are you using dns challenge?

So anyone have a good idea for my question?
Should I transfer with it with rsync ?

My main domain on my main vps so I'm doing there the wild card certificate

@tender hazel lol spoke with my dad. The contractors have started running fiber optics this weekend
They already busted a mains water supply

big oof

Lol

“Oops”

it was an old water supply from 1800

unpressured spring water

Wow

nobody even knew where the pipe was coming from, and couldnt find the shutteers.

@tender hazel they would 2 feed lines, they blocked one of them, but still water was coming out

My certbot connected to cloudflare api for making the certs

and the map they had, had the pipe drawn. and it just went of the side of the chart into land of nowhere

"no idea where this goes"

they ended up locating the pipe further up the stream, and they cut it open entirely

lol

My ISP running fiber but still can't connect my house

so now the water flows into the nearby spillway

Even that I already have their fiber for 9 years in my neighborhood

Can I connect my own fiber and to their gpon switch?

🤔

@tender hazel this ISP is not fooling around. They ran 6 plastic tubes instead of a single one.

#futureproof

Here it's pastproof

It is normal practice

1/2 tubes

hopefully, the connection itself will be active ethernet

So I can just plug that SFP directly into my gear

Does gpon connection is good ?

All the ISPs over here uses gpon now

Except one that use P2P

my ISP does active ethernet

What active ethernet mean ? 😅

You get ethernet to your gear ?

Yeah

Oh nice

Its just SFP with ethernet

internet is on a VLAN with a DHCP service

Good to learn something new

I didnt know it was called that until someone pointed it out to me

There's Metro-E, Active Ethernet and PON

Most isps that do gpon also do active Ethernet for business customers

this is a business line

but on a consumer network

rented fiber optics

I pay 13,50 for just the fiber service

internet service is a different entity

Fiber in P2P is good option right ?

I still need to see the connection this ISP does inside the homes here

They say it's P2P but I don't believe them

p2p or ptp ?

What?

P2P they claim

love it when ISPs reinvent jargon

Peer to peer? Like torrent?

IP over Bittorent

My bad

Peer to peer

What do peer to peer protocols like torrent have to do with fiber?

Or do you mean PTP which is point to point

YA my bad I mistaked with the name

😆

Point to point

Active Ethernet is like that. GPON is more like point to multipoint

What is better?

Point to point right ?

Active Ethernet is better. GPON is done to save costs

Ya in Israel they are professional with saving costs on themselves and take the costumer money for providing nothing

The only reason for GPON is you can take a single fiber and install a splitter to get 8 or 33 fibers from the one

1 ISP here going to sell 2.5gbps down and 250mbps up

They are taking money from people who make costumes? 🙂

But it's up to 2.5Gbps

Lol customers*

But finally they got some brain 🧠.
They decided that whoever want to use his own network gear can use it with their fiber instead making the customers rent their shit

With GPON you need an ONT of some kind

Specialized hardware

Are you sure ? Because they say it's fiber to the house

So I'm not sure but I know that this specific ISP uses gpon

Fiber to the home can mean gpon or active Ethernet or almost anything really. It is a very broad term

I'll update next year when they connect my house

😆

What is normally done is installing two devices

They claim this year but I'm not gonna believe them

The ONT can double as a router but that is bad practice

optimum...

they don't even provide a dedicated ONT

they claim the all-in-one can be put in passthough but I heard otherwise on redit

So they are doing ONT and router as one unit then

yep

thats the worst of them all

its like: here have fiber with bunch of crap bolted onto it

Yeah that’s not great. One issue is using third party routers becomes more complicated potentially because you would need a bridge mode option

^ Your ISP ^ Your mortal self

The other reason it isn’t good is because the best place for the ONT is the entry point where the fiber comes into the building. That isn’t the best place for the router

yep

we have fios now

they just give a dedicated ont

So I'll be unable to use my mtik hex-s when using ont? 🤔

you know what's the worst part too, optimum claims cheaper prices but they force a 10 dollar a month fee for the router that you can't replace because gpon

gpon isn't standardized like dociss is it?

We’ve been using hex s units in bridge mode as active Ethernet ONTs

each ISP uses their own implementation?

GPON is supposed to be standardized but the issue is what the OLT supports

Calix OLTs are quite popular and they forbid non Calix ONTs from connecting to force ISPs to only buy Calix gear

Enforced vendor lock-in

We didn’t go with Calix for that reason only

such bs lol

you sure Calix isnt an apple subsidiary?

