#networking

Like, bruh, DHCP exists for a reason

So you don't have IP conflicts

And easy setup

Oh I thought u meant the public

I always static my devices and rest people on DHCP. I like to know where I am connected without doing extra stuff.

I only the servers and laptop

Why

DHCP reservation exists

If I have ipv6 from isp but not on locally can I still connect with it publicly?

Yeah. But that will bind the IP to my MAC.

Anyways, reservation is another extra configuration so same as static IP.

Wdym

But u have only one way not on every port

Yeah, but then it's centrelized at the DHCP server, not on all your devices. And you can have it automatically add dns entries too

I mean my ISP gave me ipv6 and I wander how can I enable it with mikrotik but didn't see a way every where

You need to add the ipv6 package

I added that and then what

That where I stack

You know how you have IP

You should also have a menu, ipv6

Yes I do

But then some people say their is need for dhcp, their is no need for dhcp, so I don't know what to do

well you do

You'd need to enable the IPv6 option from your router towards the LAN side..

you have 2 types of dhcp in ipv6

you have dhcpv6-pd

and dhcpv6

the pd, stands for prefix delegation, so that is the standard for assigning ip blocks to customers

so instead of ipv4 where ISPs assign you one address, they assign a whole block aka prefix

Customers is my LAN?

no

your router

then the standard for assigning IPv6 addresses on LAN is SLAAC

not DHCPv6

I want to make it like ipv4 I know ther is no need

well ipv6 != ipv4

I mean I want one IP public and then one for all my PCs

not how it works

you don't have NAT in ipv6, that's the whole point of it

Who are your customers? I am with the assumption that you have a home connection. What do you mean by customers?

I mean like ISP side, customer I meant as in the customer's router

Take it from this message @frigid pine

I was directing this to @thick minnow.

?

so in ipv4 you had one public IP. IN ipv6 you get a whole block, the standard is /56 for home connection

so each LAN device has it's own unique publically routable IP

I mean I ask if the customers he meant are my LAN devises

but you still have a firewall

yeah no

Yes all ready clear :)

So I have to re creat my firewall?

if you enable the ipv6 package and then do a factory reset, it will setup a ipv6 firewall for you

right now you don't have one

but the default rules should always be:
-Allow established/related
-Block new

Block in coming allow out going?

and if you need to lets say let a computer host a server, you can just do: Allow port 80, to destination XX

no, block all new connections from WAN

and only allow established/related

so only internal devices can start connections to the internet

So the port fowrword are in the firewall?

Not like ipv4

ipv4 you still had a firewall

NAT != firewall

But to open I don't have to open in the firewall

but you had 2 steps technically, add NAT rules, then allow through firewall

No

most routers did both for you in the simple portforwarding menu

Only Nat

nope

see above

That what I do

Its working

^

But I have mikrotik is that doing it for me?

idk

maybe you may not have firewall

but it's even an option on the EdgeOS devices

Bec if I will look at the firewall their is no ruol for ports

Is that from routeros?

edgeos

complicated story, but I don't have the HEX S yet

well I do, but I don't

do u know about a arrtical that can help me?

To learn ipv6 spcily for mikro

https://www.medo64.com/2018/03/setting-ipv6-on-mikrotik/

found this

Thanks so match

If I enable that particular option

This shows that isp isn't blocking 443, it's the router that's creating a problem

If you have factory reset your device with no default config then there shall be no firewall rules and all traffic is allowed from and to your device.

yes. If you can reach your router page from outside your local network on <your_public_ip>:443 but not your server, thats not an ISP issue.

