#networking

Oh well hang on; dns doesn’t work from 8.8.8.8 either?

my /etc/resolv.conf shows the following:

search <ssid> <hostname>
nameserver 8.8.8.8```
[details omitted for privacy]

@slow pivot what do you mean? All URLs are resolved if that's what you mean.

Can you ping any other destination?

Yes, 8.8.4.4 works

Oh, sorry I misunderstood; i thought you meant 8.8.8.8 was the only one where dns wasn’t working

No, 8.8.8.8 is the only IP where ping isn't working (that I've found so far).

But 8.8.8.8 is also my standard nameserver according to my /etc/resolv.conf so maybe that has something to do with it, that's what I meant.

no it shouldn't

ping and dns are 2 separate protocols

Okay, but then I have no idea why it's only 8.8.8.8 that doesn't get pinged.

some sort of firewall/routing issue?

Don't think so, I've never had this problem.

what else could it be

Maybe ping has been blocked by a node upstream

I only noticed because my polybar includes a network widget that flashes when it detects packet loss, and it only started flashing today.

Can anyone else ping 8.8.8.8?

yes

Could it be my ISP's fault?

Hold on, if I connect to my VPN, will that make a difference?

LOL

Through my VPN 8.8.8.8 is pingable.

Okay, so it's either my ISP or my local config, right?

something between your PC and 8.8.8.8

Weird.

I'm gonna do a full system upgrade and then I'll try again.

When i close Nat i lose internet connection.

which router?

you either need to put the ISP router into bridge mode and disconnect all your other devices from it and just have your router conencted

or turn off NAT on your router, along with DHCP

Ok solved. I just switched my router to ap mode

Which i imagine eventually did all the things you suggested when i did that

Thanks man

yep

what's what AP does

I plan to run a nas of an android tv

Any software recommendations

@hot hawk Plex

That's for videos only

or KODI

Want file trasfer too

@hot hawk android TV is your streaming client no?

No I got other devices that can do that

Where are you storing your files then?

10 tb hard drive encloser

A wd easystore

So that's just USB attached storage?

Yea I guess

Xd

jellyfin

TV box has usb 3

Yeah that android TV thing, that's ment for streaming only

I doubt it can host files on the network

Never heard to google I go

oh

you want a NAS?

If android doesn't work I might be able to throw arch

use truenas

Yes

or really

any linux should be fine

@hot hawk that box is ment as a client, those usb slots are probably just to do file playback directly

just plz not arch lol

Y not

because

Maybe

not very stable

it's cutting edge

I guess

I personally wouldn't even use TrueNAS, but that's up to you

Autho the real question is can I even get linux on it

does someone have experience with unraid and nextcloud? I have troubles installing it and I'm at my wits end by now...
after installing nextcloud I can't even get into the webgui. I just get a "Internal server error" page
I tried the usual, new install, reboot but nothing works

I'd just toss debian on it, install samba and be done

xD

yeah it can be overkill

From what I've looked up not sure

Samba 2 any faster?

no idea

E

I just install the samba package

and then go to /etc/samba/smb.conf

Samba just creates windows shares

Yea I've used samaba on arch

Have a general idea how to use/setup

I don't even bother with it myself lol

I use sshfs for everything

0-effort network shares

Need a protocol that windows support so samaba it is

sshfs root@machine:/path/on/server /mnt/remote

then just cd /mnt/remote

and you can browse the files as if they were a local dir

0-effort network shares

Does samaba work on termux

Or never tired

Prob can look that up lol

Was thinking just doing this

https://www.google.com/amp/www.coding-dude.com/wp/mobile-apps/howto-transform-android-to-nas-drive/%3Famp=1

Autho need another android samaba server

Other than that ssh tormenting and a few other apps

O wait

I forgot servers ultimate

Will Try that first

does someone have experience with unraid and nextcloud? I have troubles installing it and I'm at my wits end by now...
after installing nextcloud I can't even get into the webgui. I just get a "Internal server error" page
I tried the usual, new install, reboot but nothing works

Can anyone here help me set a static IP address?

yea but for what service or what use case exactly? (like is it a VPS configuration of netplan, or just local IP on your netowork etc)

So I’ve been trying to connect to activision services. Both my IT Department (I work at a University and live “on campus”) and our internet provider and they both told me I’m on my own. So I did the whole TCP port access thing now, from what I’ve read, I need to have a static IP address

this a private ip address?

behind NAT

or is it on the internet

I think so. On my options I’m set to private. But bare with me. I’m so far outta my league here.

if you need a static ip, that should be the job of the networking people, since you don't want to set a static ip in the DHCP range, what they could do is either tell your what the DHCP range is so you don't interfere, or they could just set dhcp reservation, so it's still seen as DHCP by your server, but the DHCP server gives the same address

I'm kinda confused tho, on what you are trying to achive

what's activision?

To be able to play Warzone

don't need static ip for that

Ok, so they told me everything looks fine on their side, and same with my IT dep. but it doesn’t even try, it just immediately tells me “unable to connect to Activision services”.

I’ve tried on both of my PCs same problem, and when I’m home it works. So it’s obviously an internet issue

I’m just going off of activision’s support page and what I can find on google

so your trying to port forward

Again man, I’m not trying to be ignorant but I’m just trying to do what this page says. I’m outta my league.

if your at uni and your router doesn't get a public ip, you can't port forward

Is that something I need to ask them?

Cause it works on the school’s public gaming PC center (same network) but not mine

no clue

it could be anything

Shit

Thanks for your help man

prob somthing blocking on uni

yeah

yo can someone help me with putting the webserver online on my VPS...

I opened ports 80 and 443 correctly, but still can't access the domain

that's chain output

wait

hmm

what's the output of ip a

dm it

actually before you do that

is there even a webserver running

@crisp bay your using nginx?

nginx yes

and is running if I access it using the public IP

so it works? just https doesn't?

and certbot isn't

no, I can't access using a domain at all

only with an IP

https://toolbox.googleapps.com/apps/dig/

enter the domain there

do you get an A record with the right IP?

nope, it got me my home IP

but I know why

then update your nameserver records

what do you mean?

the dns records

I have removed DNS records now on CF

yeah I have DNS records on cloudflare, so I removed that nameserver

like it won't look for my home IP

and on your domain registar you changed the nameserver to cloudflare?

yeah

okay it's removed and dig doesn't find any A records

and still not working..

you need to wait

if it's still getting the record from the old nameserver that means it didn't propagate

or it isn't done correctly

it's not getting anymore

now instead of A, click SOA

what's the output

no record

what top level TLD are you using?

