#networking

Im curious of my previous workplace still has that firmware

@hollow marlin ouch

that would be horrible though to do an upgrade and have that happen to the customer traffic

Yeah we lost trust when the change was no added to the release notes around a week later.

you mean they tried to keep the change a secret

that makes it even worse

It was a 1 hour window that spanned 6 hours and phone tag with support. Calix is not that much better but they would never (hopefully) pull such a move.

From then on out, and even at my current workplace, we still use the Adtran 900s for SIP/ISDN gateways. They're rock solid, pretty much immortal and one of the few that just work with fax, alarm systems, etc.

with calix can you do transparent L2 bridging with port/client isolation?

Yep, in E7 its setup as such by default

ahh ok

I'm trying to figure out how to do that with adtran

they have their DHCP relay and PPPoE intermediate agent but with the mikrotik client routers I like having the option to MAC telnet into them in case they are totally screwed up

my ISP uses adtran gpon for most customers but business gets active E >:( and I want active E

90% of the time spent on how to configure Adtran is actually finding the documentation needed lol

but I don't want is transparent bridging that allows a customer to plug in their router backwards and hand out IPs to other customers

yeah they have a huge documentation library

but I go through it and it is really hard to figure out what I needed to configure this thing

a lot of it was guesswork and trial and error

@peak cloak Had my first Fios issue, ONT spontaneously rebooted

Huh

Never had something like that happen

@hollow marlin so what does calix call client isolation or port isolation? or what is the normal name for it?

I guess with MEF it is called E-TREE but I'm not even sure if that is the correct term

since I suspect E-TREE might mean a different VLAN per customer

Port isolation is the well known. Calix calls it something else. Let me see

Calix calls it MAC forced forwarding

thanks!

I want to ask adtran about it because I really want a setup that is similar to what we can do with our ubiquiti radios and layer 2 switches

we already bought too many adtran TA5004 chassis units to think about switching now

but I'm going to keep my eyes open in the future

the only good news is that adtran is supposed to be really good at cross compatibility for ONT and OLT units so that if we did want to switch we could without having to swap out all of the ONTs at the same time

@tender hazel Under your EVC maps in your version, is block uni ingress-only an option?

I'm checking

no, but "block" could be an item under one of the submenus of the EVC maps

I'm not even sure if this is an issue yet, as I haven't tried connecting a second subscriber

we only have the one test ONT at the moment

it could be that this is already blocked and my concerns are not an issue, but I am being careful

I know with our version it was not blocked by default but I do not think it was even enabled. I prefer it enabled, less headaches caused by customers

at one point we aquired another WISP

one of the first comments we got was "wow, now we don't have to reboot our router 6-12 times to get our internet working again"

because they had a bunch of customers with backwards connected routers

they didn't know what was wrong so they just told their customers to reboot until the internet started working

oh god....

their customers would get IPs from these rogue DHCP servers a bunch of times in a row and then finally get an IP from their DHCP server

If port isolation is not enabled, DHCP snooping/ARP inspection is a must

yup

Took a trip down memory lane and looked in some docs. Other than that EVC map command, I would just open a ticket with them as nothing is coming up in docs :/

thanks @hollow marlin

I appreciate it

I'm sure I'll figure something out

I just have to get an adtran optic to experiment

damn that's expensive tho

its 80 bucks for 2 gbps here..

Compared to competition not really

a gigabit here is like 40 € a month which includes the modem

I wonder what AT&T will price their 2Gb plan at

Well “gigabit” here is apparently only 600-700mbps down

Idk

Yeah, their ONT is included

Router at extra fee

KUB is probably gonna use Calix or adtran, although at their scale I’d lean towards Calix

I'm fine with that because the ONT is required in most cases so if that's free and the router is extra that's cool

They’re not gonna enforce their router too

Nice!

does windows actually support SCTP or not? Internet says no, ws2def.h from winsock 2 has a ipproto for it

Can't find a security chat but here is PSA for any admins out there: https://blog.truesec.com/2021/06/30/fix-for-printnightmare-cve-2021-1675-exploit-to-keep-your-print-servers-running-while-a-patch-is-not-available/

heck yeah now I have a fully working HTTP/HTTPS server just in case I need to transfer HyperText some day

Is this the right place to ask for help when some websites won't load but others do?

Try changing your DNS to 8.8.8.8 or 1.1.1.1

yes, and as the reply before this says, try assigning 1.1.1.1 and/or 8.8.8.8 as your DNS servers

anyone versed in mail services?

I was looking to get out from under the EIG umbrella for my company as we were having issues sending mail to a customer, and when I looked into it so many hosts are owned by them it's crazy, and as it turn out, the one we were having issues sending mail to. go figure

I just need some suggestions really or if someone has a good host that has been good for them

@coral stump What do you need in a mailing service?

@hot patrol You can also block RPC calls to the spooler service with windows firewall through GPO. A much less restrictive stop-gap measure.

Thanks for the info, but I tried this and got a lot of very weird/unwanted behavior

Like what?

We have a lot of specialized software that utilizes this function(My Coworker and I wasn't aware at the moment), but it caused a lot of our production stuff to crash and spit error code 13

I think your fix will work for most, but ours is probably a bit unique

Ewwww, gross. Yeah, I tested it in my lab before I started recommending it, but as always I can only test so many scenarios.

Yep we tested it on our test server and enviroment and saw no issues. When we pushed we got 130+ tickets lol

Mainly I'm trying to get ahead of when it gets turned into a metasploit module or the like, and skiddies start throwing it around like hot cakes.

Been trying to emulate an all-in-one executable/malicious doc, but I can't get it to fire off quite right. It's getting me enough data for IOC development though.

@hot patrol I don't know what kind of network monitoring you have, but my solution there is a snort/suricata rule that specifically watches for "PrinterDriverAddEx"

Obviously will get some false positives, but shouldn't be too many people adding printer drivers to wash out the bad

Honestly not 100% either. We have an in house security team that manages most of it.

Might be worth bringing up. That and the RPC call firewall rule have been my recommendation to my customers

(Although like you said, obviously the rule won't work, lol)

I'll definitely take note of that when we have our next meeting with them in the future. But I work for pretty big employer and we have dozens of OU's in just our tree so idk if they'll even listen.

Makes me glad to be on the consulting/research side 😉

Yeah, I can envy that freedom sometimes, but jobs stable and my boss is really good so not much to complain about outside my end user support wanting me to automate everything lol

"Why can't you automate it?"

"Because I like things that work"

lol story of my life most of the time. It feels like every time we automate something a windows update comes out that we have push through SCCM and it breaks most of what I fixed in the last update. Thankfully the autmation done for imaging/BIOS configs has been stable "Knocks on wood"

Wait, automating infrastructure? Cuz that goes great for everyone that's not google or amazon.

Yeah, pretty proud of it well. My group built it in house, but thankfully we now mostly run Dell's so that made my job a lot easier as I had worked for them prior as an EE

I'm a little shy to it personally. Most I went that direction was building some golden images, and setting up PXE to load GRUB that bootstrapped to net booting whatever OS I want

Just for my lab, though

I was too when I started as it was something I had not done much with. I ended going windows PE for ours. I wanted to use GRUB, but we have a support contract with MS so meh.

Mine is a Windows deployment server. That serves grub 😉

Its Maaaaaaaaagiiiiiic!

Then if I'm installing a windows host, then it pulls windows PE

Actually, I take it back. Not magic. Black magic.

I used to use Zenworks Configuration Management for that sort of stuff

back when I was a sysadmin and had to do desktop management

it is still a good product for that I think

has some big advantages over SCCM

even over a decade ago, one of the big advantages was it ran entirely over https/443

so you could push everything down remotely for roaming users

I do iPXE but with MDT images

So kinda the reverse.

And my windows bootloader is primaried but with chain loading to load grub entries lol

ZCM is really powerful.. automating the entire setup of a system by having a base image with the OS only and then automatically pushing down applications after the OS imaging is complete

I use powershell desired State config for that.

Utilizes the Windows Management Interface and PowerShell Scripts to basically define an entire top to bottom machine configuration programmatically.

