#networking

There's a reason why my SOPs are dozens of pages

Doesn't help if no one reads em. Wrote documentation for our entire golden image network, from login creds, to network maps, and update instructions, etc. I leave for a month on leave, and they didn't bother to look on the main management desktop for the docs, or see the multiple paper copies I left lying around. So they reimaged EVERYTHING.

Then asked me why stuff wasn't working

Hi

Can anyone suggest me a good wifi router

Under 70$

For 300mbps plan

Ok, seems like no one is online

@thick minnow sup

now there is

under $70 you will never realize the full speed of your internet plan. I consider that price a throw away, just grab a tp-link or something they are all pretty much the same at that price.

@unreal vale wat

tplink

ohhhh

thanks

@thick minnow

The only reason why you would use raid with NVMe is if you wanted to have some kind of crazy fileserver like LTT does

but they do use ZFS for storage pools, that use software to share a bunch of drives

Oh ok

@thick minnow it could also be used to speed up magnetic storage

two HDD's in RAID-1 would make reading lot faster

because the data is stored twice

the system can read off both devices at same time in paralell

Yea ok thx

@tame carbon what was the software you were using for screenshots where you could draw those arrows and stuff? Looks pretty handy

https://getsharex.com/

great

ty

@limpid lion sharex can do quite a lot

its completely pluggable

so input, type, source, then processing steps

and then finally a destinatioin

you hook these up to a shortcut

and you can do screenshot, add some arrows in like 10 seconds

and have a link in clipboard to share

https://i.imgur.com/UXiLRDv.png

I use it mostly to blank out sensitive information from screenshots

a lot more useful than my current screenshot program

on my linux system I just have a plain old screenshot tool

I’ve used greenshot as my capture tool. I’ll investigate sharex, but I’m pretty happy with greenshot at the moment

@waxen saddle https://i.imgur.com/yBQznXR.png

Screen/area recording to gif is a definite task I’ve been wanting to do.

Could help a lot with email tutorials.

Is that KDE?

Or wait

windows lol

It's windows

@thick minnow shit. https://i.imgur.com/8knUCGA.png

wtf, I had 1 nugget of uranium-235 in my inventory, that's hardly dangerous

I use flameshot

screen2gif on windows, peek on linux

So many things to do! Check out sharex and screen2gif and peek. Dockerize mashcentral. Mow the lawn, paint some trim, peel up carpet padding.

I want to move my sharex image hosting service to the cloud

It wouldn’t be hard, just deploy it to aws or something using docker

And the storage backend is S3

Each folder in S3 is a user, then each image ID is a folder within that, then the actual file

So the entire service is scalable 😄

Since the docker container doesn’t contain states, the database can be scaled, and S3 storage

But it’s just running on my R620 at home right now lol

Is there any benefit to using blade systems instead of regular 1U machines?

higher density tho

like 6U, can fit 9 machines

but but does the blade enclosure provide other kind of connectivity as well?

Yea sometimes some flexible ones have like flexible "cards" or so you can attach for fabric based networking and stuff

It depends, sometimes depending on the models your flexiblity can go up or down

Interconnects

And central management

the cheaper ones or the older ones don't have much flexiblity. but say a HP Synergy has quite a lot of stuff you can do, really interesting ones

For Dell they have idrac on each blade and the chassis controller

Then you can throw in Cisco or Dell switches in the chassis

for HP i think they have "image streamer" that allows you to like i guess remotly mount installion stuff in each blades, and then they have a centeralmonitor which checks each blade and their statu's and stuff

Dell has one that does 4 blades in a convention 2U

https://www.dell.com/us/business/p/poweredge-c6420/pd

Yea I think one of them even does dual EPYC

per blade, on an 2U 😛

Yea

https://www.dell.com/en-us/work/shop/productdetailstxn/poweredge-c6525

Two epycs per node

2TB per node

isn't that just amazing 😛

wait so one blade with that many cores? :P

Yeah C = compute

M = modular

From an aquaintance:
anybody well versed in networking sorcery? I wanted to have my local Nextcloud server available to me on the go, but without having to go through setting up dyndns and hardening and such.. TLDR I set up ZeroTier, created a private invite-only network and added the server, but I can't get to it via the zerotier IP... any idea how I can get it to "bind" to that IP instead of the normal LAN one?

does netstat say its bound to an IP?

could just be a firewall issue for all you know

nmap is pogerrs

quick flex

Upload: 30.8Mb/s

I'd rather have half that speed

but eqivalent uploads

oh yeah lol

delete or ban

<@&750150305383186585> when you got a second @tame carbon and @thick minnow are breaking channel rules with low effort speed test screenshots

no sense of humor this man

@tame carbon lets keep the posts here high quality, please

@tame carbon have you seen r/sysadmin lately? lets not do that

makes me sick

lol

you bore me

can't even take an obvious joke

I came to see ban

What if I told you this was a big brain only thing where I knew you were joking, so as a joke i reported you at the same time

^

You got the whole squad laughing

😐

Unless you're all looking to be null-routed, I suggest returning to the topic of networking tech 👀

null route me

So, I am using wire guard to connect to a friends network in another country to watch Netflix shows with her, but for some reason I can’t get into her Netflix Location so we can watch together. Was wondering why that is.

I don't know anything about wireguard but networking 101, to use her internet you need a default route from your computer to the tunnel going to her and she needs a route to you from her router so that the traffic comes back to you

We have one setup.