The Altice equipment cannot be bridged/bypassed but you could configure your wireless access points to be just dumb access points instead of a full fledged router+AP system and that would eliminate the double NAT. Not sure what equipment you're using but most of the stuff I've touched has this ability

lol

I know that we have here one ISP that provides "fiber" but the connection in coax

fiber to the node

yup I have fiber to the node with docsis at the end at home here

300 down 100 up

optimum used to be fine until atlice bought it

@tender hazel I looked up online how much the 60GHz is attenuated by rain and such. and according to this one article, for heavy downpour there's less then 2dBi attenuation over 100 meters

which is well within the power budget of those APs

yup - we are more worried about heavy rain in situations where the link is longer

we try to avoid 60GHz links above 1000 meters due to rain fade

apparently its oxygen that causes the attenuation

our links don't have backup radios

yes

it is

2.4GHz is only affected by hydrogen/water

but it doesn't take much at all to block 60GHz when it comes to physical obstruction, a thin piece of cloth or piece of paper would completely block the signal

what about a twig?

There's gonna be one area

a plastic bag picked up by the wind could fly between the radios briefly and if it went directly between it could knock it offline

where we'll be under the covers of trees

and there are already SXT's installed there as ptp

I assume those use line of sight too, so we can replace those with 60GHz

240 euros for a ptp link is good value

so we probably have 3-4 links

if it is line of sight then you can use 60GHz yes, but if the line of sight is obstructed by leaves you won't want to use it, or you will want to find some other way of placing it where leaves don't get in the way

Yeah, that I will know in a couple weeks

I'm visiting my dad in a month or so

Its a 4.5h drive... :P

we have had some customers even on 5GHz where their internet was installed in the winter and was fine until the spring

haha

when the leaves started to grow

I joked that it was seasonal internet

I didn't tell that joke to the customer obviously LOL

he was already on the lookout for galvanized metal posts

so we can cement our own if we need them

@tender hazel quite looking forward to this. get to play with 2500 worth of equipment and learn something in the process

I'm confident enough I will be able to figure it out

you'll want posts you can climb too.. make sure you don't just put up bare posts because you would need a bucket truck (aka "cherry picker") to get to the top, and bucket truck rentals can be expensive, at least here

@tender hazel that excavator we have has a bunch of different tools you can put on the front

we can just put a pallet lift on it

oh ok, that can work then

the place is pretty self sufficient

making the poles easy to climb also has the downside of making them easy to climb for the patrons

when things break, they fix it themselves

usually kids like to try to climb towers

I'll put a high voltage warning sign on it

and poles

germans are law abiding citizens

xD

our towers have climb guards installed on the bottom which prevent climbing

@tender hazel those SXT's are mounted about 2 meters up

if I try hard enough, i can reach them without a ladder

old meem

@tender hazel what's up with those parabolic dishes?

https://mikrotik.com/product/MTAD-5G-30D3

What are these used for?

long distance 5ghz links

geez

100 watts O.o

those are big

70 cm diameter

that's like the size of a sattelite dish

you can see the size of it compared to the radio there

ah that's what those base boxes are for then

the basebox can be used as an access point or point to point

if you are using it for point to point then that dish would probably be a good option

is there even a technology that allows for high bandwidth long distance?

more than 10km

just out of curiosity

but again whenever you need jumpers between the radio and the dish there is the possibility of moisture getting in, which can't happen with an integrated system

so I would only use that type of setup for very long distance links

our longer distance links are ubiquiti airfiber 5XHD

what are those rated for?

we can get about 300Mbps over 30km with a 40MHz channel size

wow

that's not bad

how's the latency?

I'd assume on-par if not faster than fiber optics

that's with a big dish though, even bigger than that mikrotik one, 121 cm

lol if phones had a big dish on them

we would have far easier time with wifi xD

the latency is about 3ms on average

I hate antenna alignment. I once spent 2 hours trying to align a dish to Astra

without an alignment tool, you rely purely on signal strength

https://en.wikipedia.org/wiki/Astra_19.2°E

this one ^

if you knock that one satellite down, you take down 93 million home TV connections

wow.

these things transmit with about 13kW

where are they even getting all that juice from?

it is much easier to receive satellite than it is to transmit

to transmit you need a much bigger dish, usually 2.4 meters

but transmitting with such power, I assume they use solar

but damn, still a lot of power

we had a consultant recommend 1.2 meter dishes

so we installed them

it was a mistake

more noise than signal?

we had to keep flying out to those places over and over again because we were interfering with a mexican satellite

