#networking

Oh?

well what I would do is pull a pull cable though

Sounds sketchy lol

yeah

@jolly sable normally you use this

some kind of pulling wire, you just stuff it down the tube

and then on the other side, you attach your cable

and pull it back

That seems super big brain

well

this is how you pull cables xD

I feel like I should just get somebody to do this tho I dont trust myself lol

My grandmother's church wants me to come look and upgrade their networking. I hope I can reuse the existing ethernet

Aka at least cat5e

@jolly sable fiber optics is even more brilliant. They put a plug on the fiber and push it into a tube. And then use compressed air to push it through the entire length of cable

Unfortunately I cant get fiber here yet

huh nice, I wish I could do something useful

Lol

According to every service provider in existance that has fiber at least

@jolly sable now you need to find another one of those coaxial cables in your house

or find out where they go

I know where one is

Upstairs in a corner

is this one downstairs?

Yes

Basement

@jolly sable do you happen to have a multimeter?

I doubt it. Have to ask my dad honestly

if you short the ends of that coaxial cable

and you can measure for continuity on the other side

you could use a battery and an led too

or that

yeah

Idk what any of this is LOL

@jolly sable basically, if you short circuit one end of the cable. you can measure resistance on the other side

and if its the right cable, you can measure this

its same as hooking up a battery on one side

and an LED on other side

LED turns on = you got the right cable

Honestly I feel like I'm gonna screw this up. I should def just get someone to come and pull a cable rather than me LOL

you could also do ethernet over coax

MOCA

@peak cloak but thats more expensive

??

but it's expensive

than pulling ethernet

What does a coax cable even do

@jolly sable you just need a cheapo multimeter that just can measure resistance

adapter that puts ethernet over coax, kinda like powerline but over coax, but much much more reliable

https://en.wikipedia.org/wiki/Continuity_test

transmits things like CATV, DOCISS, MOCA

CATV is for TV service

DOCISS is internet by the ISP

MOCA is for local networking

@jolly sable its a communication cable basically

I see

but it can run various standards

Idk if the coax cable upstairs is being used for anything

MOCA is one you can use yourself but the adapters are very expensive

Kinda like Cat6/etc, various things can be used over the same cable

50 bucks or more for each end

I have coax all over the house but we don't use it all. I decided to just run ethernet

Well thanks for the tips guys I've gotta head out now tho. Should I just screw back on the plate and stuff until I can actually pull this wire or test them etc? Dont got multimeter or anything rn

I mean it's not dangerous necessarily to keep it off

@jolly sable well if you find another one of those coaxial cables in your house, you can use a continuity test to see if they are the same cable.

Will do.

I'll need to get a multimeter or battery thing and stuff tho

I'll screw it back on for visuals sake loll

although you want to make sure they aren't connected to a splitter

multimeter is just easier

@peak cloak thats why multimeter is a bit more elegant

it doesnt produce that high of a current

Yep

@peak cloak lol when you forget to switch the plugs on your meter

This is where all my coax terminates

and you measure voltage when its plugged into current

you get a very very loud bang

and sparks

Its not connected to anything

Ouch

@peak cloak https://youtu.be/OiwWaIvIeao?t=226

basically ^

@peak cloak this is why I love electroboom lol. always shows you what not to do

The secret is that the US is really 240v already

https://www.youtube.com/watch?v=jMmUoZh3Hq4

But I admit, seeing things BOOM is entertaining

yep, it's dual phase

one side is -120V

other is + 120V

👍

reference to neutral

one thing I don't understand though

how can AC be grounded

that part still confuses me

What do you mean "grounded"

And AC is +/- 120V but both phases are 180 degree rotation of each other

60Hz meaning it Cycles between + and - 120V 60 times a second

Neutral is bonded to the earth (Ground) at the Meter/Service Feed Usually and the Ground is direct to Earth.

With an iron pole (sometimes two poles) stuck into the earth/soil/ground/etc

The neutral thing

Which is ground to earth in the box

So, Neutral or Ground is just a "Reference" which you measure all other Voltages (The "Difference") from.
Usually ground is the source with the lowest potential (0V) and thats either the - side of a battery or the earth.... because the earth eats the power and has no "output" or "potential"

If I got a source with 12V of Potential and I use another Source that has 5V (instead of 0) as my "Ground", I end up with 7V.

Think of Voltage like psi in a water or gas pipe. Thats pressure. Thats the POTENTIAL force that can be released.

Basically, the earth is used as our Ground and Neutral Reference Bond because its one huge ass energy sink and it never has any potential.

So imagine a water hose with 30PSI (V) and the end is cut off by a valve. There is 30PSI in that hose but it aint moving anywhere.

Attaching to earth is basically like cutting the end of the hose off and just letting the water dump as fast as it can straight to.... earth

Now lets say I got 2 Water Hoses. Ones at 10PSI and one is at 30PSI. If I attach the ends of them to each other (While maintaining the PSI), you got 10 PSI of Force fighting against 30 PSI..... you get 20PSI of Flow in the weak direction (The 10PSI Source)

If we used a reference point that was like... 30V for everyone, we would have to waste 30V of adjusted current to compensate for the "Neutral"/"Grounds"push back against us

Wasted electricity

In reality, a 100% efficient electronic will use all the electricity coming into on whatever its doing and not waste it (basically meaning that the current should never make it to the - connection if its perfect)

@plain siren my brain stops working when you start measuring things like reactive power

for inductive loads

I just heard add volts and amps until it works.