.tk?

.com

ah, so no issue there

on cloudflare if I remember it will tell you when it find it is the nameserver for your domain

yeah

but I'm experiencing it for the first time

as it has been working always without any problems

the f?

now it's 100% ports

no it's dns

it probobly propagated

check now on dig

it has found 2 completely different IP's

that's cloudflare caching

so yep

it's working

if you want to disable that, click the yellow cloud next to the record on cf

set it on DNS only?

if you want

don't need to

what that does is that cloudflare will cache your website

and traffic will get resolved on cloudflare's end, without going to your vps

yeah

hmm now I would wait for it?

you should be able to go the domain and see the website

it's not there

so ports then

what's the error

certbot worked

so it's not the ports

okay wt

I think I know what I did wrong

windows has this weird internal hosts thing

and I added the domain with my home IP to loopback it

it's not weird, linux has a hosts file too

ah

Ik

yeah the site's working and it's on SSL

the SSL tho may be b/c of cf

maybe

click the lock to the left of the url

certificate?

then click cert

you'll see who the cert authority is

yup

certbot

ah

Let's encrypt

nice

cool

ty for nice help!

np

mm android tv nas 10x faster than my old nas

was your old nas a raspberry pi zero

it was a router

c6250-100nas

Someone help me evade lol

How do I mask my ip

Without using a proxy or VPN that has already been used

Ping me or somethung please

you can't without some sort of proxy or vpn

what are you trying to do

Evade any way possible lol

My isp says i can't change my IP unless i switch to static

Or a way to use a VPN or proxy that isn't already blacklisted

evade what?

A blacklist

of?

this actually you could

most ISPs use dhcp

just release the lease

and then maybe wait a bit

then get a new one

ehh my isp holds the lease for like 8 hours and renews it like every 5 hours. so I get the same IP.

There's something about a broadband ipv4 address, which is my public IP

And my isp says they can't change it and it will not change unless i get static which is 15 more dollars a month

never tried with my current isp, but with optimum they were very aggressive with it

just rebooting the router meant new ip

i need that

i need to be able to reboot the router and get a new ip

is there any fix for wifi going out for like 30 minutes every few hours. like bruh at&t cant manage anything

use your own equipment for wifi

that's not att's problem

thats the router

which I guess is the ISPs but still

having your own is the best

switched routers 3 times 😦

Help

same help

¯_(ツ)_/¯

what do i do

new router again?

maybe

it's the client device

ima just switch to xfinity att so annoying

it's not att lol

problems for like 4 years now

slow speeds

maybe wifi is your problem

not att

going to 0.07 mbps and high ping all the time

im on ethernet

ah

with pc

dsl?

yep

ah dsl

as high as I can go

45mbps baby

if it's dsl

then get off it

att doesnt serve fiber in like a vey large area. also not in a rural area either idk why its not here yet

xfinity (comcast) is dociss

right?

what

yeah

whats dociss

coax

protocol

idk

data over coax

looks like this

Why doesn't my public IP appear on ipconfig

Ipconfig only shoes the ip it was assigned

Which is prob local if your on your own internet due to dhcp/nat

because of NAT

you usually have one public ip that's shared by many devices on a private subnet via NAT

your computer only knows it's private ip

ipv6 is different

Ok

I need to change IP

unplug your router for 8 hours you should get a new IP after that.

Does anyone have any recommendations for good (yet bang for the buck) security orientated routers?

pfsense - your old hardware.

They don't have Jio/Airtel, Jio and airtel are Indian based carriers.

the providers exist in India

Every country has their own providers

some providers liek Vodafone do have internationally though

but most of them are just per country basis

That'd be stupidly expensive. Roaming costs exist

It's not cheaper that way, would make it ton of times expensiver, like a LOT

roaming prices, not the data plans

dude that's within IN, roaming charges are HUGE

Nope

Still expensiver.

expensiver? mm english

We're having "Networking fundamentals" for CS class now, I feel like this will cause seizures for techies
The misuse of networking teerms in this class is * Hyperventilates * just painful

Crystal I blame you for it

@thick minnow wat

I'm blaming you for the pain

'cause wasn't it you who taught me much of what I know about networking

@thick minnow My teacher tried to explain CSMA/CD using a conversation between people, and then loudly screaming JAM JAM JAM

wow

Even though CSMA/CD isn't even used anymore by ethernet

its from a time when ethernet was BNC connectors and Tbase10, without switches

All computers were on the same medium

hence the need for CD

ah, alr

btw, did this ever exist?

Coaxial is cable

DSL is phoneline or sometimes called twisted pair

Ah, thanks

@thick minnow has your teacher even touched on OSI yet?

Learning, understanding and thinking in OSI terms makes things a lot easier

because it doesn't discriminate between cable and twisted pair, its just Layer 1

@thick minnow my networking class was quite rudamentary. It was mostly from the context of embedded development and communication techniques

OSI?

What's that?

@thick minnow Open Systems Interconnect

a standard, and conceptual idea of logical layers in networks

Layer 1 is your bits over the wire or photons through the air

Layer 2 is your link layer, here be ethernet

Layer 3 is Network Layer (IP be here)

Layer 4 is Transport Layer, here are the transport protocols like TCP and UDP

Layers 5-7 are not that interesting from a networking standpoint

Layer 7 is your application specific protocol, like say: HTTP

Layer 8 - we don't talk about

The reason its useful to think in these terms

Uh huh

is because when you are say, dealing with a TCP socket

all the stuff underneath, be it ethernet or wireless ethernet

doesn't matter

all of that is abstracted away by the layers below

@thick minnow another key point is that, layers themselves never inherit or use information from other layers

IP is not dependent on ethernet

Okay

@thick minnow probably not as prevelant

but a good example is the other way around

There are plenty of (mostly old) networking protocols for ethernet, that aren't TCP/IP

@thick minnow and this is also why NAT is such garbage

Nat sits on layer 3 and 4

It rewrites IP addresses (L3) using information from the transport protocol (portnumber) which is Layer 4

NAT breaks this abstraction

Uh huh Okay

Im not sure if this is the chat to ask this but i have a shed in my backyard abt 25 meters from the house and abt 30 from my router and i want to get wifi there a cable or powerline are no option what would be the next best thing?