...

temporal internet

when mexicans fly by, it stops working

wait no, telecom satlink is geostationary, nvm

I always imagined a satellite wearing a sombrero

but yeah it is geostationary

With a little help from paint

you can make that into a sombrero

hehe

what happens is the smaller the dish, the less focused the beam

a 2.4 meter dish has a very focused beam due to the size

so it doesn't toss out energy very far outside of the beam

lol have you ever seen the transmitter array on Voyager?

they use a 50 watt radio to beam halfway through our galaxy

1.2 meter dishes are less focused and so they can send signal to nearby satellites instead, making them much harder to aim

 The craft normally transmits data to Earth over Deep Space Network Channel 18, using a frequency of either 2.3 GHz or 8.4 GHz, while signals from Earth to Voyager are transmitted at 2.1 GHz.[23]

When Voyager 1 is unable to communicate directly with the Earth, its digital tape recorder (DTR) can record about 67 megabytes of data for transmission at another time.[24] Signals from Voyager 1 take over 20 hours to reach Earth.[4]

20 hours of latency

yup, well light only goes so fast

voyager is 80% dishes

and 20% spacecraft

of that 20%, most is the plutonium RTG

https://i.imgur.com/kmbOeVD.png

@tender hazel pretty rad ^ this

global network of dishes, so we always have at least one dish pointing in an area in the sky at all times

MRO in the top left, that's for the Curiosity rover

there was a good movie about transmitters of that type from 20 years ago, "The Dish"

The tech starlink uses?

It's like phased array

Or something like that

It's really expensive like 1.5k for a consumer dish

https://www.youtube.com/watch?v=8dyGpXcQl-g

@tender hazel rofl what happened

@tender hazel https://www.youtube.com/watch?v=kyOEwiQhzMI

Forbin project is quite funny too

its about an AI that controls all nukes on earth, and forced humanity into subservience

Well my isp blocks portforwarding he has double nat what do I do ?

Zerotier

Or a vps with a vpn to your house

Let's say I have my own ipv4 public address can I use it on starlink instead of cgnat ?
Just curious it'll arrive here only next year or maybe in 2/3 years

Um i need help i cant connect to my internett anymore

If you own anything less than a /24 than no. /24 and larger you can register to get an ASN then can advertise through BGP on whichever provider you use if you request a peering

There is no point in starlink for most people

What speed should fibre yield?

theoretically, infinite

At this moment with best equipment 10 GBit/s max

you mean 400Gbit

and with a multiplexer, multiple terrabits

bruh my ISP offers 70 Mb down

peering is more expensive

once you get into the gigabit territory, it gets expensive real quick. fiber itself is peanuts in cost

I know that a ISP in Stockholm delivers 10 gbit/s to private customers (Have read it somewhere in a newspaper)

its just light going down a tube

and you can put multiple "colors" of light down the same fiber for even more gainz

my ISP offers up to 800mbit's on this single mode fiber

the fiber could just as well do 100G, its just that my ISP doesnt have gear or uplink to do this xD

I feel like I should be getting more, I see people with hundreds

are you on wifi?

no, ethernet

I have a symetric line https://i.imgur.com/mDPMNKM.png

But we may be happy with the speeds we get. (Compared with the wifi on NS trains)

I'mma look at what other ISPs offer, I think my one is just kinda crap

so both up and down are the same

well, just about https://i.imgur.com/cY9Nx7x.png

very cool

speedtest has some overhead, this is actually 250

it always measures slightly less than it actually is

I have a Coax asymmetric 250/25 and paying premium price

Netherlands is hella expensive

Germany also

@tall pagoda how much you pay?

I pay 72 euros for just the data plan

p[ahsdfuhasifhiposeah other ISPs offer 108 Mb down at minimun offers it's literally cheaper

55 euros for Cable + TV

@tall pagoda

stop compaining

Once you add fiber upkeep, 13.50

TV plan, extra /29 IP block

you get to around 137/month

thats what I pay to my ISP

I'm with BT 😭

I am glad that we have contracted at the correct time, just the day after Liberty Global stops giving away the premium TV box (Mediabox Next) to medium customers

blah blah marketing blah blah

marketing department for tech is total nonsense.