@peak cloak do you know what a voltage divider is?

https://i.imgur.com/GX0A5J7.png

if Z1 and Z2 are both same resistance

the voltage at Vout will be half that of Vin

That's what the split phase power is doing, its a transformer where the neutral is in the center of the coil

You have the primary, iron core || and secondary with the neutral in the middle

the difference across the entire coil is 240V, but halfway it is 120V

yes

the only thing that confuses me is the whole AC which is bonded to ground thing

@peak cloak AC ground is literally ground

its err

yes

but it's AC

yeah, so the three phases combined = 0

so it will be HIGH and LOW

well we have 2 phases

I think

or is split phase different

@peak cloak if you have a Y-configuration

yes

let me explain

you don't need a neutral between the source and the sink

because the sum of all three phases is 0.

not always

in three phase systems, yes

in a perfect scenario yes

so here, by bonding the "neutral" to ground wouldn't current flow to ground

@peak cloak usually the transformer has a big neutral that sticks into the ground

to even out any imbalanced charges

but there's no return current to the source

those big overhead powerlines

yes but isn't the voltage of the neutral also going up and down

usually are three phases, and then a thin neutral

just to even out differences between the phases

but that's only if loads are not equally distributed across all phases

@peak cloak voltage of neutral referenced to what?

voltage is a potential of an electric field

ok so here

if two fields are equally strong, the voltage is 0.

US residential system

I drew a ground

yeah but nvm the wire stuff

you need to understand the physics

because electricity / magnetism is really at play here

Its same the thing

@peak cloak yeah but this is a single phase

yeah

split phase

in the house we have a small sub distribution board

it has 3x 25A phases coming in

two go to the induction cooker

and then there's 5 16A breakers for the house

Induction cooker runs on two phases, so it has what 400V?

415~

so really what I am confused about is if neutral is grounded then how does electricity flow though the system or is it just because the resistance is too high going to ground and it's less resistance to go though the neutral wire?

I understand DC, but AC is just confusing

@peak cloak do you know how a transformer works?

yes

it just lowers voltage

I know the basics

no

but what does it do

a transformer coil is basically a big inductor

when you pass a current through a wire

though magnetism though an iron bar it inducts electricity and the winding determine the voltage on each side

it creates a magnet field perpendicular to it

yep

ik

no

a straight wire even

well yeah

if you then coil it up, it amplifies this even more

yeah but

ik, I took psychics, right hand rule

once the magnetic field is at max strength

the current drops

yeah

so by oscillating the field

you can do actual work

yep

on the other side

the iron core just helps concentrate the magnetic field

@peak cloak so the meaningful work you are doing

is between the middle of the coil of the 2ndary

and the edge

@peak cloak the primary and secondary don't have the same neutral reference.

because they are isolated because of the transformer

thus no neutral

its purely energy you are sucking out of the magnetic field

its magic

and the only reason this works, is because of something called https://en.wikipedia.org/wiki/Eddy_current

a changing magnetic field induces a current in a conductor

yeah ik

so glad this shit exists

like its so perfect, and beautiful these equations and how it all just works

@peak cloak do you get it now?

or is it still confusing to you

not really

watching a vid rn

it's just the difference between ground the neutral that I don't understand

@peak cloak ground is not referenced to neutral

it's the fact that neutral and ground are bonded together

ground is usually a pole in the house connected to the water supply or a rod

yeah

the way its handled in house electricals

and neutral is connected to that

if current flows between a phase and ground, the RCD should trip

yeah

but in the main house breaker panel neutral and ground are bonded

that's what I don't get

@peak cloak yeah before the RCD

its to ensure that current only flows between phase and neutral

@peak cloak but that's only on split phase I believe

not entirely sure

@peak cloak like, I've had funny things where I had two laptops plugged in

and there was a 200V potential between the cases

xD

I would touch my classmate

and he gets zapped

feature of the new macbooks

because they ship power supplies that aren't grounded

so we swapped it for a grounded supply, and it was gone.

@peak cloak and yeah in part it has to do with resistance

there are some floating voltages between neutral and ground, though not that significant

@peak cloak https://youtu.be/quABfe4Ev3s?t=72

yep I watched that

I watch like every vid

@peak cloak but you are right though, AC is a bit of a mindbender

in electronics I am usually dealing with DC only

AC is only for supply

diode bridge and a couple capacitors

ah ok I think I found the answer

the impedance is just too high

@peak cloak yeah that has to do with reactive power

Idk too much about that

very complicated

this explained it

https://forum.nachi.org/t/ground-and-neutral-bonded-at-service-box/24636/2

you usually dont deal with that kind of stuff in home environments

and you don't bond neutral and ground at subpanels because the ground wire then becomes a parallel conductor

yeah neutral floats

you can reference it to something else

and you can get current flowing from somewhere else

but impedance is just the electrical equivalent of faradays law

where it takes power to build up a magnetic field

isn't impedance the equivalent of resistance in DC circuits

impedance is only really existent in contexts where you have inductive loads

and a transformer is such a load

I forget if frequency had to do something with this

higher frequencies have higher impedence

no

its purely magnetic https://i.imgur.com/WEjH1z8.png

Xc is charge

and Xl is magetic flux

https://i.imgur.com/ADb16Hl.png

@peak cloak anyways, we're quit offtopic now.
All I know about AC, is that if you have a floating neutral that's hooked up to ground improperly.

you get zapped if you touch a PC case.

yep

@peak cloak you know what other kinds of circuits have impedance?

