#networking

kodi is still quite nice

doesnt require plex server

it can just grab directly from a NAS

I low-key built my own html page to serve shows / movies from my nas lol

and you can install it on many smart tv's as well

then learned about plex and mega-face-palmed

I still use it though because not gonna let that effort go to waste I guess idk

@honest wind back then we didnt have plex, that didnt exist

it was just a computer we gutted, put sata cards in the pcie slots

and just had a bunch of harddrives connected to it

it had to be as cheap as possible

only the pi's were brand new

I think we had like 8 pi's

student homes don't really get to afford luxury

lol yeah. I'm just talking about when I built mine plex did exist lol

Needs more U's 😄

@tame carbon my windows is finally reseting

@clear igloo https://www.reddit.com/r/sysadmin/comments/mbnmkq/solarwinds_customer_retention_pulling_out_all_the/

T-shirts are the best 😛

Noob question, Does anyone know if there’s a self contained network like tor and all that but private and self hosted?

Cisco anyconnect

I like how Tor’s onion sites work in terms of the links it generates so you don’t need IPs, but I guess a VPN and host names could do the same trick?

lol, don't joke 😛
You should see the reviews on the latest release though

Except that would mean others could connect to my whole network when I just want a machine to machine type setup

I'm glad I don't manage it

@tame carbon

ill try again but i didnt do anything wrong

@still zephyr what are you doing???

you shouldnt use the internal windows reset

just make an install usb and use that instead

@still zephyr did you try DISM restorehealth?

DISM.exe /Online /Cleanup-image /Restorehealth

@tender hazel windows ip stack is broken

and after that finishes, then run sfc /scannow

is there a way to get poe+ / poe at to usb @ 5 volts 6+ amps? I've found adapters but they're all 2.4 amps max

if standard poe+ it could theoretically do 5.1 amps which would be fine, but ubiquiti advertises it can do 34.4 watts which at 5 volts would be 6.8 amps or 10+ at 3.3 volts

PoE is much higher voltage

well active Poe

PoE+ has a max current of 600mA

passive poe sucks

regular active PoE is 350mA

voltage is at most 57V

https://www.amazon.com/Gigabit-Splitter-Adapter-802-3at-compliant/dp/B00NH8QSOY

57V * 600mA = 34.2 watts

@honest wind

although idk if that is Poe+

802.3at

what's the 802.x standard for poe+?

ah ok

at

so it supports at

passive poe has its place

correct but amps * volts = watts

so I could get more amps if I step down the voltage

but need an adapter that does this or wire it myself which I really don't want / have the knowlege to do

@honest wind ethernet cable is only rated for certain currents

Can someone please help me out here? I live in an apartment and have and pay for a gigabit connection and lately I've only been getting 70mbps (please dm me)

the active poe adapter I posted lowers the voltage

on wifi or ethernet?

WiFi, but ethernet is also slow

how slow?

can provide 5V / 3.5a

yep was just going to comment on this

I'm interested in the power transfer, don't care about data speeds in this case

3.5a is still the best option so far

I mean not really

you can increase transmission voltage too to transform down later

Around 500mbps on ethernet, but it's an older computer so it doesn't have a gigabit port

if you do it with resistors then no but there are some weird electrical ways I don't understand

@honest wind IEEE 802.3bt

wut

weird

because it's either 100Base-T or 1000Base-T

there is no in between

@honest wind the cable itself has resistance

higher voltage = less power loss because of wire resistance

right.

yep

so you want to keep the current down

thus: higher voltage

end goal is to get 5+ amps at either 5 or 3.3 volts at the end

why we transform voltage. AC is much easier to transform up - down than dc

my switch has 24 volt active or 802.3 af / at

@honest wind just short a car battery

that'll give you 40-50A

hahaha ok sure

problem solved thanks guys new problem: apartment burned down (joke about the car battery thing)

you building a detonator or something?

xD

I don't use ethernet for anything but my ps4 so that's irrelevant

someone about to burn some copper

not really, because you should always diagnose internet over ethernet

not wifi

contact the ISP?

could very well be an issue with QOS

@honest wind I dont really trust those high power PoE standards, 60 watts over twisted pair is just wrong

or rate-limiting whatever it's called

well 34 max. and I want to power a ton of neopixels lol

neopixel power draw:

60 LEDs: 18 Watts (about 3.6 Amps at 5 Volts).
144 LEDs : 43 watts (8.6 Amps at 5 Volts).```

that's at peak power draw

We're only using Cat6 for DMX lol

that's asking a bit much

power is using powerCON

yeah i'm not expecting 8+ amps although it'd be nice

etherCON

5 would be perfect, the best option I see so far is that 3.5a poe splitter

for what exactly? Isn't there standards for like light stage stuff

xD

This would help our Ethernet cables

From getting yanked out of the wall by stage props

because the stupid plastic latch is fragile af

for me not wanting to run power to where I have the cables but have ethernet already. Basically a laziness thing tbh

lol, I broke the port itself on my printer but not the latch

low voltage control all the things

All of the light switches at school are low voltage

Some are even PoE

its just communicating over IP

to the lighting relay switches

@honest wind its designed to power things like wireless APs and telephones. not big RGB arrays

light switches in what context? The classroom lights?