@peak cloak @frigid pine sorry to ping u tow

I did factory reset to my router and ipv6 enable and still I m not connected with ipv6 did I miss somethong?

you still need to set it up

factory reset just adds the default firewall

you need to setup dhcpv6-pd

and router-advertisement

look at the guide

OK I thout that its like ppoe

Thanks

if you are using pppoe for internet access, you may need to change some stuff from the tutorial

like what?

im using it

like the listening interface for dhcp-pd

add add-default-route=yes interface=ether1 pool-name=general-pool6 request=prefix```

change the interface to the pppoe interface

and

add address=::1 from-pool=general-pool6 interface=bridge1 advertise=yes

change bridge 1 to whatever LAN is

I think by default it may be bridge1 but I'm not sure

and the firewall should be done for youe

although you may need to add a rule to allow dhcpv6-pd

Yup that's what I am saying

Now i can't forward on 443 so I am using 8443

OK thanks

can i combine two 30mbps connections into one 60mbps using load balancer ?

no

not on a single connection

aggragated, yeah

what you mean

i have ONT which have 2 seperate outgoing ports so if i get 2 connections and i combine them both with a Load Balancer

you can have a total bandwidth of 60mbps, so for example have one person downloading a game at 30mpbs and another at 30mpbs, but not one person downloading at 60mbps

but that's not how it works either

ISP provides 30mbps plan I assume?

yes

yeah no

i can get 2 one same fiber

your provisioned to 30mbps

combining those 2 ports aint gonna do anything

cant i use bonding?

the rate-limiting is done on the ISP router, wherever that is

it's not a pysical limitation

ethernet can do gigabit

fiber can also, you're just rate-limited by ISP

i dont have any specific ISP router

the ISP router

not your router

i have of the shelf ONT to convert fiber to copper and then im using my own router

give me a sec

ok

@coarse kraken

rate-limiting is done by ISP router

you aint gonna change what the ISP provisions

cant i split the packets half half on both connections

wut lol?

not how it works

you aint gonna get better speeds

you gotta pay more

they dont have higher packages for homes

well

¯_(ツ)_/¯

You can always try to call them, and negotiate with them

tried but those guys are stuck that we can create custom package just for you

cant

Then call them every day, multiple times. After a while, they will do it just to get rid of you

nice

You can call and ask if your ISP allows the use of non ISP provided Modems... Sometimes it can net you more than what you pay for. @coarse kraken

nah

Does that onu support bridging?@coarse kraken

i dont know

again, you may be able to get 1-3 mbps more because rate-limiting isn't perfect, but you aint getting around it

Which onu is it

I pay for 300mbps and I actually get 450mbps by using a non ISP Modem.

yes i can choose my own devices

an ont doesn't route

how?

Nope, it does in some cases

Use your own router as well.

that's a combo unit

Yup

but an ont itself doesn't

simple without wifi its from Huawei

Make sure you get a good Modem - Router combo. @coarse kraken

i dont need a modem

Modem and Router should be separate. @coarse kraken

This one?

he has fiber

i can plug ethernet directly from ont to pc and i works

Ok, @coarse kraken so it is doing routing

Ohhh... Fiber... welp. Lmao.

You have 2 options now
@coarse kraken

ok

Get 2 onus and 2 connections and connect both of them to the load balancer

noooo

thats what i suggested

wtf is this advice

as I said, you aint getting more than 30mbps if thats what the ISP provisions unless you find a way around it, and it won't be like that

Second one is very unlikely to be done by the isp but it can be done technically. Ask them to provide 2 connections on single fiber. Put that onu on bridge mode. Uplink the load balancer to it and initiate 2 PPPoE connections on the load balancer or whatever your isp is doing

who said they used PPPoE

@peak cloak I guess he is talking about mixing 2 connections

@peak cloak judging the isp they are providing 30mbps as their max plan they should be using PPPoE or Static Private ip

that what i had in mind minus the PPPoE

nope

static private ip? wtf?

that's CGNAT ffs

@peak cloakyup

they dont provide static IP

DHCP exists

ik

But my ISP is using static under CGNAT

was*

doubt

you had to manually enter the IP?

that they gave you

Yup

wtf

that's so backwards, dhcp exists for a reason

mine uses EPON

that's a transport technology

They didn't have a proper BRAS and they were providing via a RJ45 cable

@coarse kraken it makes things much less complicated. There's no VLAN in EPON generally

i might be a dumass but is thus switch layer 2?

https://mikrotik.com/product/CSS326-24G-2SplusRM

all switches are layer 2

thanks, hhhh

layer 3 switches just have more features on top

so im a dumass

like?

they can route

so for example you have lots of vlans

so is this switch layer 3?