speaker systems

those are AC too

big 1000 watt input signals to speakers are often ~150V

at max amplitude

@peak cloak those audio folks running sensitive gear often actually put tape on the ground pin on their supplies

its risky, but they claim it reduces static noise

not the first time someone got electrocuted by their guitar

huh

never knew high end audio had high voltage

@peak cloak output stage of the amp does

speaker impedance is usually 4-16 ohms

so high power speakers are driven with quite a high voltage

you can calculate it

500 watts at 8 ohms

63.2V, 7.9A

2 ohms for them bose mmm

yeah those big full range speakers

they can have quite low impedance

the high range speakers on my desk are 8 ohms 100 watts

but there's 3 of them

and the sub does something like 400 watts xD

My car has those Bose speakers and not all of them but some of them are 2 ohms

not sure how frequency response relates to the impedence

because that impedence rating is average

I'd imagine that lower frequencies have a higher series resistance

because takes more power to drive lower frequencies with same amplitude as it does for higher frequencies

No highs or lows, must be bose

any ideas as to how to reset putty color schemes to default?

was forced to install solarputty with gns3 and it has completely screwed up the old colors and i can't get them back

The reason houses have coax running to many different rooms was mainly so that people could get cable TV service to several televisions in the home (before the days of digital cable tuner boxes). I assume you are probably not the first person who lived in the house. Most likely someone used to have a TV in that room a long time ago, but the coax was no longer used and was just shoved behind the faceplate so that it was no longer hanging out the hole since it wasn't used anymore. The coax most likely runs to some kind of splitter at wherever the cable TV used to come into your house. The cable company would usually only connect one cable in the house and so the splitter would allow multiple televisions.

How are we doing today?

somewhat - mikrotik, but it isn't the same as unifi when it comes to ease of use

and I'm not sure you would call it single pane of glass

you're not gonna get much with cross vendor management

maybe for stats but not management

stats from something like SNMP

mikrotik is much better at the gateway side of things but worse at the access point end

Ah, ehh

There are some but Ubiquiti $$ < Them $$$$$$$

Like Meraki and such

Yeah

meraki requires yearly costs to renew or they stop working, so I wouldn't even look at them

None of this is really for home use 😛

I'm probably gonna be installing all UniFi at this site I'm going to visit today

mikrotik is free aside from the hardware cost but unifi is so nice for wireless

😂

~8 APs, router, switch

They already have a network rack so I'd gut everything except for power and such

it'll be an upgrade from their existing setup too...

what are they running?

netgear wn whatever

10/100 ports on that shitbox

some unmanaged switch

senao aps

and they're looking at upgrading their streaming setup and wondering why its so shit

wireguard fiasco?

lol

I mangled some pics out of someone there

And iirc that's a 10/100 switch lol

we rolled out the unifi stuff to one customer

the APs are great

and iirc this is also a 10/100 router from netgear, probably operating in ap mode

the switch.. forgets what it is connected to each time it reboots

rip

I've got 2 switches personally and another deployed at another location

so if there is a power outage I have to log into the router, ssh into the switch and connect it again to unifi

I'm also supposed to get 2 APs today for another site

I suspect it is just a bad switch

RMA period?

its probably not saving the inform URL or something

no, out of RMA period, the problem was probably there with the switch to begin with but it was our first unifi deployment so we didn't know

yeah it is not

info whenever it loses connection?

if it loses power it loses the inform URL

rip

like its factory? or still keeps config but no inform?

like its factory whenever it loses power

rippppp probably the flash or something

thankfully it is just a switch, and we only have one deployed

Home & Remote for shit lol

we are mostly deploying mikrotik for switches and routers, mostly to do with a feature that ubiquiti does not have, RoMON

our users have an unfortunate tendency that the moment there is an outage, they unplug all cables and start plugging them into random ports

LOL

in an attempt to get service up and running again without having to call anybody

hopefully in AP mode

Anyways I should probably be getting to bed soon, its almost 1am and i need to wake up at a decent time to get to this client's site

which really just means that once the outage is resolved, everybody is up except the idiots who decided to start unplugging things and plugging them in randomly

a lot of people think any rj45 port is the same as any other

😳

switchport configs

is it an access port!!!?? is it a trunk port!!??!!

What's the difference /s

--the client

that's the thing mikrotik solves for us thankfully.. with romon, the switches and routers etc build a managment netowrk with each other even if the VLAN and port configuration is completely wrong

ah, nice

it is a specialized management network protocol that works over layer 2, just by having the devices plugged in in some way

I typically like out of band management lol

so even if they move all of the ports to the wrong ports, we can still connect to everything remotely and figure out what they did

🤣

in our case, when they do that, it is a $1500 round trip cost to travel there and fix it

or more

fly-in only sites

"do not touch"

so some stupid user going crazy and deciding that unplugging all RJ45's and plugging them into random ports will fix things is an expensive mistake

if we can figure out what they messed up remotely without having to go there, it saves us $1500 travel costs

a no brainer in terms of selecting a solution

@tender hazel "but its just a switch"

Switch is just make packets go brrrr?!?!

@clear igloo https://brrr.money/

Yah, switch don't have brain

@clear igloo do you know anything about jumbo frames?

like as a technique to stack multiple frames together

between two switches

if you did 3000 MTU

I've not heard of that as a use case, no

you could transfer 2 packets at once

Generally if the client and app supports jumbo frames and the network is configured to allow, say 9000 byte packets, then the app will just stuff more data into that single frame

Although the ability to combine packets would be an interesting challenge 🙂

@clear igloo yeah but what is it with those high density links

Just more packets per second and applications that make use of jumbo frames, depending on the location (interconnect, data center, isp, etc)

Usually you'll see them in data center interconnects and within data centers where applications can support that and anything hitting the WAN will be fragmented

but the outgoing router would fragment it to 1500 then?