It is more expensive tho, they give cheap deal for only 18 months

fiber currently, is just a matter of luck

its currently being rolled out slowly

It was only recently installed on my road

unless you pay upfront 50 grand

to have it run

Mmmm yes small hurdle

the line I have was govt subsidized lol

total costs: 85k

They just did ours

thats why I pay 13,50 to the operator

A small price to pay for salvation

@thick minnow and in turn I get the best kind of internet connection

😆

Since this is networking, does anyone know if using linux I can reroute my internet through another computer

active ethernet, the ISP just sent me a patch fiber and an SFP module

that plugs directly into my router

no stupid modem nonsense.

We have fiber it cost only 100$ for installation

@lapis marsh yes

What provider?

@lapis marsh though somewhat involved. you can use iptables for this

Im bypassing my perents yt restrictions

then im not helping you

OOF, our whole city has a free fiber connection

Ok

Ohhh

Its to watch ltt

just ask your parents lol

Ok that’s probably easier

LTT is harmless gamer indoctrination

Is floatplane free?

no

What should I look for if I want an ISP that supports many users at once?

Whats many?

@umbral ruin you just need a fast line

if you have a gigabit speeds, you can basically support 20x 50/50mbit

not that many, just me and my family, sometimes it slows if we're all using at once

Well every isp can do that

@umbral ruin you could set up bandwidth policies if you had the right kind of router

You probably dont have a good home network

If you wanted to could you have a separate home network from the internet and make it so all inbound connections are blocked and only outbound ones work

@umbral ruin you can make it so that everyone is guaranteed a certain speed, but if there's more for more, you can use it all

https://i.imgur.com/9p564ea.png

Well if I have 4 people in the house, and each person has a few devices, what kind of speeds should I be aiming for?

QoS might also help you out here

that allows latency sensitive packets to get priority on the network

though not always that reliable

but QoS is a type of queueing

I'm not sure how to do a lot of that, just if I'm looking for a new ISP, I don't want to overpay.

depends on how much you need really

you'd want to hook up a bandwidth monitor or something

see how much traffic you use

Alright, I'll look into that, thanks

https://i.imgur.com/KyNpcGf.png

Which one?

https://www.deltafibernederland.nl/nl/

@tall pagoda their service provider subsidiary is caiway

but I use some other company for this

I would just shape the whole lot with a single PCQ queue probably if worried about contention in a household

I know that company, it was founded in the province of Sealand. (No not Denmark)

@tender hazel I'm probably not gonna do any queuing initally on that public rig xD
wanna see what happens

gonna hook up some graphing and see

Origin a cable company

yeah they do fiber optics now

@tall pagoda they ran fiber optics in the rural areas in Gelderland

I live outside of the city

but still get to enjoy fast net

Hey guys, I need some info on VPS, Can any of you help me by any chance?

@tame carbon vlan 161 is what your ISP uses for your service?

ye

strange coincidence, it is the exact same vlan that our customers are on at all of our sites

@tender hazel what about iptv?

we don't offer IPTV yet

well in case you need a vlan

they use 168

LOL.. the specific numbers aren't really important.. it is not like there is a standard for it

I thought there was, for a moment xD

we only rolled out our first fiber customers in feburary

only like 10 customers to start off with

@tender hazel https://www.amino.tv/

these are the boxes they use

they have a 10.0.0.0/16 subnet

but something frustrating, the SFP's were installed on the wrong sides

with multicast

Fiber ISP here has 2.3k customers with availability in over 11k locations

so we have to take the SFP module from the head end and bring it to the customer, and vice versa

A mix of Adtran total access & Ubiquiti UFiber

which will temporary knock the person offline

kindof annoying

Mainly Adtran in cities and UFiber in rural areas

https://i.imgur.com/zbCUUg1.png

Idk what they're using for IPTV, for residential they offer ZyXEL for $5/mo.

For business they offer managed UniFi installs

or Meraki

and for universities and crap, the uni has their own ASN and just peer with the ISP

at my uni I just get a public IP assigned to my device

and publicly reachable

yeah because universities usually got large blocks of many /24's early on

Some unis need to give up their blocks lmao

or larger

yeah

https://bgp.he.net/AS3#_prefixes

which is one of the reasons why universities are somewhat slow moving to IPv6

you would think they would be all over it as research institutions

@tender hazel and US DOD also seems to think they own the internet

entire branches of US three-letter agencies have entire /8 blocks

they are not the world.

yeah, and they are slow moving to IPv6 because of potential security concerns

https://www.zdnet.com/article/dods-third-attempt-to-implement-ipv6-isnt-going-well/

https://ipv6excuses.com/

LOL.