P2p antanae

@proven ferry either cable or point-to-point wireless

cable is best solution, no bottlenecks and no funny biz

Finally my pr was merged, time to setup vyos bgp and tunneling this evening

im installing my first vm in proxmox. Since im in a VM, i tell ubuntu to nuke everything and install right? ignore any warnings it throws?

Yes

the only thing itll "nuke" is the 120gb i gave it?

Yes

thank you

@waxen scroll It took me hours during a maintenance last night just fighting the strangest bugs in Junos. Honestly Ive never hated Junos at that moment in time as it was almost randomly handle traffic however it felt like

just wait until you check a routing table and it says Interface A but the hardware debug says Interface B

or even better you check a routing table and it says Interface A but the hardware debug says line card 2 and 3 didnt program it

It wasn't far off from what I was experiencing

so ive got proxmox installed. works great. ubuntu and truenas both work fine. Had to enable IOMMU that way truenas could see my new drives. required a reboot. suddenly, the system doesn't see proxmox at all. it sees all 3 drives though. when i take the new drives back out it boots fine again. what gives?

is it an issue with my raid card?

im not in raid, made sure it was disabled in bios.

BUT when i throw the drives in (hotswap bays) AFTER booting, proxmox sees them

but like, i cant pull drives every time i need to reboot

do i need to get the boot drive off the raid card? thatd be super not possible at the moment

Is proxy caching worth it?

I’m trying to get YouTube working with squid proxy cache. But the videos don’t play no matter what I do. I’m trying to figure out if I can blacklist the links to YouTube videos from the proxy

@thick minnow you can't cache HTTPS

Is there a way I can exclude YouTube from the caching?

don't cache HTTPS traffic

How do I know if it’s trying to cache https content? How can I turn off https caching?

that content is delivered over https, and should not be cached, unless you are using SSL Bumping

@thick minnow disable SSL Bumping

1. You cannot cache HTTPS
2. SquidProxy can cache HTTPS by means of SSL Bumping

Which means, the proxy server connects with HTTPS on your behalf, and mediates keys between your PC and the target server

this is not advised though.

@thick minnow just filter on url, anything using https shouldn't be cached

@thick minnow I see little use for HTTP Proxies these days, with all traffic being encrypted and mixed sources are generally a bad practice on webpages (serving images over HTTP, while the page was fetched with HTTPS)

Any Windows admins? I am trying to create a Windows Server template with Packer (for use with Terraform). I have created an autounattend.xml file for the initial install but after installing, I am needing to generalize the image. When running sysprep with the following command: ...../sysprep.exe /generalize /oobe /shutdown, I am getting the following error:
"Not running DLLs; either the machine is in an invalid state or we couldn't update the recorded state"
"Hit failure while processing sysprep cleanup external providers"
The answer file can be found here: https://pastebin.com/26KK3n6M

I see. yea. I’m mainly trying to figure out ways of speeding up webpages and stuff. I already have my own DNS server which blocks ads and such. Client side hardware is not a problem since I have tons of horse power

@thick minnow uBlock Origin

it will do very little

more annoyance than anything

Only use from the top of my head would be on school networks

to stop kids from viewing 18+ content

Yeah, that makes sense. The reason I have the DNS servers because certain clients like the Fire TV, you’re not allowed to have extensions and ad blockers and such

Twitch Launcher broke when I used default list on pihole

Yeah, I have my own set of lists

entire program stops working if it can't have its ads served

what kind of backwards ass world do we live in

Honestly.

So proxy caching is a no go nowadays?

Would you trust “SkyVPN” as a VPN?

no

gtfo with this vpn ma boy

What would be the reason?

"SkyVPN is one of the worst VPNs we''ve tested. It should be avoided at all costs. It's an untrustworthy VPN that logs your IP address and other personally-identifiable data. It also fails to unblock Netflix and it's not safe for torrenting"

source:google sent me there

Ok

https://www.top10vpn.com/reviews/skyvpn/

this is the link

Ive been using it for 2 years for bypassing school wifi

use nord man

Is it free or freemium?

Currently you just watch ads for more Data in SkyVPN

@lunar spade no I don't

freemium

but nord is a very popular pick and lots of youtubers which they make a sponsor cameo have discount cupons

I have no income so I cant really pay for a VPN

ok so i will find a free one then

surfshark is a 2,50 dollars per month

which means it's pretty cheap for a premium vpn

To bypass school, just make your own

Look at pivpn, really ez tool to setup wireguard

Or you could do manual wireguard

That's what I do

cloud VPN k

Ivacy is a good VPN allow bypass Amazon prime video restrictions and sometimes Netflix.
That's funny because amazon recommended ivacy to bypass their own restrictions because alot of customers complained that they can't use it when they traveling out side of their country.

does someone have experience with unraid and nextcloud? I have troubles installing it and I'm at my wits end by now...
after installing nextcloud I can't even get into the webgui. I just get a "Internal server error" page
I tried the usual, new install, reboot but nothing works

wtf is a cloud vpn

and hi Crystal :D

pr sure most vpns can do that and esp the paid ones

that is a cloud vpn, or rather a vpn cloud, you just connect to someone else's network and route your traffic through theirs

the whole concept to me, seems utterly pointless

because with NAT

you still can't prove who it was that did X

and the cry for privacy, idk

to me, privacy is on-premise hosting

ohhhh, yeah that does sound dumb LMFAO

ye so umm a service is bound to a port and my SSH session got terminated and it's still running..fuser is the way to kill anything on that port but what's the correct command?