I played with ZCM before and it could basically be said to be CLI ZCM in a sense

Windows MDT achives the same in a way with Thin Client deployment

However the most powerful tool I've ever seen for configuration deployment is Digital Rebar

It can configure things like UPSs and Printers to IPMI, BIOS Settings, PDUs and Network Configurations

interesting

When it comes to Linux I do my best to make sure I serve the operating system over a network storage. Utilizing immutable configs, things like Linux Kit, it's pretty easy to establish that top the bottom full configuration automation.

In reality only Windows is the one that needs that level of care

In the past few weeks where I've been spending too much time reading these damn documents from Microsoft,

There's a couple fun extremely useful tools that have popped up in terms of features.

The windows reset or what they call push button reset can actually be configured with your own scripts, apps, drivers, etc. So you can add additional things to the final product of a reset

Then there's the WinRE...
You can add custom tools to that menu and even customizations to the recovery process.

If you pack these changes into your OS image, you have a pretty damn manageable system even for the clumsy user.

The final offering that is popped up in recent coming from Microsoft is endpoint manager. This would basically be ZCM on Windows Variant of Steroids.

the tool that I used with ZCM was ENGL Imaging Toolkit: https://www.engl.co.uk/products/imagingtoolkit

It also has a software Center which appears to the user where they can pick things to install out of the repository or whatever. It supports utilizing Windows MDT and powershell desired State config at the same time.

You can easily have the difference of a 3GB Compressed OS install to a full blown Certificate Auth go with the click of a button

It's slowly becoming an endless list of options at this point

I mean it is a for-cost thing sure, but it can be nice to have a point and click interface for doing such things

the biggest problem I always had with automation is that it always fell on me to automate everything

everybody else was too afraid to

The best thing is how it can choose the drivers it once based on hardware configuration

and how does that adobe reader install tie in with updates for the adobe reader later on?

like do you have to maintain that install separately from the updates?

or is it all one thing where if there is a new adobe reader the install and update process will be integrated so you just update one thing?

You're basically delivering MSI packages and msix packages. So yes you would have to maintain the software yourself. The reality is only really useful for internal applications. I've been using winget for everything else which you can have granular control over.

MDT images have something fun where you can actually give sort of a checkbox list of apps to preinstall

However you can also create your own pages to show up during the install process with your own logic. So winget is easier used there and you have the option of even maintaining your own repo which mirrors.

so if something isn't an MSI?

EXE files are compatible if you use the windows MDT images however I just prefer to package it up in a MSIX with the Microsoft conviently supplied tool just for that.

You can even capture post configuration registry keys to deploy

So user settings that are stored in the registry hive for specific applications can essentially be cloned

https://docs.microsoft.com/en-us/windows/deployment/deploy-windows-mdt/get-started-with-the-microsoft-deployment-toolkit honestly even if you never use it, it's actually a worthy read

It shines the light on some interesting features that can be utilized elsewhere

it looks interesting

not quite as "nice" of a solution as ZCM in many ways, but doesn't require installation of a separate agent

and doesn't require a separate license

hello there, can someone help me foward ports on my network?

can anyone help my weak ass accessing my workstation by remote access using ipmi interface? i need access to that gigabyte console so i can ramp up the fans and do some updates. mobo: WRX80-SU8-IPMI

@clear igloo lolololol cisco accidentally sent me an internal script and asked me to delete it

@waxen scroll

Hey
How to prioritize device from a WiFi router, i tried configuring Qos settings, it's complicated, can anyone help

Hey Team, Im running wifi 6 amplifi router and a netgear modem,
Never had a problem before, some web pages have become super laggy...
Like Keystroke laggy where it takes a little time for a keystroke to popup on a linkdin message.
I didnet have this problem before i upgraded my RAM and installed a new OS
Anyone able to help to reduce this lag?

i want a fiber modem/router under 100$

wut should i get

hi, i want to create a seq cams setup at my home and i dont know what to pick. i need that to bee suported with open source recording projects

@hollow marlin company finally decided official policy is only 2 days max at home past September

the engineer management decided nah, work at home works so everyone gets approval form for full remote

https://www.ftc.gov/news-events/press-releases/2021/07/ftc-charges-broadcom-illegal-monopolization-orders-semiconductor

Broadcom is also one of the few significant suppliers of five related types of chips. These chips include the core circuitry for streaming set top boxes and cable broadband devices, along with Wi-Fi chips and “front-end” chips for both set top boxes and broadband devices. Front-end chips convert incoming analog signals to digital signals.

anyone knows a way to make my PC wake on LAN automatically when there is power through the LAN not just me being able to turn it on remotely while its connected?
i have enabled wake on LAN both on windows and in bios but when my PC is off and i make sure my LAN has power it doesn't start automatically

wdym by "power through the LAN"

ethernet doesn't transmit power

well there is poe, but not to your desktop

Poe

But that’s more for other things not necessarily pc motherboards

i mean with power that it has connection and should in theory wake the pc when it have connection

yeah ik

so basically you want your pc to turn on when there is a link established

that's not how WOL works

You can get like one of those pc phone starters and try to hook it to a program

WOL works by waiting for something called a magic packet

so you need some sort of device on your lan to send this magic packet to turn on your computer

i want my it to be able to wake up the pc automatically without me having to send a message to wake it up

like for instance if my power goes off and my pc turns off it can be able to automatically power on when it has power

that can be done in bios

on some mbs there is a setting called "after power off" or something like that

which setting would that be

and there is the option to stay off

or turn back on

ill look into this

Openwrt vs pfsense for 1000mbps internet pppoe

neither tbh

What do you recommend

opnsense I've seen other's reccomend

or just get a dedicated router

lower power usage

more efficent

and guaranteed speed

Openwrt can max out the 1000Mbps fibre over PPPoE whereas pfsense and opnsense max out around 700

nope

depends on hardware

openwrt may be more optimized but I have no clue

never used it, it has no real advanced features

Pfsense can only utilise single-core performance

doubt that's true

@rocky badge don't you use pfsense

no

i shamed him for it too much

#UBNTMafia

lol

I mean, it was just a waste

what do use now?

UDMP

ah

Like I said. I can see it on my power bill if I decide to use my server for a month. I dont like the idea of running my router on non-specialized hardware that cant perform as well as something low powered

lol

Plus, now my network is 100% untethered from my servers

I can take everything down except actual networking and my parents wouldn't notice

I wouldn't either tbh, except we Home Assistant

so do I but its an HA Blue

I've been thinking about it but lol

We regularly use more upload than download lol @waxen scroll https://i.ryois.me/IAeZjt8BDR.png

oh man i just installed a DNS sinkhole and HOLY CRAP i can't believe i haven't done this before

really dumb question but can someone explain DNS rebind to me? i THINK i understand it but i'm not quite sure why it would work (like wouldn't normal safety measures prevent it?)

Hi I have been using a turtle speed 6Mbps for many years, n have decide to get a 4G router + SIM card. I have 2 sims options
A. 42Mbps download 5Mbps upload
b. 21Mbps download and upload
Which is better?

Can someone recommend a good stable (no disconnection/restart) 4G Lte router, please?
thank youuuu

Cost bracket? Intended use?

Cisco asr1000 series isn't bad

Ty for ur reply ! Jus home use, casual gaming, netflix, YouTube, Spotify twitch. 😋

all ik of lte routers are some mikrotik ones

theres this

https://mikrotik.com/product/hap_ac3_lte6_kit

the webui is kinda advanced

and complicated for a newbie

but the phone app is easy to use

I myself never used the app on a mtik product

I think the RT-AX68U can use lte..

I was GOING to recommend the Nokia SAR HM series

Just use a cradle point actually

I'd just get a cradlepoint lol

but CPs are $$$

see if your cellular provider recommends/provides any

Region would also be nice to know, bands vary on area

NA, Europe, Asia, etc

Worth every penny

should i use cat 7 ethernet cable to connect my huawei (modem) to tplink (wifi router) which is 50 meters away ?

Let's say I have 5G netstick and USB to rj45 adapter can I connect it to my mtik and use it as backup connection?