Depending on the setting of the df-bit, yes

I know you can use it within local networks

to get higher throughputs on PPS limited systems

but I thought there was also a way as to aggregate ethernet

Not that I know of, would put a lot of CPU load on the switches to reassemble or repackage frames

mh

that does make sense yeah

Although it's an interesting idea

it wouldnt be ideal for switching

but it would reduce routing overhead

yah

@clear igloo I guess perhaps this somewhat makes sense in relationship to MPLS

but ethernet is asynchronous isnt?

or is it sync?

async I'm pretty sure

@clear igloo you can get like a 10 fold increase in perf theoretically

but it'd require some fast algorithm for sorting and grouping in realtime

while respecting FIFO as much as possible

Yah, maybe a dedicated ASIC for that

yeah its two concepts that dont mesh well

but you could make it work with tradeoffs

yup

@clear igloo UDP

I heard you like real-time voice drops 😄

suddenly when out order of bytes

applications HATE him
packet aggregation man!

PAM

@clear igloo Lets see how shit this place's network is today

https://en.wikipedia.org/wiki/PAM_Transport

10m hubs in chain

lol

I prefer PAM4 😛
https://www.keysight.com/us/en/solutions/high-speed-digital-system-design/pulse-amplitude-modulation-pam4.html

@clear igloo the better the SNR the more PAMs you can do

@clear igloo I'm hoping at this place I don't have to do a lot but we'll see

I'm hoping the APs are in a decent spot

and that the cabling is at least Cat5e

yah

cat1 16A

it pings

slowly 😛

I know they're at least doing 100Mbps

So I just hope its whatever on each ends

you can do gigabit on shitty copper

Since they probably have a 10/100 switch

as long as you have 4 pairs and short runs

200m runs 😄

lmao

next to HVAC power

and the only wifi ap is next to the kitchen where the microwave is

Iirc they have drop tile ceiling

I hope that's the case

Nice

drop tile makes everything so much easier

I hope stuff is labeled too

aka the runs

That would make life easy

Where is it located? I got some label makers to use >.>

@rocky badge you know that never ever happens in real life

Near me 😉

brb, got to make some labels 😄

lol

labels them all to port 1

the actual rack is in a closet off the gym

what is gym?

a person?

LOL

@clear igloo https://blob.rocks/0AVn4lzV1P.png

I still can't decide if I want to throw office stuff onto a different VLAN than management

https://www.youtube.com/watch?v=PGLzm-Gy0dQ

yes

Yes, that's exactly what I had in mind 😛

most important substance for screen dwellers: coffee

gives you that 30 min boost and makes you awful for the rest of the day

yup

30 minutes of work before people show up to the office

That's why I get up early (or did before covid, now it's just habit)

If I have to get up

and be at focus immediately I drink coffee

if i have more time, I drink tea

its not as jittery

Good afternoon, anyone here good with pfsense? I have a setup where i have a subnet NAT 1:1 to opt1. However checking ALL the rules and all the settings, OPT1 does not transmit any data but i can see the servers trying to connect to it :/

i have been trying to get it back to work in the last 2 days no succes so far.

what are the source and destination ip addresses in port forwarding?

had my isp changed recently am tryna port forward my mc server on this new router

and i see some....

unfamiliar terms

to put it in a small mindmap:
I have one public ip from my ISP and a subnet that is /29 setup as virtual ip's on the WAN nic, i have mapped them 1 to 1 ie 80.127.152.114 -> 80.127.152.114 on the opt1 network, it has worked like forever and the rules have not changed but after i have reinstalled and restored the config, it just stopped.. it receives traffic and a packet scan reveals this aswell but there is nothing being sent back to that network from nic opt1

i have cleaned it all out and manually readded it, no succes

i have cleaned the rules on wan and opt1 and readded them, no succes :/

@low kayak you normally only fill out the destination IP

aight ty

@low kayak most of those ISP routers dont fully implement all of NAT's features

and even consumer routers

port forwarding is just a dst-nat scenario

Destination network address translation

also it seems my isp uses cg nate so i cant port forward

yeah thats big oof

but they still have the option in the router firmware

@low kayak NAT is just a fw feature

and its like proper legit self made firmware

almost every router can do it

oh

CG-NAT means that your ISP shares public IPs between multiple subscribers

you dont have your own public IP basically

do the isp not offer ipv4 public addressing for extra cost, or to their business customers or something? that would explain why the fw had it

nope maybe for businesses but no consumer option

meanwhile, I'm sitting on a /29

whats a /29?

a /29 IP block

that's 8 addresses

you know the usual 192.168.0.0/24

its 24 bits out of 32 bits that are used for network

so a /24 can go from 192.168.0.0 to 192.168.0.255

i see

@low kayak sometimes called the subnet mask

a /24 is same as writing: 255.255.255.0

it just defines what bits on the address are part of the network

I can pay for a /29 (or even a larger block if I want) and years ago used to, but now with SNI proxies etc I don't see the need, not for anything I'm doing anyway

https://www.bogotobogo.com/DevOps/AWS/images/VPC/IPv4-CIDR-Chart.png

@low kayak basically ^

also if I really need something publicly facing, well I have an IPv6 /64

ew

why not /56

/48 or bust

Problem with this is that not everyone has v6

I wish

@low kayak so with this. You can have multiple networks. Like:

192.168.0.0/24
192.168.1.0/24
192.168.2.0/24
etc.

it seems i do have a /48, shows how much attention i pay to it lol

Because with a /64 you can't subnet

You only have 1 subnet

@clear igloo I will give you a /65

well you CAN with a /64 but you should never do so

Well yeah

stupid android -.-

you know what is stupid in both android and iOS ?

you can't set MTU size for L2TP.

its STUPID.