man fuser

yes

first bgp link

Mmmm... 4-byte ASes

dn42

?

that's what I'm using to learn

https://dn42.us/

that's the AS range they use

Nice. If you have any questions let me know and I can show you in my lab

https://i.imgur.com/0E99yzT.png

:D

only time when you can actually justify having 250mbit

yeah

any uploading/downloading files is great with high bandwidth

but most of the time you don't use it

https://i.imgur.com/7AdOuT7.png

@peak cloak lol yeah. https://i.imgur.com/9fiSk8O.png

learning openshift

I havent ever bought a repeater and just wondering if this is worth the price or is there something better for the same price (planning to get around 100mbps max but might upgrade to 300+ in the future)

https://www.argos.co.uk/product/2801939?rec=PDP[1286627]:bottomSlider:P1:OHAT:alternatives:2801939:136hZDHZiiig5u8mlieh

@clear igloo dat UBNT reliability

the isp line is pretty good

fuser -k 3306/tcp - example for tcp
fuser -k 3306/udp - example for udp

laughs in 6500

no u

yes that worked, thank you!

man fuser wasn't working for me tho @peak cloak

Anytime you don't know how to use something man brings up the manual

^ in other words, "RTFM"

I think better to send people to google sometimes man can be messy or broken.
I had a Linux system that man was kinda broken

6500 chassis reboot....I'm already beginning to sweat

doesn't that take forever?

@hollow marlin so I have a dilemma I never had before, how exactly would I go around "combining" all these separate wireguard peer interfaces into one interface which is what I need for outbound-interface for NAT. What would I use? A bond?

on a mikrotik?

or wireguard on something else

vyos

I don't know how you do it on there, but bonding is a layer 2 thing and wireguard operates on layer 3

don't worry about wg that's just ip transport

you are using those wireguard tunnels to get online?

what I want is to be able to bond/load-balance whatever it would be wg92 and wg93 and any additional peers I will have in the future

to join the dn42 network

as I said that's not bonding.. load balancing is what you want

yeah

this is what confused me in the vyos docs

The bonding interface provides a method for aggregating multiple network interfaces into a single logical “bonded” interface, or LAG, or ether-channel, or port-channel. The behavior of the bonded interfaces depends upon the mode; generally speaking, modes provide either hot standby or load balancing services. Additionally, link integrity monitoring may be performed

modes provide either hot standby or load balancing services

yes but the bonded interface is layer 2, so you can't bond wireguard interfaces because they are layer 3

on mikrotik you accomplish that using a load balancing technique called PCC

not sure what vyos has in that regard

however if you are on dn42 you are doing BGP, and it is unusual to do that sort of load balancing with BGP

maybe I'm doing something wrong, but I basically want to have an interface going "out" of the vyos VM that has dhcp, is nated and all that, but can also access dn42

I'm afraid I don't completely understand - but you don't have to bond your wireguard dn42 interfaces for that

you will be getting BGP routes from both peers over both tunnels

some will have shorter routes to some networks than others

yeah

but in vyos NAT requires an interface

so you will naturally get a form of load balancing where it will choose the peer based on which has the shorter distance

can you create some kind of "interface list" like in mikrotik?

these are the interfaces

https://docs.vyos.io/en/latest/configuration/interfaces/index.html

dummy?

it looks like "zones" would be the equivalent

if you can configure NAT to use some kind of wireguard zone as opposed to the individual wireguard interfaces you can do that

otherwise if you have to specify the interface you might have to do multiple NATs, one for each wireguard interface

the other reason why bonding would not be applicable here, even if wireguard were layer 2, is that the two tunnels are going to different places

bonding is for aggregating two layer 2 connections between the same two devices

ex. if you had two switches with only 1Gbps ports and wanted to increase the bandwidth between them, you could connect two cables, bond the ports, and then you would have a total of 2Gbps between them

yeah, that's what I thought

there is a type of bonding called MLAG that works with different devices, but it is meant to solve the problem of redundancy in event of a switch failure.. for instance if you had two switches on one side (A and B) and two on the other (C and D), and you wanted to do bonding with two 1Gbps cables, one going from switch A <--> C and the other going from switch B <--> D

MLAG lets you configure bonding so that those two links are bonded, with switches A and B as an MLAG pair, configured similarly in the same place

and switches C and D also together, wherever they are, and configured similarly

also looking at docs, dummy seems what I want

https://blog.vyos.io/loopback-and-the-dummies

that depends on the purpose for this NAT "interface" that VyOS wants you to make - if it is just used to get an IP to NAT from, then it might do what you want. If the NAT interface is specifying what interface the packets will actually exit from to go to the upstream router, then it may not

hmm, yeah. I'll figure it out

maybe I could make it work with vrf?

Its does but I was more referring around the fact when 6500s reboot, that tends to be it. Its a common core switch where uptime of 15+ years is really common

You have a sketch of what you are doing? If VyOS is anything like Junos you can NAT off the loopback but may not be optimal.

There is such things as L3 LAGs, but just like L2 its hashed but based on flow. Since BGP is involved there is load balancing but that is done with ECMP. All routing protocols support it

I assume you are looking at something similar to the following?

our most stressful time was when we were preparing to replace our core ASR 1002 with mikrotik CCR's at our colo.. we had the CCR config like 80-90% done but were not in a hurry

colo had a power outage and when power came back, the ASR reported hardware failure and didn't link up

so we had to quickly finish the CCR configuration, spent like 1.5 hours on that, then rushed down to the colo to replace it

unfortunately there was no room left and the screws in the ASR1002 were stripped when it was installed so it took like 3 hours to physically remove the ASR1002

we were down for something like 6 hours as a result

@peak cloak Here is my guess at what you are doing. This is my design for some of you customers. IPsec tunnels, BGP for routes, split-tunnel, VOIP traffic NAT over loopback to peering FWs

yeah something like that

Ill grab a snipit of the config, at least enough to contrast to VyOS

I've asked mikrotik before to add /31 support

they think they don't need to because /32 is better

but I think they underestimate how common /31 is in the service provider realm, with cisco and juniper etc