You may. Set the connecting port as DHCP WAN.

I have a proxmox server with a trunas vm, whats the process for upgrading hardware? Specifically a cpu upgrade. Can i just toss the new one in? Same mobo and ram. Just 8c/16t cpu instead of 4/8 so i can have more vms active

Hey.
I got a question.

Normally I have a 1GBit lan connection. But since yesterday my Fritzbox and my PC is telling me that my network card only supports 100mbit. Even tho I didn't change anything ..
That is kinda unfortunate because I got 200/100mbit.

Probably either end connectors got faulty. Try changing them.

Oh okay

never heard of them

interesting stuff

how can i fix that Unable to init server: Could not connect: Connection refused (x11)

They are basically used in every Police Car and Ambulance and Corp car

They are the standard in the automotive industry for LTE Gateways

🙂

not possible with mikrotik but you can do this with openwrt

Just helped someone with this today

Nevermind, It may work. You will just have to try it out https://forum.mikrotik.com/viewtopic.php?t=65807

don't doesn't mtik have a usb

or not on yours

I have hex s he have USB

I want to use it with rj45 because mtik doesn't support 5G he supports only LTE.

ah

does anyone know what to do about "p11-kit no configured writable locations found" when configuring prosody

anyone here know anything about getting Jitsi to work?

Your setting up your own server?

yea

Where are you having issues?

if auth. isn't external then why does it not see it? why does there need to even BE an auth. why can't it just use unix sockets like a normal program?

Does use site have https?

yea,

check it out https://meet.tj-h.com

I cant even load your start page.

What i know is that i installed the apt package on ubuntu used caddy with a little custom config and it worked. Im not so good on how the program actually works.

Hope you find a sollution

You have some warnings on sslabs but mayby you were the one doing the test: https://www.ssllabs.com/ssltest/analyze.html?d=meet.tj-h.com&s=192.184.82.155

oh about tls1.1 yea i left that on there in case that was the issue

Ohh okay

What does this mean? "This server does not support Forward Secrecy with the reference browsers. Grade capped to B"

If its any help this is what i needed to do with my reverse proxy:

}
enzomeet.duckdns.org {
reverse_proxy localhost:444 {
transport http {
tls
tls_insecure_skip_verify
}
}

The tls needed to be made on the jitsi server with the 80 port through the ssl .sh script

Then i used reverse proxy without it doing the tls.

So jitsi doing tls and reverse proxy just proxying

can anyone help please

Jicofo 2021-07-04 14:44:39.443 SEVERE: [34] org.jitsi.meet.ComponentMain.log() not-authorized, host:home.tj-h.com, port:5347
org.xmpp.component.ComponentException: not-authorized

I'm trying to wrap my mind around a problem I had at a buddy's place. Suddenly his entire network went down, no device on the network could connect to the main router (ping fails, accessing webui fails), unless it was directly attached (either via direct ethernet to the router or turning the radio back on and connecting to the router).

So his network is laid out modem -> main router -> 24-port unmanaged switch -> ethernet runs throughout the house including Orbi mesh running in AP mode and ethernet backhaul.

We narrowed down the issue to the main Orbi mesh unit having 2 ethernet cables attached to a switch (accidental plugin by family or something) that then runs a single ethernet cable running down to the 24-port switch. Removed one of the duplicate cables, and the network came back alive.

However, I would've thought that if there's 2 ethernet cables between the Orbi and the switch it was attached to, it would just ignore one of the runs. Why would that have taken down the entire network?

quick check says orbi doesnt support loop protection

so no two wires

yep loop

isn't spanning tree supposed to prevent that

not if they didnt implement it to begin with

spanning tree isnt usually on consumer stuff

yeah ofc

isn't orbi prosumer tho?

would expect it kinda to have it

no, its not

huh, yeah I checked and it's by netgear

never knew that

for $700 it really should be prosumer

thats really $$$

@slender crag the 24 port unmanaged switch would not support spanning tree

it's actually not uncommon for APs to not support spanning tree

the meraki mesh APs do not, for instance

Meraki doesn't bother to build in support for STP into the APs themselves because they assume the switch will have it.. but unmanaged switches do not

never 100% understood spanning tree, so only one device on a link needs to support it?

not exactly.. but if you have an AP with two ports plugged into a switch on both ports, the switch is going to detect the loop and block one of the two ports, regardless of whether the AP supports STP or not

if the AP supported spanning tree it could detect the loop and block the port itself, but either way the port ends up blocked

ah

having STP on both sides means a port is gracefully and temporarily disabled

if you dont, its hard disabled

got it, thanks

Questions anyone got tips for a photo software to run on a sever for home photo storage that have webs view support and multiple accounts

You could try owncloud

Looking for someone with opnsense and unifi AP

Trying to get some things set up properly

https://github.com/gregordr/ImageStore what about this

Never used it give it a shot

if anyone could give me a hand with some questions about backups/clusters with proxmox could you send me a friend request? i need some help but not exactly sure what to google with what im having problems with

honestly after the likes of googledrive+google photos NOTHING comes close 😦

ugg becaser some of us perfer self hosted

yea, which is sad. me too. if you find smthg decent let me know

i tried own/next cloud and the iOS app was very lacking

and i can't really convert my family if it's not nice and awesome

anyone around to help me with opnsense?
I have two switches on their own interfaces but want them to both be on the same dhcp scope
is that possible?

create a bridge and add the interfaces to the bridge.

so lan 1 lan 2 lan 3 all bridged together

or lan opt1 opt2 - how ever its displayed in opensense

@lean pebble btw there is actually a better way of doing policy routing in routeros that I was not familiar with before, it is probably closer to how fortigate does it

it might work better for your situation than having the mangle rule

is this normal for 4g?

Any CNAs here tonight?

certified novell administrators?

now dont date yourself lol

Cisco network folks

ahh

I think you mean CCNAs

Yep thats the term 😄

you should probably just ask your question

I've met lots of people who are ostensibly CCNAs who cannot tell me what a VLAN is

oh good lawd ;D

I have a Cat 3560, its been reset (removed config.text and VLAN.text) and has had the initial configuration performed over serial. All passwords have been set, but im not able to get a web interface for the switch and i was hoping someone could point me in a directon to check

Does it even have a web interface?

It has before, but i had lost the password (or so i think) since it was a lab system and i havent used it in months

Never mind it does

But its gotten before to ask for a user and password. and dispite putting in the defaults that i thought it had as well as the ones i generated in setup it wont accept it

Idk much about Cisco stuff

i was about ready to throw it to john before i said let me have one more shot

you mean juan?

I've managed the 3560s before but never the web interface

the cisco web UI was always basically useless, I thought

john the ripper

But i figured it out actualy. Im starting to get the hang of this through serial

I had gotten the system setup, but never assigned it to have a static IP address.

So i had to set the IP, and then set the gateway to forward through.