Dhcp6?

yup

exactly

That's needed for subnets less than /64?

Other way, SLAAC won't work on anything less than /64 (a /65 or smaller)

and android refuses to support DHCPv6

Oh yeah, that's what I thought

i have only had IPv6 a few weeks since switching ISP, since Vermin Media in the UK still don't see fit to bother with it, so not really done much other than enable it on my router

test loops of zen

etc

ok so...i gave up on port forwarding

now i was tryna setup a network using this uhhh zerotier

but like i cant ping the server

even though it shows both devices on the network

don't be hating on my /127 links

/127 and /31 ftw

@hollow marlin last time i did a v6 MPLS with VZ or ATT, dont remember, /64 required for CE/PE

Same for us, all our edges filter no less than a /64 for any VPN circuits

If its a peer looking for v6 PD we will use a /127

im talking about peering subnet

we didnt have limits on larger prefixes

Are both sides behind cgnat?

It is what it is

Yes, ISP’s can see the websites you go to. Doesn’t mean they care or actually ever look. VPN can hide this, but then the VPN provider can see everything.

@dusty epoch a vpn is usually just an IP tunnel

it encapsulates the data, and usually encrypts it

against what?

no

its just what Point-to-point protocols do

same kind of mechanism is at play when your DSL modem connects to your ISP

uses PPPoE, another PPP protocol

VPN could be L2TP

or Wireguard

I mean, you are communicating yeah

usually the idea of a VPN is that if you are at some public wifi

you can route all your traffic through an encrypted tunnel and use a network elsewhere

helps for local eavesdropping

but most traffic is already encrypted anyways

another use for VPNs are things in the enterprise. where a company may have two offices

and the two offices are connected through a VPN

or individual company phones and laptops

route all their traffic through their VPN

this is nice, because it allows those devices to access services behind the firewall of that company

I use it on my laptop and phone, so I can access my NAS even when I am not at home

sets up VPN to my router, and allows me to access devices on my network

this marketing you see on youtube

for "Get vpn to stop hackers"

is bunch of snakeoil nonsense

@dusty epoch protocols like L2TP can use IPsec for encryption

https://en.wikipedia.org/wiki/IPsec

yes

if you have a VPN you are just changing your trust to whatever VPN server you are using

lots of VPN marketing is bs

so misleading

more specifically, your ISP can see DNS requests and what IP is your traffic is going to

you can use DNS over HTTPS or TLS, which makes it so your ISP can't see DNS requests

but by the nature of internet your ISP will always be able to see what IP address packets are going to

if they didn't then it wouldn't work

unless you use a VPN

yes, the government can request information about specific IP addresses

not even the gov

if you let's say run a server and see lots of requests from an IP you can contact the abuse email for that IP if they are DOSing your for example

depending on the vpn provider they may log info as well

not really

if you want privacy use tor

but you constantly need to change your idendity

what are you trying to do

something illegal?

by definition of the internet you really can't be private

you could setup your own ISP

but that's expensive

peering, ARIN fees, etc.

probobly

also running wires to location

or leasing fiber

expensive

yep. annoyed i keep getting pitched for VPN on youtube

UsE a VpN, sToP hAcKeRs

Sweet!

like physical hardware?

Nah all virtual with 1300 page LAB guide. They provide their own lab with set amount of hours but im doing this in EVE

im still waiting for our CML

I got it to work! THANK YOU!!! I was able to connect my router to my VPN as well. It all works but my upload speed is rather lacking. I'm currently using IP Vanish. Is there a decent VPN provider that has a no logging policy, low latency, and fast up/down-load speeds?

I don't use any public VPN services so I wouldn't know

however, wireguard is generally the fastest VPN type these days

if you can find some provider that uses wireguard you will probably get the best performance

why do you want to use a public VPN service in the first place @peak prairie ?

just to get some kind of public IP?

@tame carbon There is an issue with BGP VPNv4 NLRIs and CSPF is failing, quick, you have to solve it in no less than 30mins. Go

@hollow marlin Did you reboot it all?

One by one, on R8 at the moment. Its only mid day core routers, customers can deal with it

😆

Yah, it will just be a blip 😛

"whats the big deal, we have graceful-restart on OSPF/BGP"

it's got nsr enabled right?

"whats NSR"

I have ran into that at the previous workplace

ooof, big sad 😦

Yeah, no NSR was setup nor peer advertising graceful capabilities

Not sure how it was missed upon that router being turned up but they know what to make sure is in the config now

I'll never forget being a lab person years ago and getting chewed out "because my port isn't up and it's your problem, fix the cable!" and when I logged in the port was admin down -.-

It almost gets to a point where the simple things later on get overlooked as well

To keep people from seeing what I'm doing... Why wouldn't I want use a VPN?

It doesn't really keep people from seeing what you are doing.. all you are doing is preventing the ISP from seeing what you are doing and allowing the VPN provider to see what you are doing instead. So if the VPN provider is trustworthy and you can trust them more than the ISP then maybe that makes sense. But if the VPN provider is as unknown to you as the ISP then all you are doing is stopping one untrusted source from seeing what you are doing and instead allowing another untrusted source to see what you are doing.

Got it. IP Vanish checks those boxes for me.

@hollow marlin omg.