"because /32 is better"

Idk which universe you guys live in we use /69's here

Every core link is a /31. I can't imagine wasting such publics because a vendor refuses to support /31

we use RFC1918 addresses for most of our core links as a result

which of course breaks traceroute if you aren't on our network

You can still get responses, Ive gotten TR responses from Verizon, Spectrum that contain privates. Not a big deal but people lose their minds over it

yes - the local telco is a customer of ours in a few places, buying service for their customers

we had it happen once where their VPN stopped working.. they still had internet, but their VPN to the telco went down.. we were not blocking it.. the telco turned out to be blocking it with their firewall becuase it misdetected it as an attack or something

then a few years later we had another customer of theirs, same thing happened, internet was up but VPN was down.. the telco guy was insisting the problem was on our end and the traceroute not completing the last few hops was proof

Wait, why'd you actually need to add support for "/31" specifically, i taught its all a standard and it should directly work

Its an unofficial standard

I wound up just changing their static IP from us to work around it

From what Ive heard is it can be a nightmare on the code side and needs some extra magic in the ASICs

the issue with /31 support on linux specifically is it is accomplished by manually overriding the broadcast address

Yea tho mikrotiok does have a software updating stuff in place

so mikrotik would have to add a new field into the IP address window to specify the broadcast address

I see their hesitancy to do so, because that could be confusing for people who don't use /31's

Its throws our smaller peers off, not many understand it

if you try using /31 in linux, it doesn't work unless you override the broadcast

to be the IP address of the other side of the /31

if linux handled /31 properly by default, mikrotik would not need to jump through those hoops

alright why doesnt leenux have that tho

I don't know

but /31 is this weird exception to the rule of how to calculate the broadcast address for a subnet

in that there is no single broadcast address for both.. I guess they don't want to have to create an exception in this case? I have no idea

or maybe they think the workaround to override the broadcast address is OK

I have no idea

I use /31 a lot in enterprise

yeah umm I need to make my domain SSL (last time I was here, was a subdomain..), but the fact is, that I want to make a domain SSL only trough a port 2096, but not 80 and 443 yet..it's a daemon sending stuff to the webserver already

https://certbot.eff.org/lets-encrypt/ubuntufocal-other would this fit me?

FRR has the same problem due to the issue of linux support for it

https://github.com/FRRouting/frr/issues/7305

You can only get certs using the http challenge on port 80

But I think they can be used to host things on other ports

no

I'm still using cat5e and I'm getting gigabit lol

it's the same 8 wires

just the shielding is different

I mean as long as you get good speed there is no need

why does the download drop for a bit and suddenly comeback on, its kinda annoying because it wouldve been done by now if it aint fooling around

https://arstechnica.com/information-technology/2021/06/starlink-dish-overheats-in-arizona-sun-knocking-user-offline-for-7-hours/

wow

Guess it'll be useless in my country of residence

Good it doesnt get as hot here

@thick minnow lmao lol wat

ozone layer is fucked in some places of the world

and 122F is not a lot for electronics

Until recently our AC in one of our COs would fail, both primary and backup. One time it got to ~105f and some equipment began shutting down, lost 2 QSFPs due to temps. 122 isn't a lot but for passively cooled devices I'd imagine it being a problem

2 QSFPs oh no. LRs?

Yeah, both were uplinks to our upstream peers

thats an insurance claim

LOL just got a maintenance notice from our telco, they are doing upgrades affecting a few circuits

four outages of up to a minute long between June 28 and July 19

normally the windows that we get are like hours long.. not weeks

that long window is basically useless b/c how are we supposed to know if it goes down if it has anything to do with the maintenance or not?

if you got a 50 up/down speed from a datacenter and you are currently using about 40 mbps on rack #1. rack #2 will need to use 40 mbps too. will both rack split the speed down to 25/25 or will they both be able to use 40 mbps?

Split

That's how bandwidth works

so how do company with crucial service that need to serve thousands of their employees able to get through this bottleneck?

More bandwidth

Qos

Limit the speed each client gets

then what about mega large streaming website? million of connection streaming high quality video

They have cdns

And many servers

1.1.1.1 for example is not one sever

1.1.1.1 is an anycast ip

You will be routed to the closest server

It's a pretty complex system

then what about when my rack in the datacenter max out the bandwidth. would me maxing out the bandwidth in there affect any other people that also have servers in that datacenter?

No because the data center limits your link to 50mbps

I would assume their speed would be way about 1000 mbps right? due to the amount of people using their service

In data centers, its much more, depending on the size

They usually have multiple ip links

Data center internet doesn't work like residential

ok, I think I got a better understanding of how they handle traffic and my use on it. thanks a lot

The data center prob is it's own as, with their own ips

In a way it does. The DC if you use their network instead of buying through an IX uplink yourself becomes an ISP and each customer would be a "Resident"

yeah but the way the datacenter itself gets internet connectivity

Its just one less link. Your House is just linked to a DC to the ISP's shit through the IX in the DC

the way each rack/server whatever gets connectivity is more like residential

was just trying to explain that in a DC it's not like there is one connection

that is split up

I mean, neither is your residential offering: Multiple ISP Choices.

Now in a DC its much easier to do multihoming since getting service through multiple providers is easier administratively

That being said, if you use the DCs Network offering (as your ISP) they most likely have their link Multihomed so you get multiple ISPs packaged into that offering

why does america have limited bandwidth

it doesn't

We really dont

i meant how many gigs you can use per month

we don't usually

unless you have comcast

Because greed at certain ISPs that love to impose data caps

in brazil we have a regulation for that

Because the US is a really large data user base and when you buy IP Transit, you pay by the Gig (The ISP Does)

it is called civil mark of the internet

So compared to other nations, the demand is high enough to tax what is already the largest network infra in the world

unless you have your own transit

doesn't comast have a big network?

any of the big ones really

tbh, all the Retail Level providers are quite small in comparison to the big transit providers

they just have more going on since they have to run the equipment that ties customers in instead of just routers and fiber everywhere

that notorious last mile

in brazil,no tying allowed

it's cables,fiber,routers,tv and all that shit all the time

?