And now if i access it through the set ip, it comes up with the password prompt as normal and accepts the one i set for it

But i expected the system to be smart enough as the first time, when i could just do a factory reset and have it pull an ip from DHCP.. its being odd but working finaly

Definently not pretty

Mine is worse

I couldnt imagine that! lol

fyi

if that's anything like my 2960's

its 100% useless

just learn cli & setup ssh

just get a mikrotik switch, much better interface, and cheap

Mikrotik is definently on my agenda! and then get rid of the router wireless crap as well

tbh I've gotten really fast at cisco cli lol

Mikrotik with another compute module for IPS IDS and then some WiFi 6 APs

adding VLANs & updating port configs is super ez

@rocky badge it seems simple enough, i just have to figure out and remember the commands 🙂 i got del down though lol

I mean, most cli's are pretty similar

switchport trunk allowed vlan add x

cisco CLI is fine, but 3560 switches are expensive, you pay a lot more for the Cisco brand name

Idk about Cisco iOS, but on anything vyetta based like vyos, or junos you can press ? to see possible things you can type in

we've been replacing old cisco switches at health centres with mikrotiks because we can use romon to get into them

we find often at these places when their internet goes down, somebody in an effort to try to get the internet up will go to the networking closet and unplug everything and plug everything back into random places

Makes it super ez and no need to reference back to the docs just for syntax

i mean

cisco has that lol

? to show what you can type, [tab] to fill

that's pretty common for most clis

And thats why i get mine second hand 🙂 guy sold me two 3560s, two Buffalo Terra stations, and a Dell R310 for 150

Yeah, so that's the same system. I would assume it would be kinda common

Rx10s are kinda old these days

May not be worth it to run

They are and the bastards that had it jacked it up with the raid card, the only OS that will load on it is an old windows server 2012, or VMWare. But its the power consumption im worried about. Would be good as a lab system

Ive been dieing to find a way to load linux on it, just none of the distros have any drivers for this raid

rx20 or older or hpe gen 8

I just have 2 office computers as servers. I don't need much

One is shut down right now

supermicro x9, x10, x11

But I'm trying to get a bunch of stuff automated now, such as making all the web interfaces trusted https through ssl certs

i personally have a r620 and a hpe dl360p g8

@peak cloak same 🙂 i got a RPI cluster for stuff around the house. Home Assistant, NAS, Three Kodi Boxes, and a "fun" box

@rocky badge Do you keep them running 24/7?

basically most people look for v2 Xeon support or higher and HTML5 KVM

Yes, 24/7, my lab is on 24/7

constant 350W load from lab

my power bill is 200 a month, i couldnt imagine what that would drive it up to

Yeah remote ip kvm management is something I would love to have

No need for monitor

we pay 9c/kWh

our bill is more expensive anyways since we have a tesla and charge at home

but since sept 12 2020, its cost $76.66704 to run the r620

We got a floating rate, in the low period (now through 0500) we pay 7c, in mid it goes to 10, high is 14, and then in extreem they get to charge a whopping 22...

ya see that aint bad...

https://i.ryois.me/cu6zW40u50.png

comes out to about 7.6$ a month

I love that dashboard!

An electric range/stove/dryer/hot water heater will cost more to operate than a server

This is true

Your making a case for me to put that server into operation, my wife wont like you lol

HPE ilo lol

Both have their pros and cons

My servers are downstairs so my parents don’t hear them lol

Throw a SFP+ card on it, hook it to the switch with a direct cable, get four 4TB HDDs, and a GPU for plex and i got a home media server 🙂

:P

Oh yeah i aint that lucky. i got a server closet... an actual closet... thats right in the middle of the house.

I’ve got a solarflare sf 2 port SFP+

So the real question is... do you actualy saturate the card?

Some spare shit lol

Not really lol

Fiber, a dac, a couple of cards, and a Cisco console rj45 cable lol

Some how I convinced my parents I need all of this lol, and to get me to retrofit Ethernet in the house

How did i see that coming lol! We got a 1GB internet backhaul, This switch is temporary but since it provides POE it gets to replace the prior setup with an offbrand POE switch that was starting to fail. My end game is to get an aggregated link from the modem to router (My modem has four ports that can ALL aggregate together) and from router to switch go 10G Fiber to the eventual new switch which will provide 1G fiber to each room.

Main PoE switch I want to upgrade

Most runs in the house come back to this

And the best part yet, is in 10-15 years when we sell this place i can bump the price up 100$ because, "All rooms are wired with Fiber intenet"

Is that UI?

I can almost do fiber to the computer lol

Yes

The only copper I can’t replace is Cat6 coming from the ONT outside into my stuff

Optical network Terminal im assuming your saying?

Yes

So get the ISP to give you a GPON plug and put it direct to your router

They don’t bring fiber into the house for residential

Oh, so you got fttn.. not ftth that sucks

No, I have ftth

if only if only lol

The ONT is outside on our wall

Adtran total access 452

Well it’s technically not under the total access lineup but that’s their OLTs iirc

what im saying is, you could get some OM3 MM and splice it into your house and get one of these https://www.amazon.com/Ubiquiti-Networks-UFIBER-GPON-OLT/dp/B078XR965G/ref=sr_1_4?dchild=1&keywords=GPON+SFP&qid=1625458047&sr=8-4

Im not sure if they are running single node or multinode though

That wouldn’t be compatible with my ISP

And it’s single mode, you don’t really see multi mode for this kind of stuff

If I was a business customer I would be getting Active Ethernet straight into my router, not GPON

Active Ethenet...

Gpon is complicated

You can't just get an sfp module and expect it to work

Plus, all of their automation and customer management is based upon Adtran ONTs

It’s not like DOCSIS

I was looking at starting a FISP in my area and thats what i researched to do it with. Theres another module you have to have to convert. CPE and it would convert over to a 10G cat 6

Where the isp can control and monitor third party modems

Gawd i cant belive i deleted that stuff from my cart

As an isp it's easier to do gpon

I wish the ONT could be powered over PoE

https://www.amazon.com/Ubiquiti-Networks-Low-Cost-Optical-UF-Loco/dp/B07D7VRWXL/ref=sr_1_3?crid=1TTBIOHA9OUKP&dchild=1&keywords=ufiber+loco+gpon+cpe&qid=1625458334&sprefix=GPON+CPE%2Caps%2C209&sr=8-3

I knew it was UI

Ufiber I guess works for small thing

That would require your ISP to be using UFiber

Small depolyments

My ISP did UFiber for early PoC and customers but eventually moved to Adtran

Surprised they didn’t go with Calix

I have no clue what Verizon uses

Alcatel lucent

Same as AT&T

But this is stuff i was looking at. we had priced out doing the entire area, between the pole useage rights, the bulk 12 core distribution cable, the termination kits, etc.. we were looking at 250K for about 5 sq miles

But the ROI was high. at a 35% take rate

lol

We dont have fiber internet where we are at all

My municipal ISP is on track to reach 15k homes with coverage

Uniti is the backbone for the area and they wanted 1800 a month

for 100mb

1G as around 3k

My ISP maintains their own fiber backbone

What about peering costs, employee costs, arin fees, equipment?

It was all factored in, including insurance, vehicles, etc

They just peer with L3, cogent, etc

Yeah but its the only fiber in the whole area 😄

Running costs were like 15-25k a month with one fiber hut

Oh I couldn’t imagine my isp’s fiber cost

Last mile distribution is the $$$, in every industry pretty much

$67 million projected distribution cost

34 thousand miles

$72 million capital funding

we had what about 1500-2000 customers eligible to be serviced. so it was around 142,500 - 190,000 in revenue per customer

Easily covered the costs of everything and provided expansion

The entire city is only 11k people

i still dont know why i backed out of this

3,500 current customers

Service available at over 15,000 meter locations

The project is 35% complete

They must be rolling in the government grants!

SpaceX took every grant they could in areas that had little to no internet service

yup

its also the utility coop doing it

So its member owned and not for profit

They also hope to provide Internet services to 2 school districts by Sept of this year

Which would be really cool, and probably cheaper than ENA right now

I could only imagine. those are some easy contracts, and if you can throw in IT support as well.. Could easily bring on a team dedicated

5Gbps WAN, burst to 6Gbps at high school
1.5Gbps, burst to 2Gbps Central Office <-> High School
1Gbps, Alternative School <-> High School
5Gbps between 12 Schools <-> High School
7.5Gbps, burst to 10Gbps ??? <-> High School

This is $529,800.00 lol

With a /24 of IP addresses

Does anyone know any good alternative to buy server hardware in Europe besides Bargain Hardware?
Since I live in Portugal it gets quite pricey the shipment fees...
And the portuguese eBay version (OLX) kinda sucks 'cause there's not really good deals and most of the deals are really old hardware and not suitable for todays standards.