@tame carbon There's about 4 of those troubleshooting labs and 4 configuration labs and you have 8 hours to do it. First lab simulation in this bundle is about 8 pages of requirements that you need to setup

@peak prairie in my case I highly doubt my ISP is snooping on my traffic or that they care what I am doing, so I feel that all a VPN would do for me is add overhead and slow down my internet

@tender hazel We just have DHCP option 82 and PPPoE for records to comply with regulations. We are using SPAN for IDP for a few customers but outside that, no DNS logging and netflow is only used for real-time tshooting. The big boys most definitely are but a VPN is just kicking the ball down the field in terms of trust

yup

yeah I feel like fios def is

ISP can see what is inside sit encapsulation?

sit isn't encrypted, so yes, but they would have to do some basic deep packet inspection to view the contents

yeah that's what I thought

with something like a mikrotik router in the middle you can't really do deep packet inspection with that.. I mean you could mirror the stream to some other server or device that could but it is an extra step you would have to take

🤣 https://blob.rocks/TiQDx6w27L.png

Yep, unless you have an internal system to inspect, core and edge routers just don't have to capability to, they just care L1-4 to maintain performance. Fios I am curious if they do. There is a point when the cost of appliance power and the decreasing effectiveness of inspection where its not worth it.

glad someone else can do that xD

Im going to be taking it in a few months so we'll see how it goes

@rocky badge

The bootstrap config is waiting for Nexus 9000v ethernet module up
The bootstrap config is waiting for Nexus 9000v ethernet module up

lol

Help I got a new verison play with unlimited data but the hotspot setting is blocked on my phone is there any way to bypass this @ me

Verizon lock it for a reason, so you would have pay for that feature. Also shouldn't ask about hacking on this discord.

@robust plinth we all hate mediocre ISPs here

so I think its fine

carrier locks on phones are cancerous

I have it unlock on AT&T with unlimited

you dont need an unlock

but that back when they first offer it. But they cant take it away from me

phone just NATs traffic

well yea.

ISP doesnt see a difference between your laptop and phone

and thus, these arbitrary tether limits

are purely a feature of iOS and such

Not like I even use it... Since year now

been nothing but at home remote..

another case of: 🖕 from your carrier

about it

what fiber connector is this https://cdn.discordapp.com/attachments/504779026339069963/825371274725163068/IMG_20210327_095726.jpg

sc os2 apc

Used for my gpon connection

it comes from isp, how would I plug it into my SFP switch

What isp?

telus

If they use gpon, you can't unless they give you a specific gpon sfp card for their connection

And that looks like gpon

Shouldn't it be plugged in ISP's router and than into your device of choice?

No

oh, my bad

Usually it would be to the isp ont, not router but some stupid isps just combine router and ont in one

I wish I could just use an sfp card directly into the router bypassing ont

But verizon fios is gpon and they don't provide a gpon sfp card

My ont

Blue cable goes to router

The thing on the bottom is fiber

Which goes to this

Which goes outside

Nice, my ISP have some ZTE (router/ont) with custom rom that makes it act like pure ont, but the quality of hardware is really nice

Active Ethernet is even easier

thats just single mode fiber with SFP

@peak cloak honestly, I wish they would nationalize the fiber network

same way they do with electrics and gas

nationalized, pure fiber service. The actual lighting of the fiber is done by ISPs

this way, every ISP could service, anyone anywhere at any speed

but that's not logical because money

@clear igloo it would be future proof

and fair for all parties involved

customers no longer get to deal with garbage DSL and mediocre service

Yah, somehow having someone else build out the fiber and let any ISP use it is devil thinking 😛

It would free the market up

We'll have none of your free market talk here!

@clear igloo no, I ment as in. if you get planning permission to build a neighborhood

there should be a distribution box for that area

and any ISP can use

Well yah, have a city build it out 95% or something and lease it to ISPs or whatever

like if x customers use isp A then charge x% for lease costs

it's directly in the modem, so you're telling me modem has a custom plug basically?

or am I reading your thinking incorrectly @tame carbon

@distant fern set the modem to bridge mode and then you can use your own router.

it just forwards your public IP to a LAN port

and things like phone and such are still handled by the ONT

@clear igloo well, kinda like how it is here where I am. A contractor gets funding from govt for building fiber out to an area, to anyone who signs up for the program

Well that your all in one. Its not a custom plug, however the pon encoding is completely proporatiary you need a sfp card that will work with the olt on the isp side, also the authentication and other things

@clear igloo I pay 13,50/month for the fiber itself, and dataplan can be with one of 5 ISPs

Ah, so what we do in the US now but instead the companies pocket the money and screw the customers

I did but I'd like to bypass that as Telus pushes updates frequently and it reboots

The COLOs and POPs would be an absolute nightmare.

@distant fern you'd have to ask your ISP for information on configuring your own ONT. Many ISPs do vendor lock in or MAC binding

so you have to use their devices

ahh :/

I wish they did MAC binding, you can clone a MAC but you can't easily clone 802.1x certs

@clear igloo my ISP just asked me to email them the MAC of my WAN interface xD

MAC provisioning with GPON is to prevent anyone from just plugging in a unused splice and getting free service

lucky, ATT uses 802.1x for auth and there is a bypass but it's not perfect either and requires specific hardware

@clear igloo lol you know whats creepy? I can see other mikrotiks on the L2 of my WAN

on other IPs on the /22 that my public IP is part of

couple CCRs

oh, no they no longer show up

Btw if we were on the topic of monopolistic practices, let me ask you what the heck is going on with the mobile data plans in US? Soon I'll be studying here coming from EU and here high-speed fully unlimited data plan + calls is like 15$/month meanwhile in US... I couldn't even find an option without data cap!