though, I think you may just need to limit the current

Yeah

https://www.usa.lighting.philips.com/systems/connected-lighting-for-offices

I mean, you can power office lighting over PoE

yeah I know what it's designed for, but looking at the specs... they're possible

Huh, interesting. Seems a lot more complexity for something simple

But then again

Building automations

so yes I understand i'm pushing the limits

You can control everything from one place

and automation

@honest wind you need a voltage regulator. And then some software. You never really run into a situation where all your pixels are 100% brightness

@peak cloak We do a lot of stuff over Cat6 tbh

as long as you limit the total draw, you can get away with current limits

wrong. my idiot python where I accidentally set all to 255,255,255 😆

Video, Ethernet, DMX, etc

idk what you are connecting this to

but yes I know what you mean. Rpi for control, and power

but you will need some custom electronics for this

right now max brightness for the full strip is about 60 on one color

@peak cloak

pixel dimming is PWM that reduces current draw too

or 20,20,20 for all white

f r a g i l e af

Also they had to use a white wall plate 😐

@honest wind if you exceed power limitations of the link, the source will reset

yes and I have to reboot the pi and the neopixels

PoE all the things!

point is that I want more power to the pixels than what I currently have

can I poe my car?

👀

can you technically follow a poe standard w/ 4 gauge wire set and a custom built giant rj45 plug? 😆

and of course whatever you need on both ends

We want to PoE power our signage Pis lol

At school

anyway this is the best option so far, but at $40 I think it's best if I just suck it up and use an extension cord and a phone charging brick

my pi's are all poe right now

yeah, but pricy

reviews say it's high quality

i'll need a barrel plug breakout adapter too because I don't want to cut open those wires lol

oh yeah I have a couple of those

useful

just use this /s

what's that

powerCON

huh

that doesn't really solve my issue lol

Rated up to 20A 240V iirc

ofc yeah 😛

AC

lol but yeah

oooh I know. Instead of using poe. I'll just replace all the wiring with a line of AA batteries

boost the voltage a bit

lmao

I've always wondered what happens if you run current into AA batteries

you charge them?

no not backwards

accelerated short

Wanna know what would be cool

if this was PoE in

PoE in for power, Dante audio

yeah for lower powered stuff more things need to have PoE by default or as an option

hook up to DAS for antennas

I see what you mean by poe all the things now

poe phone chargers 😄

lol

some you don't have a choice tho

well yeah

hence lower powered things xD

Although

PoE a PoE switch 😄

That says it has PoE

poe out?

https://www.bhphotovideo.com/c/product/1404858-REG/shure_ad4q_dc_a_axient_quadl_channel_wireless.html

Two Dante-enabled Ethernet ports and two network-control Ethernet ports with PoE

probably poe out

or if poe in, it's a poe passthrough

so one in other is out

also they make 48 volt active poe that isn't 802.3at/af

dante dante dante

dante dante dante

im making a dante emoji

The problem with that is it's a bit like putting a 230V connector on the other end of a ethernet cable - yeah, you MIGHT have some weird use-case that needs that power draw and can handle it, but you don't wnat your regular devices being plugged in to that 6 Amp USB connector.

which is why you're probably struggling to find anything that will provide over 2.4A. Also wire guages and handling that kind of current etc.

@tame carbon after forgetting to check my phone and a lot of errors ive finally done it, thanks for the support along the way, you too @peak cloak

That's a thing.

Yea but usually poe pass through

I use a PoE powered switch with 2 PoE outs to power 2 security cameras. It’s right at the limit of the PoE voltage limits, and I wasn’t sure it was going to work, but it works very well.

Does anyone here own a Synology NAS???
[Use reply function to get my attention]

don't ask to ask, just ask

If anyone does, is it possible to set up like a multi-user sort of library within a household? Say like in Synology Moments (the self-hosted photos app), can you create like multiple seperate libraries per family member?

Based on my limited synology knowledge, I'd say you'd be better off looking at "Photo Station" instead

Moments is a "fire and forget" application, photo station offers you more granularity of control

And if you want full control, open source software, and IF your Synology NAS can run docker, you can use Imagestore

https://github.com/gregordr/ImageStore

I read up on Synology's site that Photo Station is like the 'professional' application where you manually sort photos where Moments is more 'home user' where they are sorted by timeline and albums (just like Google Photos; which is what I am seeking a replacement for with the Unlimited Photos option ceasing to exist in June). The only thing I wanted to ensure is that multiple family members can have their own separate libraries off a single NAS (instead of like own big shared one; that would be pretty weird). Like doesn't DiskStationManager have the option for a multi-user system (I did see so in Control Panel)

Can I link aggregate two 1Gb ports from my router into a switch, then aggregate that link into a single Cat 6 cable in the back of my PCs 2.5gbps port?

whats the fastest internet my streets infrastructure could support?

for a street built around 2003, would it be 1, 10, 100gbps, etc.?