That's absurd

I know, I was like 75 meters from the antenna.

so im troubleshooting bittorrent not being able to download anything from any source and have come to the conclusion my isp appears to be trying to block tracker ports. after that i also found that port forwarding appears to work extremely weirdly. ports will appear as "closed" until theres some activity on them at which point they will open. like 25565 shows as closed by https://portchecker.co/ but as soon as i launch my minecraft server it reports it being open. is this normal behaivour?

randomizing the listening port and restarting qbittorrent fixed it

Is this business networking or like Ethernet stuff

Sysadmin, networking (entreprise, homelab), virtualization, Linux,

All types of disccusion happen here

So I have a rig that downloads files all day, what’s the best hardware to make it faster other than the router

I’m thinking a Intel Ethernet card, is that a good idea

I'd say what matters on downloading files, probably the I/O or the "SSD/HDD" part of it. I mean, it would only be the CPU/RAM if you download at crazy speeds (10Gbit or more)

It’s a Mining rig and I have track the bottle neck to the data flow

I like the thought in this, but I’m just not asking the right question

What’s the best PCI card for Ethernet bandwidth?

Depends, you have ratings, one can do 1Gbit, others can do 10Gbit, (CAT6 Network cards)

Maybe wait untill someone can guide ya better

Who might that be

??

Can you check what's being bottle necked?

pretty much. how do you know its even bottlenecked as it is

I know its pretty basic, but does anyone know of a good routing tutorial/blog post without NAT? Any firewall.

I am trying to create a public/private AWS-like VPC in my homelab vSphere environment. Private is pretty easy. Its just a network using NAT with no 0.0.0.0/0 route. I am struggling with the public subnet

What data rate?

I doubt you would hit the max data throughput

You have a public ip block?

Or trying to create psudeo public

its just in my home network. I am creating it as if my home network is public

Ah, makes sense

What do you do in your network that makes you think you would hit the limit?

Werent you the one I was trying to help to get rid of nat in your lab

Find me a client that can hit over gigabit on wireless and we'll talk about "data rates"

yes, but i ended up having nat

Yeah, you shouldn't need nat

no nat just wouldnt work

Idk, maybe you could try again, in the private router, get rid of nat rules, and make sure the ip block assigned is seperate from home

An alternative to ubiquity is mikrotik, but its just a tad more complicated.

Also

What "data rates" are you talking about

1gig?

Over wifi?

That's a lie, that 2900Mbps is nothing but marketing bullcrap

Yeah

That's just total aggregated bandwidth on wifi

Not routing performance or anything

They combine every frequency and it's theoretical max and slap it on the box for big numbers

Also you would be limited by the routing anyway

Many router's have a 2.5g port, but can only route like 1.7 or something

Well routing is usually just NAT but the switching chip can handle that locally

BUT the big thing is number of devices on the wireless network. You have 30+ devices on most consumer routers and it will crap itself compared to a dedicated access point. If your use case is 5-6 wireless devices then you're not going to generally have issues with that

combine that with a noisy location such as an apartment complex and you're going to have a really bad time on 2.4GHz networks especially

@cedar igloo maybe later we can go for another try on getting rid of nat, right now Im not at my pc

its 11pm here, so im going to have a quick look now but try more tomorrow

Alright

Why

A dedicated router is better imo

The nice thing about dedicated access points + a controller of some kind is seamless roaming AND the ability to balance clients across multiple APs for better overall performance and throughput so they aren't clogging a single link

What I mean by dedicated, is dedicated hardware

Pfsense is kinda eh, tbh

What I'm saying is that pfsense isn't that optimized

incredible longshot: i remember linus mentioning a linux utility he was using to do timed incremental backups to an off-site location for one of his servers? can anyone remember what it was?

was rsnapshot 👍

I use pfSense but don't like it. The 2.5 update bricked my 1U box. I'd swap over to a used Checkpoint or something else but I can't find enough info on how they work in a second hand market.

Much prefer WatchGuard.

What's that

Never heard of it

Ah it's some threat thing

Not really router

@peak cloak VyOS had an update on 6/29 that supposedly fixes BGP LL peering https://phabricator.vyos.net/T3657

ohh thanks for the heads up, I'll try it out

ohhh, that's why wireguard wasn't working before and I all sorts of weird issues

after updating last time, for some reason I no longer have the dhcp client next-hop which is supposed to be automatically added

weird

static route for now

My raspberry pi 0 and its power adapter will arrive in 3 day so I can do pi hole!

I'm not sure if my usb micro b to rj45 will work tho.

Sad if it doesnt

Wouldn't reccomend using zero as a server

It will be fine for pi hole

As long a you just use command line interface and no gui

Works for me

I was planning on doing what Linus did because a) ik it works and b) I'm lazy to find another good tutorial

Oh and 3 because ik it will work

Can anyone recommend an cheap 2.5gib switch that's actually in stock?

Does anyone here uses PRTG?

howdy, anyone know an asus router that provides wifi 6 connectivity with gigabit ethernet and most importantly supports openVPN and allows more than 5 openVPN profiles?

https://www.bhphotovideo.com/c/product/1585104-REG/qnap_qsw_1105_5t_us_qsw_1105_5t_5_port_2_5gbps.html?ap=y&smp=y

What is your budget?

Something from Mikrotik?

I used it a bit, but switched over to Zabbix

@peak cloak WatchGuard is a Enterprise firewall solution.

Yeah, that what I assumed based on my 2 second google

yesterday a dude came to fix some issues with my router and he ended up replacing it, he also asked me "did you unlock it for more speed", what the hell did he mean by that? is that even possible?

router itself, no lol

ISP service speed upgrade?

he just casually walked in my room with crocs and asked if the router is unlocked for more speed

and it was just a checkup since there were connection problems

upgraded would make sense, unlocked makes zero sense

upgraded as?

like if the router was old and only lets say had 10/100 ethernet

not gigabit

nah like the router itself was pretty new, I would say nothing more than 10 months, I had advertised speed with solid connection, until it stopped working

its just bugging me what he said

you know like you root your phone for more stuff, I thought he meant something like that but just with the router

nah lol, I have no clue what we would be talking about

I mean you can do something similar to home routers,

He means flashing custom firmware, probably the closest thing

Ok, I have this weird issues with vyos I never had before. I am trying to ping an internal ip of dn42 172.20.0.53. However when I traceroute it, it shows the following (and later times out): traceroute to 172.20.0.53 (172.20.0.53), 30 hops max, 60 byte packets 1 10.10.30.1 (10.10.30.1) 0.380 ms 0.416 ms 0.252 ms
10.10.30.1 is my main home router, it should never be going there, just directly to the tunnel I have configured (wg92). When I do show ip route 172.20.0.53 I get Routing entry for 172.20.0.53/32 Known via "bgp", distance 20, metric 0 Last update 00:44:46 ago 172.20.16.139 inactive, weight 1
172.20.16.139 being the one bgp peer I have, which I can ping, and I have a static interface route for it: ```Routing entry for 172.20.16.139/32
Known via "static", distance 1, metric 0, best
Last update 00:51:23 ago

• directly connected, wg92, weight 1
  ```. This is all after I had to add a static route for 0.0.0.0/0 because vyos for some reason didn't add one automatically after reboot from getting an ip from dhcp.

This server looks dead without crystal here 😂

He really should've not get banned

Stupid moderator team, "lemme ban someone because I feel like it" kek.

sssh they don't like criticism

Lol

Someone have used ovirt?

nope

You mean wireguard as wg92 right ?

That sounds strange that it suddenly going to your main router internal IP as hop instead to your vpn

well 10.10.30.1 is my home router

not vyos

Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth0             10.10.30.55/24                    u/u  Outside
eth1             -                                 A/D  
lo               127.0.0.1/8                       u/u  
                 ::1/128                                
wg92             172.23.84.34/32                   u/u  First Peer Example```

Vyos is your home lab?

my dn42 router, so yes kinda

I'm little confused

Never used wg but it should work like all the other VPNs

ok so basically I'm trying to learn bgp all that fun stuff, so there is this network that emulates the internet. In order to peer you use vpns to each others nodes

oh wireguard is working fine

I guess your vyos have different subnet

I had this setup working before on an older version on vyos, but link-local bgp wasn't working so I updated

So the update brake it a little

I started over fresh

S>* 172.20.16.139/32 [1/0] is directly connected, wg92, weight 1, 02:18:59
``` my static routes

I can ping the peer endpoint ip just fine

so wireguard works

it's just routing which is being weird

Ok but in traceroute it goes to your main router instead vyos

to main router, instead of going to my peer

Your peer configured in vyos or in other place ?