@olive viper there's also no roaming charges in EU

useful for people like me who live close to a border and cross over to see family

except germany's LTE network is total ass.

coverage is mediocre everywhere

There are some, Visible is unlimited but you might get lower speeds depending on the network load on Verizon

They disabled 3G in netherlands

since we have 4G coverage everywhere now

they used the frequency space for more LTE bandwidth

Fi is also good depending on your usage

It's like $45/mo for unlimited or pay by the gig up to some amount

Yah, Fi is decent and Ting isn't bad either

Yah, Visible is $40/month for 1 person but you can add random people to your group and lower it by $5/month per person down to $25/month

It's like a group plan where people can join/leave freely, pretty nice

Lol nice

Now it's getting closer to the normal price, I'll surely look into it soon!

Yah, if you want my group code let me know, saves you $5/month too so long as you're part of the group. No information/names/etc are shared either

I'll dm you in 5 months when I'm on my way to Uni

haha, sounds good, worst case you create your own group and get 3 other people from uni to join

and then you each pay $25/month 😄

It'll surely be a unique conversation starter 😄

I made my own VPN using this guide https://linustechtips.com/topic/1140511-diy-vpn-pritunl-setup-tutorial/ and although it's connected, many websites e.g netflix appear to be blocked (I assume because it's a data center IP from Vultr.com). Is there anything I can do? My ISP sells blocks of IPs - is there a way I can use those somehow as they won't be blacklisted?

No, when your ISP sells you a block of IP addresses it's tied to your home account, you can't transfer them to a VPS

Depends. We've done it

I dont know the logistics around it though

Yah, for home users you're generally leasing them not buying them from a RIR

so if I host the VPN on a local machine, can I use the leased IPs to make my own VPN? I don't know if that makes sense - I'm not great at networking

@clear igloo NAT through wireguard

No, then you're just doing a VPN within your LAN

If you want to VPN back home and browse then it's fine

right but does it obscure my normal public ip?

no, how would it? you're just leaving your same network

I swear these VPN companies have to stop marketing this bs

everyone completely misinterprets vpn xD

That is kind of outdated at this point

in what sense?

well, first of all CentOS 7 and 8 are no longer gonna be supported

and now there is the wireguard protocol

that makes the older OpenVPN standard the Pritunl uses (i Think) a little slow in comparision

well the problem wasn't that it was slow, but rather every site seems to know it's a vpn

Oh yea, you should probably change the port for that

It's based off IP address, not port

Because the defalt port is know as the "OpenVPN" port

really?

Yes

source port is generally randomized, destination port is not

Huh

Well, seems like I've got research to do

what can I do if I want to make my own vpn but not have it blocked..?

What do you want a VPN for anyway for general browsing?

Websites don't know what port you are using for vpn

What do you need vpn for in the first place

I think Lurick made that clear, but thank you anyway

access geo restricted content

Then you'll generally need a not well know VPS provider or a friend to host the VPN endpoint

so azure doesn't count?

surely any of those ips will be categorized as data center?

exactly so they're generally blocked

drat

It's not a perfect solution and sometimes you'll get lucky but generally I wouldn't expect it to work for too long

Hi guys, are every IPv6 address OpenPorted/Public Address?

Is it possible the ISP distribute private IP to us?

can anyone help me register my domain with cloudflare? its saying its not a registered domain but says active on the registrar

Windows 10 network bridge: device on end of bridge = running perfectly. PC hosting bridge has <1mbps upload speed on ethernet and should have 1000Mbps local, 500Mbps internet. Any ideas?

We've disabled IPv6 as that was the only info I can find online. And that hasn't made any difference.

Give it some time, like try it 30min ltr.

alright'

will do

I hired 600 mbps but my pc only gets 100 mbps, any ideas? the cable is cat 6 and the motherboard is the asus x470 prime

you should check to see what speed your ethernet links at

what?

ethernet can link up at 10Mbps or 100Mbps or 1000Mbps

depending on the capabilities of the ports on either side, and the quality of the cable

Yeah it might be the EthernetPort on either ur desktop or switch and the ethernet cable

you can go into "change adapter options" and double click on your ethernet interface

it'll show you what speed you are linked at

can i just change it?

no

and what should i do?

so first check to see if it is 100Mbps instead of 1Gbps

yeah

its 100 mbps

ok so then the problem is either the adapter in your motherboard is not working at 1Gbps, or (more likely) the device at the other end of the cable doesn't have gigabit ports on it or you aren't plugged into a gigabit port, or the cable is faulty

Are you using powerline adapters? If so what model?
What model router/switch/etc.?

one end of the cable plugs into your computer, what does the other end of the cable plug into?

the router

what model

hm...

its MitraStar GPT-2541GNAC (HGU)

its from an internet company here in spain

It's got gigabit ports, is the cable damaged at all? Any wires exposed or really sharp bends in it?

maybe

i mean

you can also try plugging into a different port on the router to see if it links up at 1gbps

but it is probably a bad cable

If any of the wires are damaged then you'll only get 100Mbps

yeah, i think its the cable

thanks guys

:D

Anyone familiar with Windows 10 bridged networks?

still doesnt show up as a registered domain

How ipv6 works is that every lan ip is global

You should get at least a /64 block of ips from your isp

Which is like trillions

What you should have is firewall on the router to drop/block any new connectoions to lan