QoS, Routing and all

instead of having all the traffic having to go back to the router, the switch can route it

cant i use 2 wan router?

why

@coarse kraken that's generally a load balancer

you aint gonna improve your speed

not really

Oh

@peak cloak u know alot about mikroyik right?

a little

no just layer 2 from what I see

since it can only run SwitchOS from what I see

@coarse kraken are you using mikrotik

can i use this switch to create a boinding ports?

not at the moment

bond in what defenition? have one link over 2 cables?

yes

yeah, one implentation of that is LACP

https://wiki.mikrotik.com/wiki/SwOS/CSS326#LAG

i think i lost u

ok thinks

They do make non ISP fiber Modems. @coarse kraken I would talk to ur ISP and see what Modems they allow.

I have done 100+100 = 200 on mikrotik, but that works only on speedtest (which uses multi connections)

if 30mbps is the plan, you aint gonna get much higher

yeah

what you mean by modems?

@coarse kraken onu

the whole multiple connections part is key for LAG

I used to think that to... @peak cloak

he's using his own

depends heavily on the type of limiting they do

I"m a noob at the whole qos and queue thing

nynameisjuan knows a lot more

Worth a try. @peak cloak

?

he's using his own ONT

yep

i can use whichever ONT and Router i want

they give me fiber connection and thats all

WiFi 6 Router for sure. ie Netgear or Asus for speed. @coarse kraken Try that first.

wut

lol

If your Fiber Modem can’t keep up Google for a faster one. @coarse kraken

it's their connection

30mbps is super light

it's nothing

Nope you cant simply do that

You'll have to get the ONU registered on thier ONU first and update the MAC if they are using mac binding

again, depends heavily on their backend

there is not standard with fiber like there is with coax (DOCISS)

whew there are ISPs out there that let you buy your OWN ONT?

it's possible, I have verizon fios, and there is no way to get around that. But works perfectly fine, with no issues so I aint complaining

Yep 👍🏼 you have to call and ask. Then get on the phone and have them set it up with you.

cool. i wanted to try that just for the lols andd also some learning. even the most agreeable (read: least evil) ISP here said no [this is an ISp that ACTUALLY tells people that a router is not a wifi ap and gives them both seperately]

The technician said that I have got really good parameters in my locality.. How good are these?

what ISP?

or is it local?, people have been able to use their own ONT on ATT I heard

Those are fine. Unlike copper/coax, fiber doesn't really have a scale. Its either within thresholds or not.

Beanfield in Canada. They're now owned by someone else i think but they're basically a small company trhat runs their own fibers. ISP in Canada is very much a oligopoly otherwise (even if you find a small local player they're 99% of the time just resellers, i think beanfield is the first one i've seen that isn't)

hmm

oooh cool didn't know that

@nimble sable found this

https://www.reddit.com/r/CanadianBroadband/comments/ltfxh8/own_sfp_router_with_beanfield_possible/

can't read it tho, because reddit is having issues here

My isp is using 255.255.255.255 netmask, still i can discover other people on the network using ip sanner ... how is that possible?

oh i saw that. it's technically possible ofc, their setup isn't htat complex (unlike others like bell that do weird things with vlan) but they won't let you. at least so far. the fiber that comes into my house is "spliced" (is that the right word?) into their modem so i'd def. need their help

show pic

It needs to have a connector

PPPoE uses a /32. Its all handled via the concentrator (router your router is connecting to)

oh ok

hence the name Point-to-Point Protocol over Ethernet

like this is insane

how?

I can even access other peoples routers

wait

that's not good

yeah i know

Those are other /32s in the pool. Its just being routed instead

oh, I meant, how is it insane

WOW tf, i've even had CGNAT before but never THIS, this is just SOBAD wow

I mean, that's less of an ISP problem and more router problem

it is?