  Known via "bgp", distance 20, metric 0
  Last update 02:14:44 ago
    172.20.16.139 inactive, weight 1

one thing that intrigues me is the inactive, weight 1

what does inactive mean?

yes ```address-family {
ipv4-unicast {
network 172.23.84.32/27 {
}
}
}
local-as 4242422810
neighbor 172.20.16.139 {
address-family {
ipv4-unicast {
}
}
remote-as 4242421588
}
parameters {
router-id 172.23.84.33
}

Let me remember I learnt it 4 years ago and didn't touched it

trying to find documentation on what inactive means in this context

Before the update you had inactive?

well I started fresh

from when it was working ```Routing entry for 172.20.0.53/32
Known via "bgp", distance 20, metric 0, best
Last update 00:00:08 ago
172.20.16.139 (recursive), weight 1

• 172.20.16.139, via wg94 onlink, weight 1

different peer tho

on vyos to ?

yes

it's just sending it out the wrong interface https://cdn.discordapp.com/emojis/799379297860976660.png?size=64

PING 172.20.0.53 (172.20.0.53) 56(84) bytes of data.
From 130.81.189.138 icmp_seq=3 Destination Net Unreachable```

looking for some sort of priority or weight for static routes

I have a feeling it's just seeing the 0.0.0.0/0 route before the other and sending it out eth0

I had the same issue with gre tunnel on mtik

At the end I just removed the gre tunnel and left it

Erina - it's not a problem with GRE tunnels

it's a policy routing configuration issue

anybody here have any experience with the netgear armor service with bitdefender

what's weird is that it worked just fine in an older version

maybe bug?

or just I'm doing something wrong? idk

here is my config https://pastebin.com/iRa7diEL

Sorry for asking so many questions here recently. Please can someone recommend a network layout for my homelab. I am wanting it to be as close to an enterprise as possible, so dont mind having networks with single servers.
The VMs I am wanting to create:

• 3x AD DC Servers
• 1x AD CS Server
• 1x Zabbix Server
• 5x GlusterFS
• 3x HashiCorp Vault
• 3x HashiCorp Nomad
• 3x HashiCorp Consul
• 5x Docker App Servers
• 5x IIS Servers
• 3x MSSQL Servers
• 3x Redis Servers
  And any other technologies I am wishing to look at.

I was planning on creating a Windows Infra Network for AD, a Linux Infra network for HashiCorp services, app server network for docker and IIS and finally a database network

I meant Erina - sorry that was unclear, I meant her issue was nothing to do with GRE but was a policy routing issue

ah

mikrotik GRE works fine, the policy routing can be tricky to set up in some cases

she was having policy routing issues and says that mikrotik GRE is not good

ah, yeah my tunnel is working just fine

Routing is done on most specific match first. Also what you were looking for is distance/preference

yeah I saw that, no such option though on statics, unless I'm missing something?

I said I had issues with it never said not good lol
The routing policy was ok with fortigate only mtik did weird things with my gre tunnel

and no one was able to help with it and fix it so its an issue with mtik for sure.
Mtik did some weird things while connecting to it

wasn't doing "weird things" but when you are using mangle rules for policy routing it is very easy to treat some traffic incorrectly and cause problems, it is harder to configure

with policy routing you can create loops by accident quite easily and things like that

so I was using dhcp-interface instead of next-hop, which has distance

Well in fortigate its harder to configure it on mtik was easy but never worked

on mikrotik there are actually two ways to do policy routing

I only used the mangle way

but I recently became more aware of the other way

now for statics I have >* 0.0.0.0/0 [100/0] via 10.10.30.1, eth0, weight 1, 00:00:57 S>* 172.20.16.128/25 [1/0] is directly connected, wg92, weight 1, 01:08:30 but still no luck, still going to my home router

and I think the other way would be easier to configure for you because it is closer to fortigate

its not important for now I'll get back to it when I have time. Now I'm learning ovirt and docker

can you ping 172.20.16.139

yes the tunnel works

so you can ping that but you can't ping 172.20.0.53

it's some routing thing, it worked in vyos 1.3x, but running 1.4x now since juan said they may have fixed ipv6 link-local peering

yeah, 172.20.16.139 I have a static route to, and am directly connected to

172.20.0.53 route is gotten from bgp

  Known via "bgp", distance 20, metric 0
  Last update 01:11:12 ago
    172.20.16.139 inactive, weight 1```

it says inactive

yeah

which I'm trying to figure out

huh ok so another ip on dn42 works (172.23.84.34)

but the 2 anycast dns servers don't work

wait no that's my ip, lol

Did you make sure you set the FW and NAT rules?

I followed the tutorial like last time, same firewall, no NAT

Or are you pinging from VyOS directly

Vyos

The update from 1.3x go 1.4x must have broken something

Like unlike in 1.3x where the next-hop from dhcp would stay, in 1.4x after a reboot the route would be gone

Pretty sure that's a bug

Will file it later

And run it in an isolated environment

To make sure my other config isn't messing it up somehow

@clear igloo Applied at a part time IT job

@rocky badge Nice!

good powerline adapter that isnt too expensive?

If you can, I would avoid powerline wherever possible. The speeds are not usually as good as WiFi. If you have a device without WiFi, you can get a WiFi extender with an ethernet port. If you really do need a powerline, ive found TP-Link are quite good if you dont go for the cheapest ones - the decent ones are around £70 (not sure about $)

theyre worse than wifi? waht

well my friend has wifi in his pc

and its kinda shit he says

u can get a wifi usb adapter last time i looked was a few years back for my roomie and it was pretty reasonably priced

Well, i've read that its mostly depending on the quality of the cables in the house, you can have mixed results. With WiFi, I get 150mpbs (paying for 200mbps). With Powerline, I would be lucky to get 50mbps. Powerline is more for reliability rather than speed I have found

ah

Not sure if thats just me, or others have found this too

i will ask him what speeds he gets

real dumb question but does running internet thru the powerlines reduce the efficacy of the wiring w.r.t how much pwoer it can carry?

Pretty sure it doesnt

interesting

im still a bit confused as to how powerlines work like wouldnt it have to send signals over the already current electricity

and would it affect other devices

Dont have a clue... I'm sure others have a better idea then me

lmao aight

he says they alternate between 60 and 9

what is he paying for & is he far away from his router?

he says hes paying for 100

he says 6 meters or more and passes through 3 walls

yes it's sent over electricity

I'm hoping one of the regulars will join in and confirm/deny what I am saying, but I'd say 60 is pretty decent. Obviously a direct connection would be best, but I dont think you would get much (if at all) extra performance from a powerline. If your friend is getting large lag spikes or dropping connection, it would help for that, but not overall speed

smort

@snow lance

to make it short and simple, two signals are combined, a low frequency 50 or 60 Hz, high amplitude (120V) power signal and a high frequency (100 MHz) low amplitude (around 1 volt or less) communications signal.

They can be combined in the powerline adapter. At the other end, the signals are separated with a high pass filter set. the huge separation in frequency makes it easy to split them efficiently. The high frequency signal is then decoded for data and the low frequency part can be used elsewhere for power without removing the high frequency as most appliances will not even see it.

oh this was exactly what i was looking for lmao

thanke

but ye he says often itll slow down a lot and even disconnect but theyre moving to a new isp in a week anyways

how does he know it's not wifi

seems like he doesnt but his parents are switching anyways

🤦

so its the ISP thats causing the problem? Nothing to do with powerline or Wifi?

they don't know

but far too many people associate wifi problems with isp problems

probably not but seems like its out of his hands if theyre switching or not

powerline can be slowed down just some high current device on the curcuit

ah so if i plug in a kettle for example speeds go down?

if it's on the same circuit, yeah it can

the powerline adapter quality also matters

hmmm

well i made his list long time ago and im quite sure he had some wifi card with external antennae so you could probably just get some cables for those?

wdym

if you are going to "wire" wifi, just get use ethernet

well the thing is he cant drill holes in the wall

not allowed to or whatever thats the reason he isnt using it

but what i was thinkign was getting those antenna cable

and move it as close to the router as possible yk

who said you need to drill into the wall

you can get those cable raceways

well you need to drill a hole in the wall for it to go through the wall

yeah but they just keep it tidy dont they

can't find the docs for that, what does "inactive" mean in that context

this issue has really been bugging me

Did you try to make a new tunnel connection in vyos

Hey so I have a pc that's hooked up to a UV printer, the printer needs gigabit LAN.
Can I get a Lan card for internet connection and everything will work?

yep

Alright thanks

best very cheap wifi repeater

Anybody else with the unifi 6 LR? Curious as to what your real world speeds are.