/64 blocks are nice

And then you open ports to specific ips/devices you need

/64 is the smallest routable ipv6 subnet

i use /64 blocks for lavalink

In reality most isps give a /56

very useful for that

Lava link?

its an audio sending node

that i use for discord music bots

You changed your namservers right?

i cant change the nameservers to cloudflares since cloudflare is saying my domain isnt registerd

Oh

Huh

Where did you buy the domain from

godaddy

i got it for a dollar

give it time to propegate

its been a while

ihave another domain

that i use for mc servers

but i use a subdomain for that

so mc.domain.com resolves

but how can i make domain.com resolve to a discord invite with only cloudflare

what dns records do i need to use for that to resolve

well dns can't point to a url

without a webserver

but I think cloudflare has url forwarding

that does that for your

hey guys i am tryna go pro in gaming should i buy a 10gb network or get a gaming router plzzz help

oh yeah i got url forwarding

now to wait until this domain works with cloudflare

10gb networking won't make you a pro gamer and gaming routers SUCK

try a whois on the domain

i am already a pro

i just need better networking

use ethernet

and there you go

get an ER-X or HEX-S

i already use a cat 8 no difference

and you are off to the races

No registry RDAP server was identified for this domain. Attempting lookup using WHOIS service.
Failed to perform lookup using WHOIS service: TLD_NOT_SUPPORTED. does this on my other domain too but my other domain works fine

cat 8 is not even a standard

you just got ripped off

it was like 10 bucks so no i didnt get ripped off

yeah so cloudflare does that and it sees it's not registered, just got to wait I guess

it showed up now

changing to cf ns

ah ok, cool

what service do you get from your ISP

what does that mean

🤦

what does your ISP give you

upload/download

is it fiber

cable

dsl?

weird

i live in canada

ok

i set up forwarding for the domain but https://domain.com doesnt work but domain.com works

i get 30 to a 100 download

and i set up forwarding the exact same

and upload 80 to 100

?

I think it's http vs https?

i have it to always use https

try both

http doesnt wokr either

huh

are you including the slash on the end?

It shouldn't matter from my knowledge, but still

tried both yea

show your settings?

entry 2 and 3 work but when it comes to https without www it doesnt work

show DNS settings?

the main dns zones that is

I read somewhere that you may need a A record

i probably do

ah

prob because there is no root record

idk though

maybe it's on the very top?

it's been a while since I used cf

those are the only 3 dns entries i have

dont think i have a root record

try adding a record for root

Hello i have very simple question. Is uploading 3 videos at a time same as uploading one by one ?

whatever bulk upload on youtube is bad to do

I mean it's probobly the same speed as doing it one by one

because less bandwidth per each

Thanks 🙂

Yeah, it was the mf cable

Nice, at least it wasn't the motherboard or router 🙂

Yeah

@clear igloo I've had like 2 tplink routers that just spontaneously would stop working

they start dropping packets like mad

and I got one here, that I salvaged from a garbage dump

and it has the same problem

drops like 5% of its traffic

I powered it on, did factory reset

and it just has insane packet loss to the device itself

what is this? planned obsolescence ?

Sounds like shoddy electrical or something and the $0.01 extra cost isn't worth it to them

yeah but I don't get it

those tiks work fine after 10 years

even the cheap ones

operating system runs fine.

it just drops packets

Yah, make them last long enough to get past the warranty and not a penny more type thinking probably

yeah but I am wondering

how

because if its some kind of trick in the silicon

you can get a big lawsuit going xD

because that would be a scandal

I mean, hardware that selfdestructs is unethical

Yah, a capacitor issue is something you can usually see but constant packet drops is very odd to say the least

they use super cheap parts in their routers

that's never a good thing as far as reliability goes

I mean maybe something did leak and corrode/expose some traces which could cause plenty of issues and not stop it from working completely

i just have flashes of images of dead routers, piles upon piles, each used 2-3 years.
and died but not not forgotten

Can I just say... i hate VPC sometimes

When it works it works. When you have to play with it or the switch gets unhealthy, yuck

How do you mount one of these to a vaulted ceiling?

Whole house vaulted?

Middle of it, no attic, just rafter framing.

Not built up yet, better to do it now?

Any beams in middle or going across?

Mean like that?

These are just pictures I'm Googling, trying to figure out how I'ma do all this

the wiring

wifi off these things still fine at an angle? LOL

if you have beams like that you can mount it like the light. Either run the cable from the beam, or going up the wall into the beam.

I mean the walls can cause wifi to bounce around.

Either that, or get a wall adaptor unit. If that Unifi they have wall onces.

Oh, like this?

that one of these

Oh, it's not directional though is it?

I haven't used one of those, so I couldn't say yes or no on them.

Ok thanks, I'll look into it

np, hope those work for yea 😄

anyone here use pfsense as a wireguard client?

🤔 So what has been peoples experience here enabling "Jumbo Packet" in the NIC settings? How does the game perform with that enabled, to say 4088 bytes? How well would this work for me with my motherboard? I have a Gigabyte X570 Auros Master.

I don't think multi-player games will benefit from jumbo packets. IIRC packets from games are already pretty small. Jumbo packets are useful when working with big data transfers when you are sure your network is really stable

I see..yeah I actually tried it before and I didn't really have a good experience with it. I just figured things might be different now that I'm paying for 1 gb speeds and using a Cat6A Ethernet cable.

@lone sun there's no point in using jumbo packets other than for a local network

your WAN is 1500 bytes, so it will fragment

but even so, it only makes sense in situations where you are bottlenecked by packets/second instead of bytes/second

reduced switching overhead