Country?

Canada (Suburban Calgary)

https://www.albertasouthwest.com/dmsdocument/6

It’s a little old but might give you an idea

Infrastructure from 2003 if left untouched I suspect has basic fibre or DOCSIS links so I would think they’d be using 1gbps cables

I’m in UK and my whole street is getting FTTP tomorrow

I think a rough estimate would be to count how many houses are in your street, check the highest speed available in your area through a providers website, and multiply the numbers

For example, 50 houses with a maximum possible connect speed of 75mbps would come up to 3.75gbps of throughout for that street

Plus add some over provisioning if they are smart and you’ve probably got 5gbps of potential throughput for a given area

I hope that helps @lunar spade

thanks

You can also use the information from the Canadian governments website, where they break it down by area etc: https://www.ic.gc.ca/eic/site/139.nsf/eng/00007.html

thanks for the info

@bitter trout more often than not, coaxial networks are overallocated

and DSL being so shit, never reaches advertised speeds

not really

your router needs to support link aggregation

and I bet it can't do routing itself over 1 gigabit

@peak cloak most managed switches allow for LACP

@bitter trout You're looking for a switch that has support for LACP.
This is part of the standard for trunking on ethernet: IEEE 802.1ax

This is a form of load balancing and failover. It will not make single connections faster than 1G. But it does allow multiple 1G clients to hit the NIC at the same time

so effective bandwidth is roughly doubled

but it won't allow for a single 2G connection?

Thats what I said yes

The WAN port is 2.5gbps

Ok thanks

what router?

@bitter trout is it one of those tplink 2.5G gimmick routers?

they have a 2.5G port, but can't even do 2.5G.

^

it may have a 2.5G port but it can't actually route at that speed

It’s a SNSV

friggen asus routers

so useless

Oof

Rip me

@bitter trout yeah those are equally bad

What should I have bought 😬

their gigabit lineup routers cant even do gigabit

they cap out around 700mbit

same with those TPLink archer routers

1.7G at most

Well my new fibre line is 1.2gbps

@bitter trout what kind of network interface do they even use?

For the WAN?

I get SFP from my ISP

Cat 6 from a box they install

okay, and the NIC is ... ?

1G?

One sec ima look at it

1.2G sounds odd for an internet connection. I highly doubt ISPs are rolling out 2.5G gear

It’s a BT ONT

do you know what kind of model # ?

Huawei MA5800-X2

Wait nope

That's the OLT

thats what your ISP runs

Nokia G-040G-B

https://www.nokia.com/sites/default/files/styles/scale_1440_no_crop/public/2020-08/white1_0.png

This?

Yeah

so it's a router?

https://i.imgur.com/Xqf14ot.png

Its an all in one

https://i.imgur.com/qGMLURc.png

I doubt the port is higher than 1 G

yeah...

would be silly if it was

Well mine says OpenReach on it

well that's your ISP?

Yeah BT

@peak cloak someone on the internet already had a go at this

https://i.imgur.com/XWJzOVG.png

But the port says Optical not POTS

Oh bugger

@bitter trout Nokia G-040G-B doesnt exist

Its the G-240G-B that I found documentation for

strange.

Ignore the arrow I took it from the net

Serial numbers and all that

also

what's the point of that fiber winding?

so someone doesnt jank the connector clean off

stress relief

@bitter trout I cant find any documentation on that device

It must be a BT only thing

https://www.ispreview.co.uk/index.php/2021/01/a-look-at-openreachs-future-4-port-ont-for-fttp-broadband.html

Where that arrow is under that plastic is where the optical@cable goes in

Its GPON, so you have to use this device no matter what

if you want to run your own gear, you disable wireless and all the other nonsense on it

But I suppose those ports are just 1 gig

yeah

@bitter trout I get fiber optic service through a singlemode fiber
That's a 1G fiber link

actual data rates for internet are only 250/250

what do you guys say is a good router and modem

wifi 6 preferably

and I have a ton of devices connected at all times, around 16-30

@clear igloo @hollow marlin got burned by N9k yesterday

Did you touch it while it was hot?

it took all my commands and then all of a sudden it refused to configure interfaces anymore or save the config

tacacs issue?

nope

some sort of asic memory problem

I think I remember that a while back

or something similar

ethpm is "locked" is what they say

Ah, that's fun

LOL

yikes

Yah, that's a big cluster of waiting

it looks like the bow is jammed into the sand

Holy cow!