I have a UniFi 6 LR

I'm not sure what do you want to measure though. It's hooked up with a regular 1gbit ethernet connection and it can saturate that from ~10 meters. I have a 10gbit network but they don't support it in their wireless so no way to test if it's any faster than that I think

@tropic sail

I forgot to check the link speed to the AP before leaving for work, but i have a fiber connection and I was able to do a internet speedtest pulling in like 850mbps on 5GHz band 80Mhz channel width.

I don't have a wifi6 device at hand right now, but it was about the same last time I've checked, my crappy MBP16" shows much slower speeds, but I'm two rooms away from the AP:

so I guess the long range aspect also works

i have yet to play around with range yet i just got it hooked up last night after work. way better than my old linksys router I had running as a access point only since i have the udm-pro.

well, I usually prefer to use wired connection, so wifi is for mobile devices only

Wired connection is much faster 😉

yeah my wifi is only for laptops, mobile devices, and smart home stuff. everything else is hardwired. I'm working on gathering stuff for a 10gbe network

holy shit dude. where are you where you can get that kind of connection to your house? i thought my 1gig connection was nice 😆

I'm from Poland, it's a new apartment, monthly cost for this connection is about $25

i wish internet was that cheap here in the states. I had spectrum for internet (400mbps down, 15mbps up) and went to metronet for fiber and got 1gig symmetrical and that was a game changer, but its like $75 a month for that.

Oh, I used to live in California for quite a while, I remember expensive, capped and shitty connections

Im glad i dont have any caps. that would be a deal breaker for me.

I have a data cap of 100Gb on my backup connection (I work from home, so I can't afford not to have a fallback)

BTW - that's the worst part of UDM Pro - if you have a connection faster than 10Gbit you can't use the fallback WAN

because their crappy software only accept 1Gbit WAN as a primary connection, not the SFP+. I've reported this half a year ago and their response is still 'we don't care, nobody has more than 1Gbit anyway'

yeah thats not going to be an issue for me living here. in our area we literally just got 1gig fiber. god knows how long until we can get a 10gig connection

i wish they would just let me use that other sfp+ as another LAN 10gig port.

im just going to get their aggregation switch and hook it up into the LAN sfp+ and then ill have more.

I'm waiting for someone to crack open their firmware and release something custom, because their bad customer support and horrible updates are sometimes driving me crazy

I do have that aggregation switch

for the price it doesn't seem bad.

i wouldn't have too many 10gig devices anyways. my server would be plugged into a 10gig, then 2 desktops in the house would be plugged into the other 2, and then another line running out to my detached garage for the shop

shop doesn't NEED 10gig, but for running to a different building I want to use a fiber line so theres no risk of ESD damage from lightning or something ruining all of my equipment

I have three right now, planning on getting two more

• my workstation
• my girlfriend's workstation
• a mac mini I'm testing

I'm looking to buy an external 10gbit card for my home server (which is a NUC) and an expansion card for a Synology NAS

what NICs are you using in your workstations?

I've used Asus XG-C100C, but that's a horrible piece of hardware, super unstable

so I've switched mine to intel x540-t2

and I think I'll get another one for the other workstation

thats sad to hear about that asus one. thats the one i was looking at getting.

every single time I've rebooted to windows I had to unplug and plug back in again the network cable

not to mention it would randomly drop the connection from time to time

no firmware upgrade helped, just nothing

get a x540-t2 or some other used 10gbit server card from intel, they are much better than those Asus NICs

could probably find some good deals on some used intel nics. i would need 3 of them at least.

mine wasn't cheap (about the same price as the Asus), but it's super stable and it has two ethernet ports

are you using a sfp+to rj45 adapter at the aggregation switch then?

yes

I didn't want to wait for a 10gbit switch from Ubiquiti to be released. They have one right now in early access, but it's not rack-mountable

i saw that. which for my use case its fine because the servers i can just put a sfp+ card in those and hook them up directly. my workstations ill just use a rj45 adapter to plug those in.

the only thing that worries me about those adapters is that they are getting very hot, but I was told it's normal and I should expect that

if you're just building the 10gbit network right now be aware that there are some devices that misbehave on 10gbit network

I had a Asus Zen Wifi AX (XT8) before I got UDMPro + UniFi APs and it was dropping the connection the minute it got anything faster than 1gbit upstream

I also had a lot of issues with Sonos Home Entertainment (Arc + Amp + Sub)

get some 1gbit switches, preferably PoE, you might need them

or use UDM Pro 1gbit ports for those devices

yeah if its not a 10gig compatable device its not being connected through that switch. ill use the 1gig ports for those like I currently am.

in the shop for the other end of the fiber cable ill probably go with a mikrotik switch out there. 2 sfp+ ports for 10gig then it has 8 1 gig ports. shop computer will also be 10gig then ill have a AP out there. so ill see how picky it gets through that kind of setup but ill send it and figure it out as i go 😆

Check out noise levels before you buy those switches

I had a netgear 16 port 10gbit switch which was unbearably loud

I've replaced the fans with noctua fans, even took a drill to get a nice fan-speed knob on the front

its in the loft in a garage lol noise wont be an issue to me out there.

but it was still getting either hot or noisy

oh, ok

i spend enough time out there I put together a computer for out there with my old parts so I can have a computer to look parts and stuff up on with a junk keyboard I dont care about getting greasy and dirty

my rack cabinet is right next to my bedroom, so the girlfriend-factor obligates me to measure noise levels every time I add something there 😄

anything over 36dB is a no-go

yeah that would be an issue lol my one in the house is in a laundry room where the furnace and water heater and such is in as well. its a noisy room in general so oh well. whats a bit more?

that's true 😄

As, I said before. Tunnel works fine. I can ping the ip on the other side of the tunnel

It's a routing issue

Worked in vyos 1.3x

Someone can help me?
I installed cockpit and ovirt and after deploying the hosted-engine my main network card just can't get the IP address.

Centos 8.3 latest updates

5ghz 160mhz

Any suggestions for a machine using an rdp connection black screening after turning off resolution settings? I can get the connection to work fine just not on my buddys

To a terminal server

Network printing is cool. Also, CUPS is better than how Windows handles printers.

It's a cat8 cable

🤣 🤣 🤣

hahahahaha

LOL

cat-ate-cable

Dude my raspberry pi 0 just arrived! Good bye ads!

Yellow

https://tenor.com/view/cat-mood-lazy-rain-lluvia-gif-14925137

what effects networking speed the most > cable or the routers ability?

im trying to run a nas but the loading times are st

it's always the weakest link

that question cannot be directly answered

im running cat 5

over about 50m

cat5? or cat5e? what's the negotiated link speed?

errr im not a nerd i know f all

How is the NAS connected to the router? What speeds? Is it an ARM based NAS or doing CPU intensive work?

sorry dude im just like jannice

https://www.windowscentral.com/how-determine-wi-fi-and-ethernet-connection-speed-windows-10

so we are dymacillay linked on a home router of 10mps

but we dont get it?

on windows it shows link speed of 10mbps?

not even close

yeah @peak cloak

ooof, that's slow af

what router?

but the transfer speed is trash

netgear

well yeah, I would expect it to be at that link speed

i think my DHCP and settings are fd a bit

max speed you will ever get is 10 mbps or around 1.25 MB/s

ohhhhhh

nah

that doesn't help

model number?