Its like that everywhere its just US treats Internet as a Service instead of a utility

in brazil it is treated like a service too

a very very regulated one

this is why we have only 4 big isps here

Thats more of a Utility

too much tax and too much regulation leads to this

Utilities are heavily regulated in order to ensure equal offerings
Services are left up to the market sway

what's the most expensive thing for a new small isp?

the cabling?

and eqipment?

Buying politicians laws

Literally this

really?

like what laws?

Easement Right of way is my largest cost as an ISP

Yup

oh yeah

brazil logic:
if it's public or very essential like healthcare it is an utility
if it's private and not so essential it is a service,but for not competing with utilities it is regulated the same way as an utility

that counts as cabling in my book

I also lobbied to get priority access and cheaper rates

leasing all the poles and such

which was literally legalized pay offs

or fighting back big players who have literally been caught giving laws to big cities and having them pass it without so much as a flinch

yeah

https://tenor.com/view/you-shall-not-pass-gandalf-wizard-gif-13584855

this is anatel in brazil

Hey guys someone can help me fix my new fedora 34 installation ?
I installed it on new ssd 500gb and I can't boot to it.
Failed and goes to emergency mode.

my d-link wireless adapter died ;-;. pihole ruined lmao

Hi everyone I recently got a UDM and I was able to successfully set up a guest, main,and IOT network. But I’ve ran into an interesting problem. First problem is the UDM is having a signal problem. The weird part is with my isp router I never and I mean never had a signal issue. My apartment is about 500 sqft. The second issue I’m having is my desktop will sometimes say “secured, no internet”. I have tried everything. I changed dns settings, reinstalled drivers, and much much more. Now the weird thing is sometimes I’ll get the desktop to connect and it will hover around 50-80 mbps down and 30-50 mbps up. My isp provides 200 down and 30-50 up. I don’t know what else to do!

I am talking to Ubiquiti

https://www.reddit.com/r/networking/comments/o189rd/ubiquiti_routing_in_wonderland/

@hollow marlin wowww

The first comment on there basically holds the same response I have

The router will have a local IP for every LAN Made in that LAN's subnet, so 192.168.1.1, 192.168.2.1 etc
And his problem is: A device on 192.168.1.0/24's subnet can access the router from 192.168.2.1

yeah that guy has some fundamental misunderstandings

he's freaking out over a non-problem

his problem with the port forwarding isn't what he thinks.. he is not doing hairpin NAT

"this is not how routing is supposed to work"

"I have extensive experience working directly with a large range of networking and network security vendors and their products, including: Cisco (including Meraki & Linksys), Juniper, Extreme, Check Point, Fortinet, Palo Alto, NetGear, Dell, HPE (including Aruba & 3Com), and even TACLANE. "
You think with all that "experience" he'd understand the basics of routing

However to his point, Juniper's FW stack, the processing and policies will not have the same result even with Junos's tight reliance of the loopback being the destination to all interfaces.

Heh

God that was a long post

Pictures of ports would help

Seems to just be a USB drive

Not a nas

The n in nas stands for network

I don't see any ethernet

Could not be formatted

Ik in Linux you can list the USB devices

It should show a name

Device manager

Check that

are there any risks to port forwarding?

the reason i ask is because I want to open up a remote destop port so that I can access my pc from outside my network

yes, there are risks, if your PC is not updated when it comes to windows updates, there may be security vulnerabilities others could use to hack your computer, and people might be able to try brute forcing your password

I would avoid opening RDP with port forwarding if you can, VPN into your router instead, it is safer

would hiding the known 3389 port with some random internal port help?

I do plan on setting up a vpn in the future i just dont know if there are any good free vpn providers i can use

I mean using your router at home as a VPN server

you need to have a router that is capable of that

i have an asus router so i think it is

theres an option to enable pptp vpn server

PPTP is not sufficient, it is ancient

and not secure

oh

support for it was removed by apple in their iphones like 4 years ago now as a result

oh

it is an older router so ig thats y

i could set one up on my raspberry pi

if there is no firmware update, you might be able to flash it with some other firmware like openwrt to allow you to get newer features without having to get a new device

oh wait

nvm

theres an open vpn option

on my router

is that good?

yes, openvpn will work

alr

alr ill read up on how to do this and set it up

thanks for the advice

actually i have one more question

so with a vpn

i would just connect to that vpn and then have complete access to my local network from anywhere?

i wouldn't need to enter in my public ip to access my remote desktop just the device ip?

I don't think so, unless you have both devices connected to the vpn, but I'm not really sure

yes, that is correct

Anyone knows how to fix dracut-initqueue timeout ?

Nvrm

hi friends, how do you change from DHCP to static on debain server?

idk

https://www.cyberciti.biz/faq/add-configure-set-up-static-ip-address-on-debianlinux/
something like this

or did you already google??

do you need static? DHCP reservation is better imo

/etc/network/interfaces

https://wiki.debian.org/NetworkConfiguration

instead of auto eth0 allow-hotplug eth0 iface eth0 inet dhcp

do

    iface eth0 inet static
        address 192.0.2.7/24
        gateway 192.0.2.254

change address and gateway of course

make sure to service networking restart

I'm using fedora 34 fresh install with kvm virtualization. Using (virt-manager)
I have an issue that vm won't start I click on the play button and then it just get stuck without message.
If I check the service status I see "libcap-ng used by "/usr/sbin/libvirtd" failed due to not having CAP_SETPCAP in capng_apply"

trying to figure out how to configure this adtran ta5004 chassis

Hi i am having trouble setting up a dedicated pc as a server. If anyone is good at servers hit my dms please:)

what's the issue, just ask

also the line between server and pc is very blurry

technically anything that is hosting any service is a server

Do not miss the 5Ks one bit

I feel like I'm wandering around in the dark

sorting through 10 different manuals to find the bits and pieces I need

@hollow marlin do ONT's that don't double as residential gateways get management IPs?