We followed the wire guard guides, as that is what everyone told us to do. We wanted a free way to do it. But it’s still being quite stubborn.

@ancient osprey you obviously still have something wrong with your wireguard setup

mhm

if its not working now and you can browse the internet fine somethings horribly wrong

if it was half working your internet wouldnt work

I have a router with DD-WRT and it let me set the 2.4Ghz channel to 13 even though I am in the US lol

uh you can't use channel 13 in the US

Should we reinstall and try again?

I don't think WRT has region settings, at least my version from 2018.

it isn't necessarily that you missed a step somewhere. There are so many different ways you can set up wireguard and so many different scenarios.

the procedure you followed you might have followed correctly, but you are wanting to do something very specific that may not be exactly what the guide you are using is meant for

you should share your config on both sides, hide the keys and public IPs etc.

Okay. One sec.

last time i did this with openvpn I had to define the VPN subnet, which was different than any of the networks on the local or remote sides, then if that VPN network was 192.168.3.0/24 I had to install a static route on the remote side router (where I want to use the internet) to point to the server hosting the openvpn as the next hop. Next, openvpn had to be told to use the DNS servers from the remote side as well.

wireguard is not openvpn

i know

fundamentals are going to be the same

[Interface]
Address = 10.0.0.1/24
SaveConfig = true
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE; iptables -A FORWARD -o %i -j ACCEPT
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE; iptables -D FORWARD -o %i -j ACCEPT
ListenPort = 51820
PrivateKey = <Key>

[Peer]
PublicKey = <key>
AllowedIPs = 10.0.0.0/24
Endpoint = <My public ip>

it gets even harder too if that computer hosting the VPN at the remote side has a firewall. you have to not only allow the VPN connection from the internet but you also need all sorts of rules for a tunnel (or allow all). Next the computer hosting the VPN needs the ability to forward traffic which is not on by default in linux if i recall

[Interface]
PrivateKey = <key>
Address = 10.0.0.2/24
DNS = 1.1.1.1, 1.0.0.1

[Peer]
PublicKey = <key>
AllowedIPs = 0.0.0.0/0
Endpoint = <her address>

first one is the "server" side the second is my client side.

i didn't have my client interface selected, but now i'm in a loading hell. it wont load any websites

ok, can you ping an internet address

in cmd

try

ping 1.1.1.1

that is a no go, I just get timeouts

ok so you have no internet at all

try to ping 10.0.0.1

I assume that's the wg server internal IP

I’m not sure if this is the issue, but I’ve always done a /32 on the “client” interface address

it shouldn't

And also here, are you using the correct interface, dumb question but making sure

The AllowedIP's on the server side should probably be 10.0.0.2/32

instead of 10.0.0.0/24

^

I thought that was a wildcard. but I should fix

it uses it to tell the peers apart.. if you have another peer it would have a different IP in the same /24, and so that's why you use the /32 so that that peer relationship only applies to that specific IP

Also, you don’t need to define endpoint on the server side, you can leave that alone. Again you can do that, but just trying to see if a working config like mine would work for you

okay. one sec

@ancient osprey can you run ipconfig and check to see if you have an IPv6 address other than ones that start with fe80:: ?

This is all of my wg conf with some private stuff redacted for a peer

no ipv6

You wouldn’t have ipv6 on the wg interface if you didn’t define one?

I mean he might have ipv6 on his computer

It won’t auto conf ipv6

Ah ok

in which case the netflix traffic would go over his local internet instead of through the wireguard tunnel

because netflix is all on ipv6

Yeah

That would make sense lol

so I'm connects viz the tunnel

but it still takes me to us netflix not her netflix

but I have her ip address

go to https://whatismyipaddress.com/

verify that you only have an ipv4 and not an ipv6 address, and that it shows up as hers

I only have her ip and my location shows her country

are you using like a netflix app or the website

the website

what happens if you try starting a web browser you don't normally use and use that to log into netflix

chedcking now

still us

try pinging 1.1.1.1 again

does it still time out, or does it work?

it works now

ok

try tracert 1.1.1.1

make sure the traceroute output shows it is going over the wireguard tunnel instead of your local internet

it should be

it shows its going to going thru her country steps

and if you ping ipv6.google.com you get no response, correct?

i get unknown host for ipv6.google.com

ok good, so you certainly don't have ipv6

but then I have no idea what is going on

you are running windows, correct?

I'm on mac unfortunately

ahh macos, ok

on macos it would probably be ping6 ipv6.google.com

yeah, uni. I'm studying networking. First year... not doing so hot

mac is more similar to linux than windows to linux

instead of ping

I get No route to host

ok, so no ipv6

but then it should be working

what's the issue exactly right now?

it is working, and everything shows he is coming from the other country but when he logs into netflix he gets US netflix

probobly netflix being resistant to vpns

if they are using the same account

no, we are using different accounts

normally, you think it would be a problem..

are you sure you are getting US netflix? how are you checking.. are you trying to search for a show that is only in the other netflix?

so your internet works just fine, can watch youtube and stuff?

yes

maybe netflix cookies?

or other device fingerprinting?

idk

internet works just fine. I try searching for a show only on her countries netflix

run "netstat -rn" to print the routing table on your computer

do you see any.. weird routes that you wouldn't expect?

i.e. things besides your local network, wireguard network, and default gateway?