Yah, imagine how bad the captain is going to feel later

is it the pilot's or captains fault?

also that

That is nice 🙂

oof

wow, that's definitely not helping, lol

you can see the bow shape

no

same ship

just to show how much it's lodged

Has anyone here had any experience using Terraform with vSphere (Ubuntu Server 20.04)? I am trying to create a number of VMs using a single config file, however they all are assigned the same ip address (dhcp) until they are rebooted. even if i set the parallelism to 1, the ips are all the same. Anyone know if you can force a reboot of a virtual machine in terraform?

sorry, forgot to update. the mac addresses were different however it turns out ubuntu uses the machine-id for dhcp registration, so i just needed to randomise that

yessir

👀

So... I'm trying to get networking set up with pfSense, trying to create a firewall rule to allow me to connect to the webGUI from my home (wan) network. I can't figure out how to create the rule, and I don't want to use a vpn to get into the LAN and use webGUI from there... So basically, I need help figuring out the firewall rule (using this guide https://www.dlford.io/pfsense-nat-how-to-home-lab-part-3/)

I used that guide myself

you need to use the cli

tyo first disable firewall

Wdym? I've already run pfctl -d to get rid of the firewall temporarily, but I'm trying to set up a long-term solution

oh yeah

ok

Ah ya, I've done that already

it says it lower down

I tried creating the firewall rule like it said in the guide, but I still can't connect... Just to make sure for the source, if my gateway is 192.168.86.1 would I put 192.168.86.0/24 as the source?

yep

Ye ok, so ik I got that right, but it still isn't working

I'll send a pic of my config

I'm not too familiar with pfsense

I use vyos now in my lab

Well here it is anyways, sorry about quality

huh, I've never heard of that

it's all cli

and I was already kinda familiar with it because edgeos which is what my main home router uses is very similar

all vyetta based

Huh ok... I'll keep that in mind if I do decide to get a dedicated router. For now though, I might as well deal with having to use WireGuard to access my admin interface

you rebooted?

and what is your admin port set to?

you setup the aliases right?

Uhm wait... do I have to? my admin port is 443, so I didn't bother with aliases

well if you want to port forward 443 in the future it won't work

but for now I guess it's fine

oh

are you using https?

Ya, this is temorary. I'm probably going to mess with a reverse proxy if I do port forward though

in the url

And ya, I use https

that always messed me up with proxmox

hmm

idk

@rocky badge knows pfsense better

Well, thanks for trying to help. I guess I'll just wait for them to get online...

o/ for now

Haha, I rebooted and it worked. nevermind!

nice

Thank you!

okay got a question

i am making a host-only network on vmware

and the dhcp i set up on my windows server wont give out ips to windows 10 machines any ideas ?

i can ping the server when i set up a static IP but i cant ping the w10 machine from the server

@willow spruce Enable forged MAC & promiscuous mode

on the vSwitch

oof yea i need to see what that is haha

i think i know what the issue is

might be this

yep it works

am big dumb

this was enabled

lol

yep

running into real trouble now

big yikes this

when i thought i might not run into problems

very cool this

i have no idea whats going on

@willow spruce you're trying to connect to a windows server active directory domain called Nowakowski.local. Have you set up microsoft active directory servers for that domain?

@tame carbon you'll be asleep now, but FYI, the new wifiwave3 drivers in routeros 7 increase 5GHz performance substantially for any hardware with gen2 wifi chips

more like 550Mbps rate instead of 350-400Mbps

@tender hazel i actually fixed it already

the DNS was set up wrong

Real footage of the server rooms in every school

The server room in my school is literally just two PCs running Windows 10

hello for some reason my smb server in openmediavaut is not working

when I give systemctl status smbd it shows

smbd.service - Samba SMB Daemon
Loaded: loaded (/lib/systemd/system/smbd.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2021-03-25 16:36:15 +06; 18min ago
Docs: man:smbd(8)
man:samba(7)
man:smb.conf(5)
Main PID: 18658 (smbd)
Status: "smbd: ready to serve connections..."
Tasks: 3 (limit: 4915)
Memory: 9.1M
CGroup: /system.slice/smbd.service
├─18658 /usr/sbin/smbd --foreground --no-process-group
├─18660 /usr/sbin/smbd --foreground --no-process-group
└─18661 /usr/sbin/smbd --foreground --no-process-group

Mar 25 16:50:00 MyHomeServer.local smbd[22683]: [2021/03/25 16:50:00.366056, 3] ../auth/gensec/gensec_start
Mar 25 16:50:00 MyHomeServer.local smbd[22683]: GENSEC backend 'fake_gssapi_krb5' registered
Mar 25 16:50:00 MyHomeServer.local smbd[22683]: [2021/03/25 16:50:00.366265, 3] ../source3/smbd/negprot.c:7
Mar 25 16:50:00 MyHomeServer.local smbd[22683]: Selected protocol SMB 2.???
Mar 25 16:50:00 MyHomeServer.local smbd[22683]: [2021/03/25 16:50:00.366684, 3] ../source3/smbd/smb2_negpro
Mar 25 16:50:00 MyHomeServer.local smbd[22683]: Selected protocol SMB3_11
Mar 25 16:50:00 MyHomeServer.local smbd[22683]: [2021/03/25 16:50:00.367269, 3] ../source3/smbd/server_exit
Mar 25 16:50:00 MyHomeServer.local smbd[22683]: Server exit (NT_STATUS_END_OF_FILE)
Mar 25 16:51:16 MyHomeServer.local smbd[18658]: [2021/03/25 16:51:16.739008, 2] ../source3/smbd/server.c:80
Mar 25 16:51:16 MyHomeServer.local smbd[18658]: Could not find child 24013 -- ignoring

can anyone help me

Can't see any details really wrong from that

in my network tab in windows the server is showing up but when I try to open it tells windows cannot access \MYHOMESERVER