I would assume so but I haven't found anything about that

Yeah, ONTs that are built as RGs will have their own mgmt VLAN and interface

It been so long since I used a 5k I cannot remember most of it. We only had a few 5ks that has GPON blades, the rest had ADSL2+ blades

Ideally this is ubiquitous across all platforms since thats how authentication is handled if Radius is used

I just can't seem to find anything about how to get these ONT's to get management IPs

these ONTs are just basic ones and don't operate as a residential gateway

so I'm just wondering if I'm looking for something that isn't there

I guess it only works with inband management

it took me forever to find it because it was a term I was unaware of before.. "subtended hosts"

Easiest way to launch a server with a rather old rig?

@waxen scroll How is it that a simple feature, such as a user msg prompt to start patching, takes over 7 years to implement?? https://kace.uservoice.com/forums/82699-sma-k1000/suggestions/3987437-allow-a-user-to-patch-on-demand

also it took Quest 6 months to make my bug report considered a product defect.

It probably wont be fixed until 2029 at this right

I dont understand how they could make features that are broken out of the box

Yet no one ever reported them!

I bet they didnt even test it in the first place

Why would a user go ask if there's patches? The computer should tell them they need to patch now with a timer

That's how my work does it. You have 12hr before the computer auto reboots or you can reboot any time before

I have installed FreeRadius in pfsense. But I keep getting this error while doing radtest.

(0) Error parsing "stdin": Failed resolving "pfSense.xyz" to IPv4 address: Name does not resolve

I have disabled DNS resolver and forwarder but no use.

radtest ozair ozair 127.0.0.1:1812 0 testing123

LMAO

what a god

I am guessing this is not real lol.

yep.

I am trying to configure a VyOS router with Ansible, but I cannot get the playbook to run.

---
- name: Server Setup and Configuration
  network_os: vyos.vyos
  connection: ansible.netcommon.network_cli
  hosts: all
  become: true
  become_method: sudo

  tasks:
    - name: Initial Setup
      include_tasks: tasks/initial/main.yml

#    - name: Security Setup
#      include_tasks: tasks/security/main.yml

    - name: Playbook Cleanup
      include_tasks: tasks/cleanup/main.yml

Error:

ERROR! 'network_os' is not a valid attribute for a Play

Please can someone suggest how to make this work?

I agree with you, though it is an example of how long the wait is to get anything fixed or added by Quest. they take forever to do anything

I wonder if they put the organization I work for on the watchlist or something because of the number of tickets I opened that have geninue real problems they overlooked in their appliance. One of them was as simple as Device Inventory search not functioning in their SDA appliance. Typing a search query and hitting enter clears the entire list of devices, even if it matches device names.

basic stuff they could of found out by actual testing but this went unnoticed for years

almost as if the other admins using this appliance too aren't fully using what they paying for or know it wasn't worth the time to create a service request for knowing Quests track record

is there any way to get the mac address of a device on lan without access to the router settings or touching the pc itself?

Ok so i have an issue with my current wifi. ill describe my setup

I have a ISP Modem+Router 2-in-1 (which I consider trash). It used to frequently drop my devices even when working right next to it. All the devices used to get disconnected at the same time for about a min. There was a big issue with the 2.4GHz connection. I have a plan of 200mbps but on 2.4G band, I only used to get about 20-30 at the most 50mbps. The 5GHz band worked flawlessly other than the obvious shorter range. This was really for WorkFromHome. So I disabled both the wireless bands on the ISP Modem+Router and attached my ASUS router as an access point as it was just lying around. The range and strength improved slightly but the same issues still prevailed. I used to get disconnected on devices and 2.4G band was still weird and sus.

Now I have an option of making selective LAN ports on the ISP device run in "bridge" mode rather than "route" mode. From what I know, I will have to put my ASUS router back into Router mode and connect the LAN to the WAN (rather than LAN to LAN) for this, and this may probably solve any issues arising from a double NAT situation.
Should I do anything else to improve my WiFi?

If all 2.4 devices are disconnecting that the same time then typically its due to interference. Simply a microwave running can knock it down. If there is a ton of congestion in your area with 2.4, the speeds are not out of the normal for expected speeds.

The microwave is far enough I guess. But I have a second Internet connection and router around 20-25 feet away from this one we are talking about.
And I get disconnected from both the bands

Does the SSID for both bands disappear during this time for all devices?

the SSID doesn’t necessarily disappear but I sometimes have to wait for a while to reconnect. It tries to connect but fails

what is the endianess of microsoft windows subsytem for linux (wsl)? is it dependant on the host machine?

Hey, lmk if this is a dumb question, I've got a wap that I really like (nighthawk r9000 X10) and I want to put it in an upstairs hall cabinet but there's no outlets nearby and it isn't Poe capable. I'm looking for a Poe to ac converter to power my router. The cat 6 ethernet cable to that closet would be about 60 feet.
I've never messed with Poe and just got started with making my own ethernet cables. I know there are Poe access points as well and would be open to that but I'd rather just have the one access point in this perfect location. Feel free to recommend what you think might work for me

I have an EAP225 for me AP

the only one in the house

you can go for the better models if you want

I may have to go for something like that. I'll take a second look and see if I can pigtail an outlet off of something in the attic since my search hasn't really come up with much in the way of plug/play solutions

@tame carbon Just got in a Mist AP43 for the homelab from work to test some things out. A $1600 AP means its better right?

anyone experienced with plex

more better

extremely more better

help

What do you need help with?