I can access other peoples routers and DVRs

unless that's the ISP provided router

^

wouldn't the ISP usually block routes between people modems or whatever?

They should have done it

Depends. Some platforms we do, some we don't.

wait..is that CGNAT then?

No, CGNAT is an entirely different implementation

I can even access their BRAS using telnet
😆

when i was in india, i had the weirdest set of ISPs. most would cost like 50% of your salary for anythiugn even CLOSE to enough to do youtube everyday and like 5mbps speeds. then there was one that did FTTH 100Mbps...but used cgnat (and in some cases double cgnat)

whats that?

ISP's router

PPPoE is used to authenticate and grab a lease. CGNAT is just NAT but at a larger scale.

That ISP needs to fix that.... The ASR logged the connection attempt too BTW. But seeing how they seem to have no security in place, they'd probably not even care

How do you know thats a ASR?

oh

And i confirmed with ISP they use PPPoE

Yeah hostname was populated and the prompt layout gives it away. Typically in ISPs the PPPoE concentrator is an Cisco ASR, Juniper MX or with smaller ISPs, Mikrotik CSR. I have not scene any other models used for such

They have a security banner!

@coarse kraken I don't think we can LAG multiple layer 3 links. Your two connections, as soon as they complete pppoe negotiation, generates IPs. So if you LAG both links packets would get dropped coz they won't know where to go.

Though I can remember Linus did a video where he coupled 2 internet links into one. Dunno the name of that video or the device he used.

https://youtu.be/tqbnjgbtDl0

That works only because its DSL. DSL is a product of ATM which can do true bonding. Ethernet cannot..well technically it can but is usually not implemented because of the issues its causes . Two different technologies.

L2 is LAG, L3 is ECMP (equal cost multi-path). Similar as both load balance packet flows (not per-packet) but ECMP does it all in routing

You can tweak it to do per-packet on some vendors but the issues with asymmetrical routing and FWs involved is why its avoided like the plague.

To make vlan 10 not seaaing my lan I need to that i n firewall right?

Yeah

On router

I still don't understand what the deferent bettwen VLAN and just creating a new DHCP, Bridge

VLAN is a way to have multiple lans on one pysical link

The packets are tagged with what VLAN they are

LAN = broadcast-domain = bridge
Nothing is different in your question. Creating a new bridge and DHCP server for it is creating another LAN, but to identify which traffic belongs to what LAN, a VLAN tag is used to classify it.

ok, thanks u @peak cloak @hollow marlin

Basically what clicked for me was when I understand that each packet is actually tagged with the ID and I think of each VLAN being its own virtual switch in a way

Lots of people confuse VLANs with just multiple LANs when in fact VLANs just transport those multiple LANs

@peak cloak please tell me you some sotrefect, you have ensen knloged of network ;)

So... Is this channel networking as in "help me fix my router" or "hey I'm in LA, let's meet up." ?

Hmmm... channel context suggests the former.

Hey So Im having an issue with my router disconnecting my desktop from the router/internet completely. Its a wired connection and I have replaced 2 of the 3 cables that connect my desktop to the router (the third is a long one in the wall). I have also changed my motherboard recently (that the ethernet cable is connected to) and that did not fix my issue either. I have also tried to change the port that I am plugged into. While my desktop has been disconnected(kicked) I can unplug/replug at either end, restart the pc & restart the modem and none of these will solve the issue; It seems to only fix its self over time. I have tried to plug in my laptop white my desktop was kicked (using the cable that was in the desktop) and it also doesn't allow my laptop to connect.(White desktop is kicked I cannot access routerlogin.net it just doesn't load) I have not been able to find any correlation between the times that my desktop has been kicked off the net (It happens about once a month) and I am really stumped solutions. Please any advice is welcome.

Do you see the cable disconnected in the system tray while your desktop is kicked?