Brilliant

@rocky badge LOL

Our business intelligence team can't even parse IPv4 logfiles

@rocky badge I always nagged my co-workers with http://whatthecommit.com/

when they would write nonsensical commit messages

https://twitter.com/gitlost

There's even a jetbrains plugin for whatthecommit

that autofills the message if you leave it empty

@rocky badge I do have a legitimate complaint about v6 right now. Because my ISP doesnt offer it, there is the issue that geolocation gets messed up with tunnelbroker

I get the US netflix when I use v6.

Lol

I thought netflix removed rick and morty from their library mid stream

cus it just refreshed and was like: this media is not available in your country

uwotm8

I noticed it had started using v6 (I had enabled it earlier that day)

is your v6 through a tunnel or something?

HE yes

any professional linux user here?

ahh yes, that's why I stopped using my HE tunnel

netflix started blocking all HE tunnels as being VPN

When i tried upgrading my home wifi, i added a cat6 (origanlly a cat 5e, also it is limited to cat6) and when i did a speedtest it was slower. I used a longer cat6 cable and i am 100% sure it was cat6. I think it was because it was too long. Am i right?

starlink is cgnat with no ipv6 iirc

It was the ethernet cable to the wifi access point.

don't use netflix so no problems there

how long

I think 10ft

For 6

and where there any electrical cables close?

And 1ft for 5e

ethernet limit is 100m

No

Ok

Must have been interference from inside the wall? Or a RG6. Thanks tho

@clear igloo Wow, so this internal site has been broken all Spring break because I didn't feel like working on it over Spring break
And so I fix it...the clients already reloaded and are up again!

if your cable can't get the fastest ethernet rate, you will see that it doesn't autonegotiate at the requested speed (ex. 1Gbps)

I wonder how many times they've been pinging a dead server 😂

yep that too

I've never had it happen where a copper ethernet link negotiated 1Gbps successfully but couldn't maintain it

does anyone know how i can port foward an ingress controller through my router without a ip

wdym

without a ip

theres this service running on a computer right

but it doesnt get assaigned an ip trough my dhcp server on the router its assaigned an internal ip by a master node that controls traffice flow to it

i can access the server through my lan but its in the form of a .nip.io domain

then it has an ip

thats the thing it cant be routed through jsu tthe ip itself

its routed through multiple nodes to the server

what's this ingress controller?

its basically a network handler that controls tcp requests to the internal side of the service

yeah but what's the name of it

traefik

I've never successfully worked with traefik but it still needs an IP

it's just a reverse proxy right?

it should still get an ip

yeah

how do i find it ?

how is this deployed?

k3s

ah

never got k3s to work

need to learn it

lol mines working i enjoy the challenge

got pods and namespaces a plenty

@calm nebula have you seen this? https://levelup.gitconnected.com/a-guide-to-k3s-ingress-using-traefik-with-nodeport-6eb29add0b4b

you apparently need NodePort

whatever that is

maybe a node port can get assaigned a ip from my router then goes through the k3s dns stuff

i havent

ill look into it thanks for your help

yeah, once I get a new server I'm going to learn kubernetes more as well

cool

i have servers a plenty lol

liek 8 in my home

one of em my 15 tb nas

@tame carbon I don't know if you heard about the time that a MikroTik took down large pieces of the Internet

https://blogs.oracle.com/internetintelligence/longer-is-not-always-better

@tender hazel technically it was cisco's fault

well the funny thing was at the time that happened, mikrotik had fixed the issue months before if not longer

they were just running an old version that had broken bounds checking

when was the last time cisco had any bugs?

I found it rather amusing actually

is there a way i can have the graphics card on my freenas server output for windows vm?

if yes, how?

freebsd may not be the ideal operating system for this

Not sure how it handles passthrough

y'all i gotta configure the classic router

you know the one

linksys WRT54GL

this is a commercial router with wireless capabilities

which isn't an issue

IF the firmware worked

because i'm just getting a repeatedly blinking power LED

is this good?

yeah

good enough for most people

maybe don't publish your IP. also read what the banner says

or whatever it's called

eh it's fine

just look at the top of this channel

no one really cares about speed tests

as long as it's not ohh I have faster speed then you haha

but yeah ip is there btw

oh shit

there you go

anyways

i think she's cooked m8. the power LED keeps flashing

no ping response either

tried a 30/30/30 reset and still no ping response

dead flash? or just dead firmware?

Put that poor thing out of its misery

i'll go behind the dog shed with it, carrying a shotgun

she's probably been a good girl

but she's too senile now

how to get own external ip per vm ?

in what context

esxi server

yeah but public ips?

or private ones?

public

not unless you get more than 1 ip from your ISP

or ipv6?

ipv4

i know whats the server ipv6, does this help ?