Thanks for the reply but managed to fix it now. 😊

Glad to hear that man,
I've made some wacky setups work using Plex and Kodi 😜

i have a NAS and i want to know how to install all types of programs to it as i con only install sertan programs

also unrelated i have server for data and because where it is i cant rig a monitor up so I normal remote access it but i now cant it turns on but i cant remote it

which one you confused with

so i have a NAS

the NAS dosent have one

the only way i can accsess it is throw the online panel

its a buffalo NAS

i can only install software that use an older installer

to the NAS

and you you have anythink for the other question

the remote accsess to the server

its only just stoped me doing it it always worked befor

problem i cant get the devices IP

i probs should just try use a montitor and not remote accsess its behind a tv and a big tv stand

not talking abt the NAS now

i went to the other queshtion this is a dell server i am talking about

well that will be fun i can read and write to it

but just cant accsess and i need to

so that will be a fun few hours

remotly

no

its on site but i cant accsess it as its behind a heavy cabbet

tv cabnet*

You can read and write to it but "can't access" to it?
So how you can read and write to it?

my nas and my server

but

in the network

the one there is my PC normay the server is here and i can right click and remote accsess

I sometimes use Hosts file for pointing my backup network drive the IP address

I never used wins

I finally finished configuring my truenas server and transferred it downstairs for plex and backups

Hey so, Can I install something like Jellyfin onto a regular Linux desktop and then just open up a port to it in the firewall to access it, right?

i am going to try use my swich box to kick it off the network and let it rejoin it

found fault i think

its painfull

Thanks

any one know what that means

@tame carbon

dose that mean that its came unpluged

crystal:

Someone in a another small tech server showed they got a new Ubiquitti switch

i was like ew why ubi, heard of mikrotik or similar

and they be like:

my whole network is ubiqutitu

so might as well be locked into their system

🤣

whenever i see ubiiquiti i cringeeee

why, because someone doesn't use YOUR platform of choice?

i dont have both of them.

i like my dlink shit

Prolly your NAS is old and the apps you are trying to install aren't supported.

hook up a monitor and check if RDP service is actually running. Try restarting it. Sometimes windows does weird kind of stuff.

ty

I stick to Pilot chat mostly and come below when I see a train wreck happening.

Heh true.

I get mad when I see mikrotik gui screenshots

lol

I can appreciate why that guy with other ubnt wants more ubnt. Especially if it's that cloud stuff

I get mad when I see Mikrotik CLI screenshots 😛

I don't think I've seen that yet

I’m starting to simplify my home network

Since I’m gonna move out of the house next year

So if everything is under one dashboard and set and forget 😍

sneak peak.

that's mikrotik shell?

yes

that looks interesting

it is

I may get a mikrotik...

so inflated here never mind my dir 853 prem router

Im trying to port foward but I cant figure it out

most yt vids I find dont explain clear enough

Might be a bit far fetched but can I set up a VPN connection to my home with a standard router from the ISP?

Like using a pc that is always on?

With your standard isp router, it prob won't have such a feature,however is you have a spare pc or something to run a wireguard or ovpn server on you could make that work just as well

That's what I do, I have a wireguard server in a vm

Pivpn makes wireguard setup really easy

Can it run on linux too?

@peak cloak

Anyone here familliar with Pterodactyl tool?

Yes ofc

I run the server on linux

It has like first class Linux support

trying to access the Minecraft server using docker's IP and home server's IP and neither of them works..

very good, is there some kinda guide somewhere ?

Pivpn website

or you can voice call me and run thru the steps or do it for me?

Not really sorry

dont have much knowledge about linux, i know just enough how to install redbot and how to update it, lol

but thanks

Any tips to protect ip from ddos/dos ? through domain in cloudflare or something

it does not protect it against DDoS attacks. Use a proxy such as sslh

huh?

Wut lol

yea I use sslh for forwarding an IP and port

Cloudflare boss http/https proxy for free

Ssh?

sslh

not ssh

What's that, never heard of it

Another service like ngrok?

it's basically a proxy

just forwards an IP trough a port

told that very wrong

Cloudflare does tcp proxy as well

But it's not free

Something free xd

yup

I got DDoSed trough a domain, not subdomain

that's why I don't trust CF for DDoS protection tho

Doesn't matter

You set something up wrong then

yeah probably did

Cf is like the most trusted service

agree

I just bought the cheapest VPS and put a proxy on it (sslh) and forwarded an IP

and most VPS providers has some sort of DDoS mitigation tho

if you can, use Cloudflare for it tho

maybe I really did set it up wrong

Doing more research

Sslh is just ssh

Kinda

What I would reccomend is instead setup a wireguard tunnel

Between the vps and home

DAEMON_OPTS="--user sslh --listen 0.0.0.0:25590 --anyprot home IP:25590 --pidfile /var/run/sslh/sslh.pid"

that's my forward basically

or one of them

Hello everyone. I need help with setting up arma 3 server from a dedicated server. If anyone knows how to do that. Please hit my dms. I am pretty far into the setup. Just need help with connecting to filezilla properly and setting up server launcher

are you connecting to server trough filezilla with sftp?

xfinity

I am connecting through ftp

Hypixel has introduced cludflare to their servers (recent DDOS attacks) and it always gives me an error when i go to their website. Could my VPN be interfering with that?

what error does it give

I hate CGNAT

I love CGnat

Yup. Got a Static IP because of it

How do I help someone check?

Yup. Another headache. My ISP has all IPv6 hardware in place but not software, so the next best thing was Static IP

Grabbed

That is the easiest for most

In CMD?

How do i check this?

Same here

Am paying for a WAN IP

so i run this in cmd?

wth is that. I dont know anything about that. I just need to now how to port foward

How do I change my router's hostname? It's this crazy thing

First check if u r eligible m8

and how do I do that?

run this in cmd, share screenshot

got it

Press windows key, type cmd, press enter, command prompt opens

type tracert 1.1.1.1 and press enter

yes ik how to do that

aight

And then Windows+Shift+S for screenshot

aight

Same problem from before

im going to act like ik what your talking about

thats not good

could it because im using wireless on my pc not ethernet?

Its my router and my pc if thats what you mean

I have multiple wifi extensions throughout my house

I saw something about that on yt when I first tried

could be something with that

exactly what I heard!

stop insulting mesh systems

they are prem

microwave'd crystal

😛

WHOA

WiGIG!

just run 400Gbps QSFP fiber shit to every wall

But what devices do you have that can use it?

400gbit??? :P

so im guessing I cant hostmy server? is there a way for my friend to connect without port fowarding??

over a longer area, covering a "park" or open area with wifi seems like the right thing to do

!

getting like physcial connections everywhere could be a bit hard

anyway you can help me figure that out?

wait does it cost money??

aight

gonna try

does my friend need it aswell?

aight