@frigid pine No it shows as if it wasn't plugged into anything at all.

That means the physical connectivity is getting disturbed. Since you have changed cables and your motherboard I am assuming your PC ethernet jack is good and the cables are good. Now only thing left is router. Do all other devices connected to the router lose internet simultaneously?

No other devices lose connection unless plugged into with the ethernet cable that was in my desktop. Also as a note, when I go onto Routerlogin.net on my latptop(connected through wifi) the ui shows my desktop under the attached devices tab and it shows it as connected.

There are only two things that I havn't changed. 1. The Cat6 cable that runs through the roof that connects the two wall sockets. 2. The router/modem its self.

When your PC is down, connect your laptop with a different short cable directly to the router port on which the desktop is connected. If the laptop comes up then there's a problem with your wiring.

Ok, this will be the next thing that I try. If not then I'm guessing that I will have to replace the modem/router?

If this doesnt work probably the LAN port on your router is fried. You may use anyothe port if there is any free. or else buy a router/switch as per your convenience.

The second to last time It happened I replaced the cable that goes from the modem to the wall and that Instantly fixed the issue, but then today it went out. Thing is none of the cables are getting moved or knocked for it to cause a disconnect. I have tried multiple different ports on the router and the issue persists (it also doesn't bring it back when the desktop goes out).

If you have tried changing the ports it is probably on of the cable in between that is loose.

@frigid pine Ok, thank you. I think that I will get that cable changed when I can. If that doesn't do anything then Ill replace the router. I really appreciate the help. I kind of guessed this was going to be what I needed to do, I was more wondering if anyone else could think of a different issue.

so the POTS port you see in today's ONT/FTTH modem's, can that be used with the old phones with a bell on it?

or the hand rotating thing, (you rotate the dial one by one for the number)

Hardware wise, ONTs with RJ11 ports on them can indeed have a POTS telephone connected, however, it's entirely up to the ISP / phone company to decide if they wish to use the ONT for phone service or provide another piece of hardware.

I mean I have one connected to an cordless remote landline phone thingy, I just am wondering if I could use the old school stuff instead

Yes, however old phones typically need the voltage increased to produce a ring. For rotary phones they should still be able to produce the correct tones

You'd want to check with the manufacturer of whatever ONT you have, as they would know best whether or not the ONT can output the correct voltage for non-powered handsets or not. Rotary phones most likely aren't supported though, but again, that depends on the ONT hardware. For example, at least one local phone company where I live doesn't provide the correct tones for Rotary phones anymore.

Our ONTs can handle older phones, POTS signalling has not changed in 50 years.

Don't they pulse AC voltage on ring? Yeah, given how small this ONT is I doubt it even has a inverter or whatever circuit in it which would allow it, my older ONT was WAY bigger and beefier, there could be a chance that has it

Apologies, I replied to the wrong user. sometimes I wish I could throw this iPad far away...

Size =/= output power. Normal ring voltage, is ~90v and any devices that uses POTS will output that voltage. We have had a few customers with older phones that the voltage gain is increased in the ONT so that it can move the heavier bells.

huh. so even the wireless cordless i have gets pulsed that high voltage when ringed?

Yep, the device sending the ring does not know what is on the other end.

I see, I see interesting

Could I then still use one of those rotary phones? It'd take such a while to dial in a number but...

You should be able to. Depending on the pause length on the dial pattern the ISP has setup, it could be too slow in some cases to not complete. But it should be able to work

Hmm, interesting, even if you put the number in the cordless, and then call, you hear the tune of each number, so from how this works it sends the numbers one by one

Yep, its just listening for voltage patterns. Im trying to remember but I believe rotary phones rotate a spring when released generates a voltage

I see :P

i have a problem with dns.
The host that hosting the pihole container (docker) see the dns server as 10.0.10.1+3 (10.0.10.3 is the host ip) but it dosnt get any domains.
someone could help me please?

Are you talking about these?