@dense wolf did you set up user groups?

no

@dense wolf https://www.digitalocean.com/community/tutorials/how-to-set-up-a-samba-share-for-a-small-organization-on-ubuntu-16-04#step-3-—-creating-users

You create a user account, and then a share for those users

Would anyone happen to have read "Cisco Routers for the Desperate" published by No Starch Press?
I'm trying to learn Cisco and I'll be away for the weekend, unable to fiddle with Packet Tracer
I will however have my tablet & I'd like to get some reading in

Reckon that book'll do fine or would you have some other reading material to recommend?

Cisco 😓

Job I'm applying for considers it a plus 🤷

would it be 5, 6 and 1?

why 5?

do unregister the IP on the default ethernet?

yea i was about to say

this cisco stuff is foreign to me

probs not 5

If the requirement is to remove the existing ip from the main interface then 5

what would the 3rd one be other than 6 and 1?

1 and 6 are correct, so 5 is the only logical option since the others are invalid commands or syntax

though

oh

I'm setting up a Proxmox VE on a Dell Poweredge, and the Proxmox client doesn't show up in my Google Wifi device list, even though pfSense (running in a VM) does show up. Any ideas as to why?

@clear igloo 4 is very imaginary

Yah, it's not completely correct because you can have an IP on the main interface without issue and do sub-interfaces but it's the "most correct" out of the available options that are left. Maybe a long time ago early IOS didn't like that though but definitely not true today

right

I guess since a non-tagged interface would go into the default VLAN that's why they want you to remove the ip off the main interface

yes, no need for an ip there, good to remove it for security purposes

I agree with the answer 1 5 and 6

I think it wouldnt work either way if you've got an IP assigned before setting dot1q encapsulation
I did a lab exercise in packet tracer yesterday and trying to set interface IP before setting encapsulation wouldn't work properly

usually when you are doing router on a stick like that you don't have an IP on the main router interface, only on the vlan subinterfaces

yea i was gonna say its probs there just as a standard practice

I've never tried, I've just always set up the vlan subinterfaces without the main interface having an IP

https://www.openssl.org/news/secadv/20210325.txt

CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)

Its because if you have a subinterface and you try to add an IP address and if no encapsulation exist, logically it would not know how to interpret where a packet is destined as now both the interface and subinterface technically have the same encapsulation (untagged). Once you specify the encapsulation, you can then add the IP and any other family based commands

Got my new fibre installed today. Very happy with the result.

@clear igloo IOS-XR 64bit

VOQ-only Architecture

🤣 https://brrr.money/

bro

u seen the market lately? its nasty out there

when you move that slider lol

i didnt get any stimmys

dumb.

like every govt program they do it wrong

lul

LOL

Oooh, its a game lmao

priceless.

you just print money

and then do bribes for more money

ok so its just cookie clicker then

https://thefed.app/

im just annoyed that they made a stimmy, blocked high income earners based on 2019 income without regard about their current bills/financial situation due to covid

dumb.

https://i.imgur.com/c17nwA3.png

its either 2 or 4, but how do u tell?

do pcs and switches have different mac addresses or something?

or types rather

what happens when you attach another switch and that switch has 10 PCs on it?

what happens to the mac table on the original switch

wdym

oh theres 3 ports that are fa0/1

yep, thats what happens

so it would be switches?

not pcs?

no its PCs but it shows all the PCs on one port if another switch hosting the PCs is attached

oh right

it's 4

[SWITCH 1] -> [SWITCH 2] -> PCs 1-10

switch 1 shows multiple macs

one per PC

that would just mean the switch is the one thats directly connected for fa0/1 though right and the pcs are the multiples

yes

kool

@hollow marlin i remember when these concepts were difficult lol

boy did i not know how hard networking actually is

Doing it right and at scale that is

CCNA back then did not actually prepare you for working on networks IMO

needed CCNP route knowledge at least

I know fuck all about dynamic routing

mpls and bgp are alien to me

actually doing MPLS yourself, i forgive anyone who says that

but just getting a handoff from a provider, eh

you dont actually do MPLS stuff yourself

yeah but I dont know what its used for and when it is appropriate, and how xD

all I know is its some kind of software defined routing using labels

its mostly BGP work on your end if the provider is doing the MPLS part

so what MPLS is for the routing between the two peers directly, and BGP to announce to wider internet?

nope. so if i have [SITE A] -> MPLS PROVIDER -> [SITE B] and i traceroute to site B, I will see a hop leaving site A and the next hop after that its already at site B despite the tons of MPLS hops between A and B

so its routing encapsulation?

yeah using labels

so what is that MPLS PROVIDER doing?

label switching over long distances

so its just switching basically, over a giant virtual router

to over simplify yes

so i can connect all my sites to this MPLS network and I dont need a hub site to route from site to site

the MPLS switches where it needs to go

so is this for things like a corporation with a lot of offices?

instead of going public IP, they just route this stuff internally (ISP) through some MPLS network?