?

no

then how do can i get more ips ?

if you don't get more than 1 IP routed to your server you can't have each VM have an IP each

can i use vpn ?

like per server

ok this is probobly an XY problem, what are you trying to do

in general

yes kinda

not really reccomended

just get more ips routed

making a cloud service for privite reasons

yea how ?

ok but why need for more ips

pay for them from ISP

like 10$ per 100 ip ?

lol nope

it's more like 10 dollars extra per 1 ip

i don't know anything about it

oh

at least on my isp

AND you need to have a business plan

so its more focused to real business

your ISP may not even support it

and you need a router that can do it

not some consumer router

my router is a 30 year old dial up

yeah no

like its old

not that old

but why

can't you just live with one ip?

what's the issue

cuz other people around the world will L A G if too far

wut

no

if you get more IPs you will still lag

i mean like

if you are trying to access a server in australia and you live in us

its far

ok

yeah

and how will more IPs help?

wait i just realized

this EXSI server is self-hosted right?

yea

yeah

its an hpe

more ips will not help at all

still same server

same route

to combat latency you just need a server closer to end user

ok

does aws have esxi ?

why esxi?

they already have their own vps's

also

i need a lot of vms

by using aws you are kinda getting rid of the whole point of your own private cloud

ok and?

just use amazon vps's

its like 976543234567 doller per month

ok

you won't be able to run a lot of vm's on a small resource server

3 tb of ram is small ?

idk if amazon even supports nested virtualizaion

wut?

thats my hpe server

ok, I'm talking about AWS

oh

what server

my server

model?

how do i know ?

you bought it?

wut

no

my friend

wat

@thick minnow if you want more public addresses, you need an ISP that can provide these to you

I have a business line, and I can just ask for blocks of IP addresses

That does cost extra though.

Internally, I use vlans & DHCP to assign virtual machines a public IP

@tame carbon ok

adding more IPs won't make things any faster for people accessing from other countries

because they would be added to the same server which is in the same place

Got it. Does it matter which digit I change in the subnet mask?

it is not the subnet mask you would have to change but part of the IP in the subnet area

for instance if your upstream router is 192.168.1.1 and the subnet mask is 255.255.255.0, that subnet mask means the 0 is the host portion and the 255's are the network portions of the address, so you can put the second router on a second network by making it 192.168.2.1 with a subnet mask of 255.255.255.0

giving you a total of 255 networks with each 255 addresses (-2 for network and broadcast)

256 because counting starts at 0

.1 to .255 are 255 addresses and then .0 makes it 256

and yes -2 for network and broadcast

254 is last address

.254 is the last usable address, .255 is the broadcast

guys I am having trouble port forwarding, it used to work but now I cant find a solution

what's the issue

quick question, i am using an aluminum chase Laptop from Hp and I am having Internet issues. By that I mean that every few minutes or 45s my Internet cuts or lags and this not ideal for Zoom meetings or discord call with friends and so. The internet connection works fine in my room (I tried zoom meeting and discord calls on my phone (Note 10 plus) and everything works flawlessly), and I do not have a cable connection to my router. My question is, is there solution to this? Is it possible to replace my wifi-card for a better one (if yes what do you recommend)? Are there better alternatives? Or is this a problem everyone is facing and there is no solution for? Laptop name:HP ENVY x360 Laptop - 15-ee0167ng Wifi-Card: Realtek RTL8822CE 802.11ac PCIe Adapter

could be bad wifi ap, or bad wifi adapter

or interference

people cant connect to my server

show the settings?

@loud escarp did you make sure your dhcp server always gives out the same address?

oh yeah

are there better ones?

uhmm, could you explain that in English heh

ok here is a list

1) Can you connect locally
2) Is the ip to connect locally the same as the one for portforwarding
3) Are you under CGNAT```

@loud escarp your router runs a DHCP Server, Dynamic Host Configuration Protocol - This mechanism automatically assigns IP addresses to devices that connect to your LAN

But these change at randomly

@loud escarp show your port forward setting, take a screenshot

if your PC has a different local IP from previously

your port forward will break

your port forward will break

no its that I reset my pc and now its not working, its weird

ok

show screenshot @loud escarp

one of router settings

and one of output of the server ipconfig

what should i look after when buying a wifi adapter for my laptop?

can you connect from another computer locally?

uhmm, I can connect using localhost