I just see my locals

wireguard and defaults

I believe Netflix's fast uses the same server selection as Netflix itself

So you could probably see what it's connecting using that

this might explain it

I found someone else with the same problem

Wow that sucks

i just tracerouted and it shows a hangup before reaching netflix what connected to my vpn

so if your friend is in europe, according to european law, you have to be shown US netflix when connecting via europe

luckily shes in canada

ok

well they may have made that apply to everybody

that's my best guess

traceroute is just spewing * * *

When you say "hangup", do you mean just a long series of hops timing out?

all i get is * * * now

Those are just that hop's firewall blocking icmp usually if you can still access the site

yeah, traceroute results can be misleading and make you think there are problems that are not there

your VPN is fine

everything is set up correctly

the issue is that netflix assumes you are travelling to the country temporarily

and is still showing you the US netflix library as a result

Which I guess its something with Netflix blocking ICMP https://blob.rocks/YzPboBKS6W.png

because I'm getting the same thing, but I can still access netflix

weird. we tried this, because we know some vpns do it but everybody told us using wiregaurd is just fine

some vpns aka VPN services or protocols?

both

this isn't to do with VPN blocking

they would have no clue you are connecting via a VPN

^ especially now that it's via your friends IP

if it was some actual VPN service they may block it

Yup, they just see its a res IP

I have a linode vps setup in canada for a remote desktop experience to learn more without tearing down my machine 24/7 and tried with the same config still nothing

So Netflix probably upped their anti VPN

they would just see it as if you were travelling to your friend's home and going on netflix there

if you were to fly to canada

go to your friend's home

and log into netflix

you still would not get the shows

you would still just be getting US netflix

https://help.netflix.com/en/node/24853

I'm guessing that netflix just took their EU rules and made them apply to everybody

hmm, nvm that's not really helpful on this

it was probably easier for them

and cut down on use of VPNs to access other countries libraries

if you were to log into her netflix account while on the VPN, you would get canadian netflix instead

I guess some of the copyright holders got mad lol

it's weird though, I was testing privatevpn and it worked just fine, but we thought this diy approach being no cost would work just fine

guess paid vpns are. the standard why to go now... 😦

huh

weird that another vpn would work

how long ago did you try privatevpn?

Were they around the same time?

^

literally lastnight while working on this\

huh

we were up until like 5 working on this dumb stuff

in my mind there is no reason that that should work, but not a your own vpn to a canadian IP

weird eh

try it again and see if it still works now?

or is that the end of the trial period

I tried this morning and it works fine

And you're sure you were able to access geo locked content?

I have like 24 hours left on the trial period

Because netflix will work on a known VPN (to netflix), but only international content

it showed me canadian netflix. We just finished ride along and from what I saw was only on canadian netflix not us

try it again and see if it still works

if the trial is still valid

Connected me instantly to CA Netflix

yeah, that doesn't make any sense

but your wireguard setup is correct, you don't have anything set wrong

and netflix has no way of knowing that you are connecting via wireguard through your friends house

Maybe if you were using the Netflix app, but not in browser.

But I don't think Netflix does that

not yet...

sadly

is the VPN connection in the same province as your friend?

ye

luckily she in ON

anyway, your wireguard VPN is working correctly, but when you log in from her home, for whatever reason, netflix doesn't allow you to connect to canadian content and forces you to US content instead

it is something netflix is doing

how the VPN provider gets around it, I have no idea

the only explanation is that netflix is somehow now also tracking residential ranges to try to prevent this kind of VPN-to-a-friend means of getting around country restrictions

or that the VPN provider is doing some crazy stuff to force netflix to display canadian content that otherwise would not show up

i tried from a vps of mine and to seems to do the same thing my friends connect does

yeah I think the vpn service is doing something funky to make it work

idk

it isn't anything we can help with though

you might just have to break down and pay for the account with them to watch it

unless you log in with your friend's credentials when connected to the VPN

that would work

yeah I think the same thing

yeah... ugh, she knows I hate those because "paided" ones because their log policies are garbo

it seems some people use unbound to help with these kinds of things>

unbound is a dns server

how would that help?

no idea

I used to subscribe to this DNS service that let me watch US netflix

at least at the time, the country choice had something to do with the dns records used

yeah, some people are saying use dns proxies

huh

maybe find your friend's ISP dns server and use that?

but I doubt it would work

yeah you can try that, and I also doubt it will work

I'm pretty sure that the dns service that I used actualy rewrote some of the netflix dns records

yeah, big no go.

so that they returned a different server IP/name than they normally would have

basically these DNS services figured out a way to systematically override certain DNS records from what netflix wanted to resolve them to

in order to get the content of a different country to appear

probably the reason privateVPN works is because they are probably doing something regarding DNS

that's my thoughts at this point is dns indexing and the swapping for known good entiies.

if you had to go with.a vpn that is trusted and works well with user privacy who woukd you choose?

I've tried PIA and liked it in the past but since the Kape change i am not so lovin it

I've heard good things about mullvad

https://mullvad.net/en/

you can even pay with cash

WTF

thats so weird XD

they have like over 500 servers

openvpn

and wireguard

does it work with geo restrictions?