Same, wasn't until getting my NP before I was comfortable

@tame carbon its complicated. you can use whatever IPs you want in the MPLS network. But lets talk internet

if I have a HQ with internet what I do is advertise a default route to my MPLS provider and my other sites will go to HQ for internet

oh, that's cool

BGP/MPLS 💚

i can even do regional internets with some MPLS providers

so MPLS could be used as a faster route in local areas?

like america goes to america HQ, latin america goes to brazil HQ

an ISP could run MPLS internally between their various neighborhood ISPs, so people in the area have good latency, even if the guy is on another ISP

yes the reason many corps use MPLS is the latency is very low and its reliable

is that about right what i wrote ?

ISPs are getting better now and so you'll see more IPSEC

@hollow marlin is the ISP MPLS guy

thats where I stop

I dont have ISP experience

@waxen scroll I do

I have 2 static routes xD

i mean I dont work at or engineer for ISP

I've only ever been a client

I always yell at ISP

i couldnt tell you all the things they do

except the ISP I have now, those guys are awesome

you call them up

and they speak jargon

with the DSL provider it was like: have you tried restarting the router?

last place I worked did self hosted MPLS at both datacenters WAN edges and we shared routes from both facilities using MPLS

they didnt understand what latency is, what FEC and CRC is

it was on dark fiber

oh nice

so you have your own DWDM between the two DC?

yeah

that's the dream with it comes to a line basically.

if you're a big company its cheaper than PTP or ISP MPLS

the start up cost is huge

lots of savings over time

now that. from the exchange straight to my basement

install one of those 48U routers

and then install a single bitcoin miner with 1 gpu.

the routers we did the MPLS on were like 16U

i forgot

half the size of a human

so MPLS is really for like, backbone-ish stuff?

not really applicable in SOHO

right

I wonder if there was some kind of 3d structure you could build

if you could map every single BGP peering endpoint

@waxen scroll I think... we're in the matrix. http://as2914.net/#/galaxy/internet?cx=0&cy=0&cz=0&lx=-0.1978&ly=-0.4638&lz=-0.0814&lw=0.8597&ml=150&s=1.75&l=1&v=2020-01-28

When dealing with MPLS between providers things get a little more complicated. Its called Inter-domain MPLS and ISPs have to have contracts on the service.

@hollow marlin is MPLS subject to different costs compared to regular IP access?

I'd imagine it could be much cheaper

it should be more

really?

mhm

there are SLAs and other perks you get

therefor you need to PAY

QoS too!

you cant get SLAs or QoS for internet

Yeah its more expensive. If you go the SLA route then RSVP is used which is a stateful protocol and uses up memory and CPU. Overall it has little impact on resources until you get at the scale where you have 1,000 of circuits

they also get pissed if you exceed 5k routes

then you pay more and they go FINEEEEE ok

@hollow marlin I made it to 8k once

then they got mad and I filtered all /29s and /30s

we had like 3 different MPLS services so I just filtered at the convergence points lol

Curious why they limited it to 5k, we required LOA for each block they want to advertise, but they can slice it up into all /24s for all we care. I let the ARIN folks tear them a new one for lack of summarization

its private MPLS

like i approach ATT and they make me a VRF on their global MPLS network

theres limits to what they let you do before you pay more

so yeah no LOA needed

i can advertise whatever the hell i want

@hollow marlin have you ever done stuff with the mikrotik API?

the new APs are supposed to come in tomorrow

Fun times 😄

Anybody here use pfsense?

we only offer MPLS layer 2 pseudowires (VPLS)

we don't really do MPLS L3 VPN

we haven't really had any demand for it yet, most of our customers who want tunnels just want layer 2

VPLS/EVPL/EPL

:\

what?

they dont demand cause you dont offer

build it and they will come

who is going to want such a service?

me. @hollow marlin , lurick and his customers

medium business and higher

yeah we only service rural and remote areas.. we have a few customers who have branch offices in the areas we serve but their head office is outside of our service area

so I can't see them wanting MPLS L3 VPN to connect those handful of branch offices together without connecting to the main office

we've got mpls in rural before but its usually old tech

coax and whatnot

yeah it is just that the traditional use case for MPLS is for a company to link their branch office to the suboffices so they don't need internet connections for the suboffices

if you're in asia but an american company MPLS is practically a requirement too

we had offices in like 100+ countries

@hollow marlin the latency from india to US over internet is deadly

@tender hazel also back to when i did CCNA.... MPLS was huge and they didnt teach ANYTHING about it or BGP

everyone doin frame relay!

dumb.