*punches oneself for being such a twt

im reading the numbers all wrong lol

so mps isnt mega bytes per second

or mega its?

MB/s is megabytes per second

network speed is measured in megabits per second

so 1024 is technically 1gb/s

ive learnt something here today guys 😉

you have been really helpful in sharing your knowledge to a 72 yo @peak cloak

no problem

i used to do networking for cisco ...

times have changed .... i think you can understand

its all gone digital

i miss the days my fingers used to get bit by a case fan and long arm reach was required lol

yeah, I'm just in HS, learning to maybe get career in networking or cybersecurity

its an everchanging worldthe next stuxnet stopper

cyber crime is always changing

as does the security

ps3 was cracked in months hehe

so did iphone

does anyone know anything about moca ethernet adapters

if so can you do point 2 point

wdym by p2p?

well basically im trying to get ethernet in my room upstairs

cant get a cable thru the vent

and moca seemed like a good option because we have a coax port in an upstairs room right next to mine, and one downstairs where the router is

however, we're not actually using the coax for the internet because we happen to have fiber

yeah, it will work, but splitters are the tricky part

iirc you need a moca splitter

but I may be wrong, idk too much about coax

hm okay

just at a glance does it look like this would work https://www.amazon.com/Actiontec-MoCA-Network-Adapter-Ethernet/dp/B088KV2YYL/ref=pd_lpo_147_t_1/136-0598953-5275913?_encoding=UTF8&pd_rd_i=B088KV2YYL&pd_rd_r=cf296b5f-5828-4485-a6c6-c96f3f2ba320&pd_rd_w=6KRiD&pd_rd_wg=fM9ac&pf_rd_p=fb1e266d-b690-4b4f-b71c-bd35e5395976&pf_rd_r=G2WM35K1V5742P9MYD18&psc=1&refRID=G2WM35K1V5742P9MYD18

I don't see why not

ok but like, i wouldnt need the device side of this would I

wait sry wrong listing im talking about

right so im seeing a couple with 2 ports

that second port would be if you also had a modem you needed to connect with coax right

https://www.amazon.com/MOTOROLA-Adapter-Ethernet-Bonded-MM1000/dp/B077Y3SQXR like for this one its called "Device"

this one I think works like this

it just taps into it and allows you to use another device you need there

right

thought network would be for the other moca adapter though

Will restarting my pc lower my ping? I'm currently using a lan cable, so i think the problem is in the lan cable system, that's why i want to reset it.

Why does my wifi lags when im on the laptop and not when im on mobile, it lags so hard to the point the game its unplayable it has never happened before it started about 2 days ago

When im on a call on discord the ms stays at 5k

Then lowers sometimes

Hi all looking to setup a 3 system 10gb network for file transfer, ndi video, and whatever else. I am going to go for the Qnap QSW-308S for the switch which will give me 3 SFP+ slots, goal is to then connect those slots with DAC cables into the gaming pc, streaming pc, and NAS. I'm a bit at a loss when it comes what network cards to be looking for on ebay, aiming to get a second hand one and keep them to 30 USD each or less. Right now i'm looking at these two listings, https://www.ebay.com/itm/383693741093?hash=item5955eddc25%3Ag%3ABD8AAOSwrTlfQFIk&LH_FR=1 and https://www.ebay.com/itm/264728821017?epid=1103887913&hash=item3da3113d19%3Ag%3A3XcAAOSwjOVeutvo&LH_FR=1#viTabs_0, but wasn't sure if anyone else had any other network card suggestions 🙂

Hello guys, I need help setting up WoL, already tried google and I cant make it work

My network looks like this atm
192.168.1.254 - Wireless access + Tv (isp router)
192.168.0.1 - my 2 main PC's (D-Link Dir880L router)

@vapid rapids Do not get those cards unless they are flashed with ethernet profiles. FCoE is NOT something you want. Additionally the HP cards are fibre channel cards only from what I can tell, you do not want those

You can’t use FC cards for 10gbe networking and you want to avoid any card that is labelled as “CNA” (although some work great, like the HP CN1000E)

Hey everyone! I experience random network failures (sometimes every 5 to 10 minutes, sometimes more frequently, sometimes less) and I wonder why. It is noticeable because I get 100 percent packet loss when doing ping 8.8.8.8 or similar. When restarting networkmanager with sudo systemctl restart NetworkManager it always works again for a bit but then usually fails soon after. What could possibly be the reason? I don't know what you'd need in terms of info, so just ask. I use Arch with Linux 5.10.47-1-lts kernel. Thanks in advance!

from what you said, seems that you have 2 seperate networks

the magic packet needs to send to the broadcast domain the pc is on

am i dumb im having 95 mbps but im having 100 ms somehow

Ping and speed aren't proportional. They can matter from cases to cases

I could have 1ms to a server which is giving me only 10Mbit download speeds

I could have 300ms to a server which is letting me download at a Gigabit

technically if it's tcp it may not be able to, from how I understand it

I was also confused at that, and was asking someone but they just told that doesn't matter, TCP isnt the "bottleneck", i could have very high latency and assuming the transit/path used is good, you could certainly get the download speeds but I don't know still

yeah I'm kinda confused by that as well

but generally, ping and bandwidth aren't proportional

Very common in europe, you'd get nice ping, but the transit or path its on would be total absolute crap.

remember seeing less than 5MB/s download speeds from a mirror 20ms away, when the friend has a Gbit connection and the mirror had a gbit i think too

I'm debugging exactly this case for a client of mine 😉

~1 second round trip between two points but still easily reaching ~3Gb/s sustained load

Well, if ya want to join a server where crystal is active I know

I don't, but say hi

😇

I need some router recommendation, I have a budget of 200 USD and my house is 1500sqft my internet speed is 100MB down and 20MB up. Thanks

@clear igloo you should work MSP

https://www.reddit.com/r/sysadmin/comments/ogg6ga/new_msp_customer_shuts_off_servers_every_night/

sounds like something my grandma would do

i do it too

no need for 24/7 operation at home

ye true

i havent powered that thing on in a year TBH xD

have a prod server and a lab server

one I have 24/7, another I turn on and off when I need

@lost wyvern split in 2 via what medium?

coax?

if the "router" you mean modem and router, then no

Sorry I have someone helping me, thank you though

Guys which GPU is best for transcoding on a Plex Media Server?

Hello

I'm using the one that built into my old cpu and that's work good

@lean pebble but on a server?

any one that has NVIDIA's Nvenc encoder

I wanted an alternative for the Quadro P2200 but I've been asking in all chats for help but no one answers me nothing...

what would you budget be?

@ember grove

A lot.

rtx 3090

...

if your budget is a lot

that is literally the best consumer card for basically anything

you know why your not getting help is because you gotta have a price in mind

I said an alternative not the same brand.

oh so like amd?

Yeah.

well AMD has AMD VCE for transcoding and it is almost identical to NVIDIA Nvenc and just about any AMD card would do it I would recommend the RX 6800

or any of their newest lines 6 series or 5 series

But you could go cheaper with an RX 590 or something like that

Is the RX 590 a match for the Quadro P2200?

@ember grove it is a little bit better

+30%

Hmm...

Hmm...

Hey, i have an active directory server with DNS for domain xyz.com (example) and also some DNS information in cloudflare for domain xyz.com. How can I tell active directory to forward *.xyz.com lookups to cloudflare if it does not exist in AD DNS?

I have added cloudflare as a forwarder, but it doesnt forward xyz.com to cloudflare - only other domains

Might have run out of room on the rack...

Rednetworking

Buy a bigger rack

help why is my sky q box not providing wifi to my ipad my sky q mini boxes or my phone?

yes they’re connected

i’m using my data rn

The Sky Q doesnt provide wifi... Are you talking about the small white booster box?

This

ye that mines black

I'm pretty sure that only boosts the mesh network for the Sky boxes. I think the Sky Q and Mini boxes create their own wireless network. I'm assuming the mini boxes can show normal TV?

no

it says that you need check your sky q box

Are the mini boxes far from the main box?

no only like 2m and the other ones like upstairs

Why do you need the booster then?

this is what it says now