I'm looking at it and it looks promising

no clue

apparently looking online it doesn't work well with streaming

yeah I read that mullvad is not a good choice if you are looking for a VPN to bypass country specific streaming restrictions

ex. netflix

noice...

what about expressvpn?

mf cant handle my gigabit ethernet

works with 10 gig on a daily basis

my dad has 10 gig, never tried it tho cause theres a bs slow vpn on it and some antivirus which scans every packet sent or received

I don't have 10 gig at home

same

mf left lmfao

I don't really know what I would do with it even if I had it

my internet is fast enough for me - 300 down, 100 up

1 gig down 50 up

its good

i used to have 80 down so its a big upgrade

if you actually look at traffic graphs for people with these super fast connections, most of the time they are using less than 10Mbps

some people have gigabit cause they have like 7 people on their network and theyre all watching 1440p video on netflix or some shit

50 up 🥴

idc about upload tbh

I think I have like 22 devices on WiFi and 50 something wired

Average use everytime I review for upgrades is around 20-30mbps during peak hours for residential outside raw downloads

ok - might be different here

That seems like a normal number ya

Realistically Netflix/streaming doesn’t use a lot per client

I'd be interested in seeing what the outliers look like for that data

I can run some reports. Most outliers are ~120mbps peaks and the rest being large downloads. I only run it on connections 500 and up to get a better picture

I was just pointing out that it's similar to what I see. Many think that they need a gig and make use of it more often then not

Not trying to add to your work load for some random reporting. Just curious, and that ball park estimate scratches that itch

Oh yeah it only takes a second but I can get it over

We just have gigabit because it was cheap and it’s nice for larger downloads lol

ahh ok, yes, I agree

But I could probably totally live off of half of that or even a quarter

With my packet inspection, my gigabit is more like 750mb/s

I get line speed with DPI but then again my router is an overkill dual Xeon server lol

What rules are you inspecting with?

2620v2s

it’s just DPI, it’s not IPS/IDS

Although when i was testing IPS/IDS I got line speed

How many cores?

Right now I'm running my Emerging Threats, Snort GPLv2, and Snort VRT rulesets along with OpenAppID, off of 2 cores (e5-2407) and 8GB of ram

Oh its flood

Nvm

Do you think I should buy a Nvidia Shield TV Pro, or a HTPC (Mini PC, Windows 10) to run my Plex server, and for streaming Netflix, Youtube?

Hi, Anyone Online?

Me

Maybe

Depends on your needs, shield tv is a really good purchase regardless imo. Not really networking related however ^^

Yes

So, I thought my ethernet cable was broken BC I was only getting 100mbps instead of 1 gbps

Then Windows got an update, and know I'm getting the full 1gbps, thanks Microsoft

Is their a way to hide vpn server ip?

I don't think so, and I remember someone asking about it on Fiverr

Unless

You use a proxy

But I'm not sure

O I forgot about proxies

@tender hazel damn. someone threw a cable into the TV box enclosure without thinking.

When the TV was lowered by the motor into the enclosure, it got caught on the cable

ripping the entire PCB of my AP from the enclosure

poor hAP ac2

USB port is fucked, but the rest of the board is still functionally ok

are wifi mesh any good?

No

Multiple access points is the best

not sure this is exactly the place to ask but i figured ill give it a shot.

my verizon fios internet, which has for the most part worked flawlessly for years has started to intermittently cut out for a few seconds. for about ~10 seconds- 1 min several times an hour for the entire day. it will cut out. its already frustrating enough having games get cut off but now my roomates are trying to get me to get cheaper DSL because whats the point in having fast internet if its down 40 times throughout the day. I love my fios speeds, and dont want to get rid of them. can anyone point me to some possible solutions. verizon is no help because im not using their router

hi

i'm going to buy a wifi router for 200mbps

https://www.amazon.in/Netgear-R6850-AC2000-Gigabit-Router/dp/B07J4T8S2R

i have choosen this one

i was in thought of going with asus rt ac59u, but it was having bad reviews , so i choosed this one!

Router prob

Wait dsl?

Verizon is phasing out dsl

Its all fiber now

I have fios

Cheapest plan is 300/300

Dsl is known to be not that stable and is very suseptible to interference

Yeah i know, i dont want to go to DSL i want to keep fios, but if it cuts out 40 times a day then my roomates no longer want to pay for it. i want to fix it

wait

so verizon dsl or fiber?

if fiber

router probobly the problem

to test, try hooking up some sort of computer directly into the ONT

using ethernet

and see how stable it is

also

wifi or ethernet

Ahhhhhhhhhh

ASUS :/

i am directly connected to ethernet through a synology rt2600ac router

ill try the basement and connect directly through the ONT, but it may be a bit its not very predictible when it goes out

@sick pecan when it "goes out", does it actually go out? Next time when it "goes out" try in cmd ping 1.1.1.1

it could be a problem with DNS

ill test it. thanks for the tips

@sick pecan what does Fios tell you when you call the customer support?

Basically everyone is heh. Its more costly than Fiber to maintain

They tell me that they don't offer troubleshooting without their supplied router.