we wanted to offer VPLS for a long time but we were all cisco and you could only do L2 pseudowires with MPLS with like metro switches or whatever

so we couldn't actually offer L2 pseudowires to our customers until we moved to mikrotik

our main VPLS customer who uses the service has a mandate to use only public IPs for everything (no RFC1918, even for internal, not allowed to) and not enough public IP space so MPLS L3 VPN doesn't work for them because it doesn't make for efficient use of public IP space

what the customer has at each site is a single video conferencing unit that they need to connect, so an L2 pseudowire makes more sense

it's not like they are going to be doing broadcasts for dozens of workstations across a L2 pseudowire to some other site

it conserves address space more efficiently because only one public IP is needed per site for the video conferencing unit, and so they can all be on one broadcast domain

i hate video conf

most companies I work outsourced that whole network to someone like ATT

telepresense mainly

I wonder if that tech is even relevant anymore

haven't heard much on it for a few years

it is for our applications - it is telehealth, doctors using speicalized video conferencing to communicate with patients in remote and rural areas, with QoS to ensure they get the required bandwidth

Even though we offer L3VPNs, most our sales are L2VPNs sadly enough

I'm not surprised

especially with all of the "SD-WAN" stuff

our telco offers L3VPN and we have to buy it from them in a few locations because nothing else is available.. but they charge something like $1500 if we have to make any routing change to the L3VPN

so what we do is tunnel across their L3VPN

they have some wrong old routes for us but as long as we don't send those to them, it isn't an issue, and we don't have to pay $1500 to fix them

I prefer L3VPN or EVPN but I also understand how customers minds explode most the time with anything outside L2

VPLS is fine for our customers but it's a nightmare from a tshooting perspective

it is not only our customers minds.. many of our technicians minds explode with the idea of a VRF or anything like that

at least some kind of L2 tunnel behaves like a network cable so they can wrap their head around it

I'm finding that too

For whatever reason it feels like average network people aren't that technical

But how many companies in the world are needing vrf

And don't get me started on vrfs leaking to vrfs with as override

One of the places I worked for did that and had a LOT of explaining to the NOC on how it works and why

👀

Can a damaged fiber cable cause random frequent internet drops without outright signs of disconnection?

yes

even dirty too

Hello

Hello

@gloomy cave not at random, if you have fiberfuse or a fiber break, you get no signal at all

Hi guys I am having a network issue

Who here is a pro at this

^

just fyi

@spice gust sup

Hi, I can’t find a match in cod, and all my friends can and they are fine, tech support said to ask you guys because it Might be p2p issue

@spice gust might be due to port forwarding

Oh how can I fix that

Do u want to fix it threw team viewer

do you know how to open the settings on your router?

Nope

You gotta help

That's what I am doing rn

Like in sense of help like physically

wat

Usually, it is 192.168.0.1 or 192.168.1.1 in your browser

Oh okay

@spice gust open commandline

and run

ipconfig /all

send a screenshot

Okay

k.. can you scroll up a bit?

Okay

perfect

go here: http://192.168.254.254/

Okay I am there

does it say what brand or model of router it is?

I assume you are at a login screen

Yeah

ok, the list of devices in there, do you see your xbox?

No this is my pc

I play on pc

oh, so CoD on the PC you are using rn

Yeah

I do see my computer

Click on network at the top

Name

Yup did

is there DHCP settings there?

This what I see

always a bit of a puzzle these ISP routers

they are all different

Oh

@spice gust can you go down the list, find the PC (should be address 192.168.254.137)

and then click on DHCP

Okay

It is asking to sign in let me find the pass word

I don’t know the password

@tame carbon you there

I am

I am also trying to get on this fucking ziply support website

but their stupid bot detection thing is making me do a stupid quiz

https://i.imgur.com/rlQ7rWy.png

Oh

Ah makes sense

try this for the password nvg468mq

if that doesnt work

try unknown

Okay

None of them work

https://i.imgur.com/5mhntCU.png

Ah got it

Let me go check

It’s not there

I will send pic

You mean 5480845684

That’s the pass

Oh let me try that

@tame carbon I am in

Ok.. so that's not exactly what I was looking for

Yup

I noticed

Well, either way, lets just do the port forwarding and care about dhcp after

Okay

Go to firewall, look for NAT

I am there

Go to port forwarding

Did so

What version of CoD?

Warzone

Like the newest one

TCP: 3074, 27014-27050

UDP: 3074, 3478, 4379-4380, 27000-27031, 27036

Okay

Those ports will need to be forwarded to your PC

So how do I input this

Create a new rule

I choose my pc

Do I click add

Yeah, and then you select the protocol and enter the Port

You'll need to make multiple rules

I can’t add

And the ports with a - inbetween are ranges

It says service name can’t be empty

Just make something up

That's not important

Okay

What about port range

It’s asking for that as well

You have multiple ports and port ranges

TCP: 3074, 27014-27050

UDP: 3074, 3478, 4379-4380, 27000-27031, 27036

So do I put that in

What do I put and where

Yeah, if its not a range but a single number, then you only fill out the left field

If its a range like 10-20 then you fill out both fields

Like that

Yeah... Except that was an example

TCP: 3074, 27014-27050

UDP: 3074, 3478, 4379-4380, 27000-27031, 27036

You need like 7 rules

So does tcp go on top and dcp goes bottom

Some ports are both tcp and udp

How about this I will turn on team viewer and you take control of my computer and show me

Stop being lazy

Start with port 3074

Oh

Okay

Enter udp/tcp and press add

Do this for all the ports and ranges of ports

So like that

And I click add

Ye

Select your pc

Wat

Wtf does that mean

Garbage router.