@plain siren tmobile is still rolling out fiber to the curb lol, in germany

They do the last mile still with VDSL

Germany got some fetish with their DSL infra..

their router is trash however. And i replaced it years ago with a synology rt2600ac

@plain siren well its just a once publicly owned, now privatized company.
https://i.imgur.com/rLIWpkg.png

understandable

I have my own setup

but ... asus though

in a rack

wait

rt

Synology makes routers?

yup

yes

Yea

and mesh network APs

looks bad

https://i.imgur.com/kKu7sXa.png

visually

At least their marketing is only 50% bullshit

Grandstream, the VoIP company makes some pretty dank APs for the price as another fun one

https://i.imgur.com/S2zAuZx.png

c|net

any savy user reading cnet

🤣

they ain't savy

Dual core 1.7 GHz

mh. probably enough for gigabit

dont like the no test results thing

Hmmm do I put the AdBlocking DNS behind or in front of the AD DNS l

https://i.imgur.com/S08aTEp.png

I put it in front

wat

that's the theoredical max of 2.4ghz

https://i.imgur.com/ncN8nca.png

A shitty graph in 15 seconds I made that I might do.

for 20MHz channels, there isnt much bandwidth

@plain siren do you have to take channel gaps into account for 5GHz ?

or can you just stack frequencieschannels up against eachother?

Ardoin.me being root domain (and placeholder for forest root)
Child AD Domains are site based

As long as you don't overlap them, even on the edge, you good. Keep it simple.

Those APs I have have two chains

what does that mean?

more chains = more extensions right?

Oh boy

oh wait this is just MIMO

facepalm

chains relates to the radio transceiver

If you have 2, you can Rx and Tx at same time

If you have one, you can't hear while you Tx

but does it at all correlate to channel widths?

No, channel widths are just bigger...... MTU's as an analogy

so what about 160MHz for 5GHz ?

Does that require client capabilities?

more extensions means more clients at same time

Ok take a look here

What happens when you go 160MHz?

You suddenly only have 2 channels available

not much left

If you have a ton of 160Mhz radios... They all gonna be on top of each other

There's a balance

Oh man

and I'm more restricted

because one of those 160Mhz blocks is indoor only

Many Streams/Connections/Radios, might wanna tighten them bandwidth numbers to make room

https://i.imgur.com/QK9BrJZ.png

rightmost is europe

what is TPC ?

There's another way of going about it

@plain siren I can get away with sectorizing 2.4GHz

If you drop the broadcast power of a radio you can shrink the overlap physically

that gives me three channels

all I want is the higher bandwidth of 5GHz

Your radio needs to talk louder than the noise behind it, but not so loud that they can talk over each other

@plain siren ok but I can measure this right ?

go to the other AP

and run scan

If you can overcome the deficit of the background noise, you can maintain full control of your local RF environment

That is the key to a well designed distributed radio communication system.

okay, but what is acceptable noise levels then?

Shit, you could foil line your outside fence for all I care

I don't know how to read the dBm scale

This works and it's as stupid in looks as it sounds.

dBm is EXPONENTIAL hehe

Yeah I know that

with sound its a 3 fold increase

per integer changer

but idk what is "good signal" and "bad signal" when looking at the numbers

@plain siren the stronger the signal, the better modulation techniques can be used, right?

Okay run a channel scan and freq scan and give me the result

Fuck it, we will do it live

So what we want to look at first is any background noise and it's intensity

That will be our "noise floor"

@plain siren well the setup I will be deploying will have 0 local noise

https://i.imgur.com/lKRDSp1.png

but this is @ home right now

Our "gain" is our APs signal minus the noise floor

I can see the SNR

Yeah that's nice tbh. Which column is which lol I hate this UI

https://i.imgur.com/8zJn8la.png

all these are neighbors btw

If your signal to noise ratio is high, that means your signal is coming clear

yeah but what is high

We can get a good idea of that by looking at your AP

https://i.imgur.com/Rxh9d1t.png

Can we get your APs printout

I know what the specification says but that's best case

I like to take a more realistic approach

@plain siren ok what about the phone on my desk

and my AP

So ideally, if you have 2 WiFi radios on top of each other, they will take turns talking.

Which is why we say keep to those 3 channels on 2.4

But your phone most likely does not broadcast at the same power as a stationary AP

That being said

If you are close enough, you can get what's called "Front End Overload"

@plain siren so what do I do if I have 2 sector antennas on the same pole broadcasting

do I put them each on a seperate channel

?

I presume both of these antennas are attached to the same transceiver?

@plain siren https://mikrotik.com/product/mantbox_52_15s#fndtn-specifications

Or are we talking about two different broadcast units

No, I am theorizing about this right now ^

I will have multiple locations with 2 or 3 of those

they only do 90 degrees on 2.4 and 60 degrees on 5Ghz

Considering these are directional

If there is no overlap in the physical RF topology

You could use the same Channel

If they can't hear each other, they can't interfere with each other

https://i.imgur.com/35X6o3I.png

This is along the same line as reducing power

Yeah, I would put some shielding between the 2 devices but that would open the RF Environment back up for additional channels on your full coverage

mh

You only want to use different channels (if you're being this picky about it), if the radios can hear each other

@plain siren yeah but the question is

how many 80MHz blocks are there

that I can use

I want to create this CAPsMAN configuration ahead of time

and label them

so I can draw this all on a map

6

@plain siren outdoor only

Hmmm

Prob like 2 tbh huh

there aren't 6, that's including the weather radar

wtf

we're in a valley

Yeah I noticed that and wasn't thinking it's 4 in that spec

That's so garbage.

Honestly you're going to have to check local regulation

wtf.

So few space to communicate in

you might have four 80mhz channels if regulations allow you to do use that first one outdoors

What do they want me to do?! https://i.imgur.com/K3VugGa.png

So... 3..

12x 20MHz

I count, not a lot

Wait no 144 listed so 2?

two and a half

Btw TPC is 802.11h

does this concern me?

there's also some SRD here

what is that?

TPC is a dynamic broadcast power that literally fixes the whole "too loud APs" thing

It sets the broadcast to what's needed, not to absolute max

Short range shit

Damn reply sucks on mobile

SRD is like... A pacemaker

https://i.imgur.com/EuzqypL.png

that's where the last 80Mhz has dissapeared to

Yeah 25mw is tiny compared to 200mw/1000mw

So they have little concern of interference

well

I dont want to accidentally stop someones heart

can I broadcast on these frequencies or not?

when you set the country and set regulatory domain, it won't let you go above what the country specs allow

According to that block chart, you can between 100-144 with DFS/TPC enabled. (1000mw)

This is what germany's info portal gives me ^

So that right block. Wether radar will set off DFS alot if you have one close.

that is not including UNII-3 though

and we had established that the chances of having a weather radar close to that location were slim

yeah

they are going into a remote area, no airport nearby, only an old military base that has been abandoned for decades

Lovely

@tender hazel I'm bringing that big omni antenna with me to do some testing on site

@tender hazel that military base is a 30 minute hike up the mountain away lol

nearest town is 2km away

Those military bases may actually be deregulated test sites too.

@plain siren North Point

Allowing for adjusted gains

former US Nuclear depot

The barracks and office complex was built 40 years ago, never put to use

its surreal going onto the place

That wasted place? Ugh

Yeah this

@plain siren there's tunnels underneath it

really cool

xD

its all still fenced off, but if you just go to the entrance

https://rgebhard.de/seite437.htm

Yeah, avoid those unless you got a personal gas ppm monitor

you can see how often people have used sidecutters

and how often it was patched up again

xD

I wonder if it's up for negotiable-sale

Its still US soil, just completely abandoned I believe

still warning signs everywhere

but its mainly used for storage of logging activities in the area

Yeah, I bet Germany would sponsor a Back Purchase if it let them reclaim the national ownership status too.

@tender hazel that's it!

What's your goal out there btw?

@plain siren helping my dad distribute 1000/500mbit fiber over a very large camping area

if you have 3 80mhz channels with sufficient power that will actually be ok

with the planned layout

if you only have two, I would use 40MHz channels instead

@tender hazel aren't those APs on the same pole going to interfere with eachother?

ohhhh

Ay now u get it

it would be like this: A B ---------- C A ------------ B C ---------- A B etc

two ap's per pole along the perimeter to cover inwards from there

Apparently there's a range

https://i.imgur.com/HoII6Dt.png

you're only reusing the A frequency on the next pole over on that AP and that is going to be facing in the opposite direction of the A frequency on the first pole

This requires a permit ^

UNII-1 I cannot use, perhaps only for the indoor office and restaurant seated area

same is for UNII-2

Am I imagining this rightM

Or am I stupid

it doesn't say anything there about a permit, just SRD (25 mW)

@plain siren the rough areas that I want to cover are these: https://i.imgur.com/4VnL1nP.png

the A is where the central building is located

https://www.bundesnetzagentur.de/SharedDocs/Downloads/DE/Sachgebiete/Telekommunikation/Unternehmen_Institutionen/Frequenzen/Allgemeinzuteilungen/2017_34_Broadband_Fixed_Wireless_Access_BFWA.pdf?__blob=publicationFile&v=1
@tame carbon

on the roof we'll be putting 60GHz backhaul

You are trying to basically WiMAX/WISP a LAN

@plain siren well, its just a vlan

and EAP in the future

all masqueraded over a reserved public IP

So you are doing WISP with CG-NAT but deployed as a LAN

Yes

Might as well call the users subscribers.

at full capacity

the main difference is in this case the CPE devices are not fixed wireless radios but instead the customer devices themselves (cell phones etc)

there's 1200-1500 people at most (during high season)

@tame carbon what I would suggest is you use link.ui.com to plan it out

you can share your plan map

So... A router with a screen and sms capabilities + battery instead of a router.

you will have to pick some random ubiquiti 5ghz ap

On both sides of the NAT pond, it's all the same in high level architecture views.

but it won't really matter

it is mostly to get an idea of where you will be putting everything

@tender hazel what do I pick

either ptp

or ptmp

https://www.cambiumnetworks.com/products/software/linkplanner/

PTMP

rocket prism 5ac

https://www.cambiumnetworks.com/wp-content/uploads/2015/07/CN_LINKPlanner_laptop_screen.png

@tender hazel how much dBi ?

link.ui.com is easier, I've tried using the cambium link planner before

Cambium, the one suing Ubiquiti, does this way better than Ubiquiti. No wonder they offered firmware takover.

@tender hazel also beam width isnt right, this is 120 degrees

I can't get the details I want out of the ui tool but yeah it's "Ez"

the APs I have are 90

I picked the liteAP gps

that one is 90

@tame carbon click the pen icon to change

Have you tried their latest updated release? It's gotten a nice polish.

ok yes the liteap gps is ok

what pen?!

https://i.imgur.com/uxGiJ6t.png

Looking at this rn

the pen icon will only show up when you have rocket prism 5ac selected

you can specify custom antenna then set the gain and angle

This is the coolest thing that I've seen in a tool like this that is "niche" and actually turns out to work in bench comparisons.