You think

Now add

Right

Local base port should only be for single ports

Though idk

The Naming they use is confusing

Arg

so now I know that it’s my router issue

At least

Useless router and can’t port forward

It cab

Can*

Probably not doing it right

Oh

And perhaps @clear igloo can help you out now, I have to dash. Busy with something

Port forwarding is trivial, shouldn't be this hard

Oh okay

@clear igloo can you help pls

Pls help someone

@spice gust I have returned

do you have anydesk?

No

Get it

Okay

its like teamviewer, but it doesnt block me

Okay

(I cant use teamviewer on a corporate line)

Oh okay

I am installing

How long will it take

Cause I am in a class

Right now

@tame carbon

I sent a request

minimize your zoom call lol

its lagging me to shit

@spice gust

There

@spice gust if you stop moving

I can do things

Oh okay

How long will it take cause I got class in 20min

2 mins probz

wtf is this thing doing

What thing

fucking done.

Okay thanks

@spice gust I just forwarded all ports.

but I need to double check fw config

cus its generall unsafe to do this..

Oh

Okay

btw the answer is A

I know

😂😂

I disconnected

Okay

@spice gust its important that you set windows fw to "Public network"

Should my game work now

not home network

Okay

@spice gust and then permit CoD internet access

Have you done that

Or do I need to

no, but that should come up next time

if you want to do this properly

Okay

you might want to buy a seperate router

I have one

and use the ISP's device purely as a modem

A gaming one

gaming routers = shit

So I will hook it up today

Oh

its just marketing blah blah blah

I have linkskeys wrtx

Router

Not bad

But Jsut wondering will my game work now tho

@spice gust see on a proper router, this is much easier

https://i.imgur.com/1w2Lgxm.png

you just add a rule

and enter the ports 🤣

Ah

Makes sense

Will consider a anew router

But my main question is will my game work

Do I need a restart

probably

nah can just try now'

Okay

I wil

@spice gust basically, the router will forward all traffic to your PC now that is incoming

in p2p contexts, the other players connect to your public IP

Oh

but you are behind a gateway that translates addresses

that 192.168.254.0 network

that's a LAN

Ah

NAT is a mechanism that just translates the destination IP addresses

So mine thing was not forwarding properly correct

if they match a filter

@spice gust yeah idk it was just erroring out on me

piece of junk

Ah

but basically what NAT does (Network Address Translation)

when your PC talks to a server on the internet

Makes so much sense now

your router is constantly changing source and destination addresses

between your WAN and LAN

Okay I am looking for a match now

by doing DMZ

cus that's what I configured

https://upload.wikimedia.org/wikipedia/commons/thumb/6/6f/DMZ_network_diagram_1_firewall.svg/1920px-DMZ_network_diagram_1_firewall.svg.png

You get this ^

Oh

its a "demilitarized zone"

It doing it again

Not loading

really?

Yup

mh

you're on the latest windows yeah?

can you go to network settings

find xbox live

it should have NAT status somewhere

Yes

what does it say?

Checking

it should say open

There’s my issue

mh

there might be one other thing we could try

cgnat?

What is that

@spice gust go back to that DMZ screen

disable it

and then in Firewall

click on UPnP and enable it

Okay

So go to my router site

ye

UPnP = universal plug and play (and every trojan's dream)

allows a program to dynamically port forward

when needed

but yeah, its also kinda insecure

yeah turn that on

that should fix that teredo warning

It was on

then...

IDK.

call your ISP

tell them their ONT is total trash

if they cant help you

buy your own router

and use that instead

you can just forward all traffic from that ISP device, and then you just use your own

you just have to hope that your device supports bridge mode

It works now

It has open

cool

I will see if my game works

last thing you could check

is windows firewall

Yeah

but usually this is done automatically, when you first launch the game

Oh

it asks you

Yeah it did

I said yes

@spice gust this is why I hate ISP routers. Because they rename everything and make it so confusing to use

Now it says blcoked

Oh

so anyone who is tech savvy, feels as if they are crippled when using the router xD

Tell me a good router to buy

the screenshot you saw me post there was a mikrotik

those are 100% manually configured, but the default settings on them are as a home router

cheap, and very reliable

depends on what you need

https://mikrotik.com/products/group/wireless-for-home-and-office

Oh

lol so now its really toast

did you remove that DMZ thing then?

Yeah

might have just taken a moment to propegate.. xD

I think it did work.

Should I jsut reset my pc

no

this isnt your PC's fault

its the jank router you have

Oh

😂

all the consumer stuff is pretty meh

mikrotik is cheap and for the same money you usually get way more performance

Looks like my firewall was off

idk what you paid for your gaming router

It was 250

https://mikrotik.com/product/rb4011igs_rm

yeah this thing is 200

and it can do 10gbit