Science is awesome

@tender hazel do you think I can get away accounting only for 90 degrees, and hoping the 60 degree 5GHz is fine?

yes, people will roam to 2.4ghz if they are out of the 5ghz band.. I would treat the antennas as 90 degree antennas

it is not 100% accurate but it is good enough

okay what about the gain?

for the antenna gain check the specs for the mikrotik antenna built into the AP, it will list the gain there

(The "overlap" is hardly ever too noisy to cause issues if you stand in it)

https://i.imgur.com/N67JzoB.png

Something something RF Density ... Science shit.

but this is dBm, this needs dBi

whats the difference ?

you're looking in the wrong spot

I dont see the use of this tool

it says strong signal everywhere

you can plan where you are putting the APs and what they will cover

you can add all of your APs there and see the coverage zone for each

Screw it, throw a 100W amp in the midpoint and use 1AP, f the regulatory agencies,

you can add multiple APs onto the map

https://i.imgur.com/xrk80jS.png

you will want to adjust the height of course, the default is 12 meters and you will not be installing them that high

yeah but this is far too big wtf

@tender hazel yeah but it is a valley lol

so there is about a 20 meter difference

on the side where the AP is compared to that client

I dont understand

150 meters away

nobody is going to get signal.

but it looks like you have set the AP height at 1 meter and the station at 12 meters

the AP is presumably going to be more than 1 meter off the ground

about 2

but it already accounts for the difference in height

Like, I just want a set amount of output power for range of like 50-60 meters

people will get signal further away with 2.4ghz if you want to check that.. you can do that by adding a second Ap in the same spot, one that is 2.4ghz

that's it

yeah but this makes no sense

this thing suggests that I can get signal

from all the way across the camping area

with 1AP

I plan on just using paper and pen for this

and drawing the 90 degree angles myself

this tool is far too complicated and unwieldy to use

you can adjust the far device, the default is like a powerbeam or something

it is assuming fixed wireless, where the stations are fixed, rather than mobile

but if I just allocate the channels in such a way that beams dont overlap

does the tik automatically manage output power ?

wow

so I added a second station

and now I have to sell my soul before I can continue

https://i.imgur.com/Phq0S1N.png

you can reduce the area that it shows the coverage on

@tender hazel sorry :( thanks for the suggestion, but I think I'll do it the old fashioned way with pen and A3 paper

I can get a big printout of this map

that handle lets you make it smaller

and just draw on it

I don't have a UI account

cant use that site

they are free to sign up

yes

but I am not going to lol

you can give the cambium one a shot but I find it harder to work with

if I was to point two of these APs directly at eachother

how far would they need to be appart before they stop interfering?

just trying to get a vague sense of what scale I am dealing with here

if they are on the same frequency they would have to be far away unless you reduce the power

so you will be reducing the power most likely

that's if they are pointed dead at each other on the same frequency

@tender hazel I'm going to visit them tomorrow

I'll mostly just have a look around see where we have poles we can use

and take pictures

ok

Ill be bringing that metal ac52

and doing some DFS checks

its big omni directional antenna

ok, sounds good

yeah you can check range with that too

yep

Its single chain

but its fine for signal strength checking

it is lower gain than the sectors but that will actually simulate what the actual situation will be since you are most likely going to have the power turned down

also a lot depends on line of sight

you can have two antennas pointing at each other using the same frequency but if there is a hill in the way blocking most of the signal it might not be a big deal

the area is like this \___________

the other hill of the valley is a road

we cannot use that

so the APs will either be on the hill side

or in the center

which is flat

so I think there's a benefit to having those APs mounted up high

they have wider line of sight that is not obstructed

mh. so clients right to my hAP ac2 have -46 on 5GHz

and I am behind 2 walls, with -70 on 2.4

still enough for 72mbit/s

I assume -70 would be an acceptable signal strength?

yes -70 is acceptable

That's a decent outcome.

for our fixed wireless customers our absolute cutoff is somewhere around -73 I think

@tender hazel so what if I can receive another AP at like -85

do I have to reduce its power?

what's "too loud" for seeing another AP on same frequency

you will ideally want the noise floor for the same frequency to be around -90 or so if possible

@tender hazel basically this: https://youtu.be/oY6tCnu-1Do?t=4

those 5 seconds ^

heh

sorry, that just popped into my head :P

any way I can see what my AP is current transmitting with?

This is 0 https://i.imgur.com/ZjELYRK.png

lol if I put it up against my body

it drops to 1M

meatsack

lol it just disconnected xD

the Tx signal says 0 because for most devices they don't support reporting the signal they receive from the AP back to the AP

lemme see my phone

wow

such garbage

OneUI doesnt report signal strength

my old nexus 5x did

you can probably install some third party tool that will show it

Wifi Analyzer yes

@tender hazel ok

so my layout is garbage here

xD

1 is free

lemme put it on there

@tender hazel LOL, so I move channel

and there's a pesky asus router one of my tenants uses

and it just skipped to the same channel

@tender hazel ah so interesting https://i.imgur.com/JeJXejA.png

so that's using 40mhz

you'll want to prevent that

https://i.imgur.com/6d8RrMO.png

@tender hazel I can see why

but does it matter?

ok so I disabled extensions

much better.
https://i.imgur.com/FlTIgYG.png

yeah that's much better now

what about bandwidth though

oh

@tender hazel I was getting around 25 before

now its like 40mbit

what about poor 5GHz..

lol/

@tender hazel WHAT

This is nonsense!

@tender hazel such bs

https://i.imgur.com/NLWoPOv.png

I disabled my 2.4 AP

and

why is it not using that in the first place

that's 5GHz

through 2 walls

I only have 2.4 enabled in my Center most AP and my Outdoor AP.

mh.

so

just put 5GHz up

and a couple 2.4GHz omnis

for the tards that run ancient gear

Everything that's 2.4 is IoT for me.

The real speed is in the 5Ghz and 2 6g APs

@tender hazel what would you do in this situation?

So more of those for me, but in small tx power

reduced transmit power by from 20 to 15

phone still uses 2.4

Go outside and put grounded foil on your fence lol

and I get only 10mbit

@plain siren 🤣

You laugh but

If you could find their AP location, you could basically patch a small area to block it

lmfao

wat

there's no interference here

its just that 2.4GHz signal is so much stronger than 5GHz, but 5GHz is still much faster

I was making a joke not being serious. But yes that's how it works

Lower frequencies have better material penetration

Yeah

but I start putting up foils to cover up the neighbors stray wlan

Higher frequencies have larger data rates.

I have to worry about my mom running after me with a broom

telling me I am out of my mind

Don't put it on your side of the fence.

WHAT FENCE

xD

Put one. Lol

We dont have a fence. we have a sloot

What's a sloot. I don't speak nowhere

https://i.imgur.com/wh1wKrJ.png

Oh

Its dutch/south african for Ditch

Sloot

Looks like a great place for a fence.

we dont have fences here really

its all hedges and trees/shrubs

Every time I go to put mine back up, I start doing something else that would require me to take it back down

My neighbors are not particularly happy.

lol they have a madman as a neighbor who's a conspiracy theorist

putting up foil around his house

Put the foil in the hedge

You know, foiliage

(╯°□°）╯︵ ┻━┻

I didn't put my foil on my fence. I put it in the wall on the insulation... Well I didn't. The insulation has fucking foil on it for better thermal shielding

And it basically put a fat F for any Cell signal lol

I would LOVE to have 1 AP cover this fucking house.

So the shit solution would be

two SSIDs

2.4 and 5

but it would also yield best results

That's actually a normal solution

I even do that.

Fuck roaming

I have one ssid

Never works.

it works well enough

I didn't have any roaming issues on a small handfull of Cisco AP's I put up back in 2012 or so.

Bleh

On a high radio density site, there can be issues where handoff doesn't happen then the front end gets overloaded by the actually closest AP.

"Sticky" APs

Nope. It was actual roaming. No dropped packets.

On EDU sites this is a huge PITA

I'm not saying you had particular issues, I'm just biased.

@plain siren someone here suggests to change the beacon interval

?

Yeah it's foil insulation

I didn't go to my attic to take a pic lol

Makes sense

I had put the insulation on my inner walls and thinking I could hold local temperatures inside the house better.

And for soundproofing

Did it work?

Yeah, these newer houses are very well sealed to their fire zones, it shows.

But

My wifi....

Omg my wifi

I bought a heavy rubber material to help soundproof a noisy pipe. It worked very well, but the material is kind of expensive..

Its like it sucks the signal out, not just block it.

😩 signal

APPLY GND TO ANTENNA

Was it for the water hammer noises? Or just the expansion

I have a noisy pipe I can't find yet but I need ideas

what type of pipe?

Its my hot water feed

ah

Neither, it's a radon pipe. There's a fan in the attic that runs 24/7 creating negative air pressure in pipes surrounding the basement of the house to remove radon gas so it doesn't permeate and sit in the basement.

PEX I presume.

When I lived in Oklahoma, I specifically avoided houses with radon fans

all pipes in my house are copper

It's basically impossible to avoid here. That's just the type of ground we have.

Yeah it's copper coming off the heater, I think the sound is pipes rubbing on the wood

Radon is kinda scary in the way it works

yep

For something like $5/year or less, I don't mind it as much as I thought I would.

But anyway, back to networking. We used to have random wireless issues with 12 Linksys routers we had placed around the school. Honestly, the fact that it worked as well as it did is a testament to how well we managed them, and how much wifi signal was lost due to building design. (AP's were fairly isolated and not interfering with each other due to building design and channel separation).

Building Design

Mmph so much on this

As soon as we moved to Cisco AP's, we went from 12 to 7 AP's, better coverage, roaming, and we could now get wifi out to the end of the playground area. I had plans to beam wifi to a lower parking lot as well, but I left before I could get that project off the ground.

Wireless N helped a lot here. The Linksys were Wireless G. 🙂

I wish we could play around with stuff like that at school

wat

why you guys worried about Radon lol

Honestly, in my house Roaming is fucking fantastic, so it proves the whole isolation case in practice, I believe it 100%

Radon is basically radiation gas.

can cause cancer apparently

radioactive

I'm still gonna roast on it anyways.

@peak cloak its a noble gas with a half life of like 3.8 days

but its a decay product of natural background radiation

by uranium in the soil

Its also capable of seeping up through any material (Concrete included) so it can get caught in your house.

no

that's where it comes from

the uranium particles are in teh concrete that the building is made out of

It's enough of a problem to be CODE around here, and it's generally heavier than air, so it collects in basements. The Radon gas is from the ground the house is on - whatever is coming from the concrete is of no concern - it's the surrounding material.

so does co2

Its more the ground deposits

problem is just if you inhale a large quantity of it

decay chain is still rather long, and the materials it produces are not gasses

Poe powered radon fan