@thick minnow

Anyone with a static IP getting port scans from 89.248.165.164

I am getting atleast 30 port scans in a day from the above ip

not sure if this is the best place to ask this but idk. i was going through the recycling at work for homelab stuff, and i found an hdmi+ethernet cable. ive never seen these used together on one line before. i initially grabbed it because its a tiny cable i can use for raspi. what kind of real world stuff would this be used for?

standard hdmi on both ends

No

Then you mean to say that the host server is not using pihole

it's a research project i think

Yes

But ping is working

Like I can ping 10.0.10.3

You are not seeing a domain name against 10.0.10.3?

I mean that the host (10.0.10.3) know about 10.0.10.1, 10.0.10.3 as DNS severs

But when I ping google.com its stock its not saying their is no domain its just takink like 2m antil every ping

And to my phone exm pinging is fast then any

What IP and DNS does your phone use?

10.0.0.252 dns: 10.0.0.1, 10.0.10.3

And what is the Mask you are using?

?

Don't in understand

subnet mask?

It's a scam/lie to honey pot people into giving them information at best
the site claims it's been registered from 2014 to 2021, but it wasn't registered until January this year

thx for the info

I've seen sites like that before too, check lookup.icann.org and abusedipdb.com because almost every time they'll show up as recently registered and doing port scans

/24

10.0.10.0/24 is a vlan

Does this network know how to reach 10.0.0.0/24 network?

Is of course

But its not the problome

how?

Becthey can tallk fine

The problem the server can talk with him self

I can do ping 8.8.8.8 but not google.com

can you ping 10.0.0.252 from 10.0.10.3?

Yes

oh

The thing is 10.0.10.3 is the host and the pihole

So forget the 10.0.0.252

This is the real problem

what router are you using?

But it was working before I re install so I have no idea

Mikrotik

What DNS does the pihole have on the host?

But its not the router its something with server

Open DNS

your DNS settings are wrong.

And its on docks BTW

Hmmm, so something is blocking the pihole VM from doing dns lookups directly

Docker

No my phone is on the pihole and its working fine

Interesting, I would expect hosts to not be able to resolve stuff either

Let me get a paper and I will draw it to u

Sure, so the docker container for PiHole cannot lookup stuff and get the lists/updates but it can pass stuff through to the OpenDNS resolvers?

so Mikrotik (10.0.0.1, 10.0.10.1) <--> Pihole (10.0.10.3) <--> Phone (10.0.0.252) correct?

That'd help.

Hope that u can understand my writing

draw IPs also please

Its not the right image sorry

Give me a sec

The router is all so 10.0.0.1 (of course)

What's the DNSs on your router. and what's the primary DNS on your Pihole?

Pihole open dns's servers

Router 10.0.10.3

Why don't you put openDNS on the router?

Adds...

?

Ads?

I don't know not a native speaker

use 8.8.8.8 as DNS on your router instead of 10.0.10.3 and then check ping to google.com from pihole

Its working all ready check

But not on the router

Change in /etc/reslover.conf

Or something like that in the server

server and pihole are different things?

Pihole on docker in side the server

With port 8080:80, 53:53/TCP/udp

So 10.0.10.3 is for the server or for the pihole or for both?

never used pihole before, so meh.

Both

show pihole dns settings

But is working to any thing aols

Do you have CAP_NET_BIND_SERVICE or CAP_NET_ADMIN set?

What

Ports below 1024 are privleged and you need to set permissions on the container to allow them to bind to them

But thy are working fine

Like I can go to my web interface and get dns

But the host of the docker get dns slow like every ping making it 2 minutes

is the host server pointing its DNS to the PiHole Container

Also, I noticed you said 10.0.10.3 is shared between the container and Server

Is that how its wotk

No, containers have their own IP Space

In a way they are doing NAT inside the server

So your server should have a normal IP Address thats within your LAN's Subnet

10.0.10.1 being router
10.0.10.3 being Docker Host Server
so on so forth

But the Containers will have their own IP Space

No I know I meant in general

So lets say 192.168.0.2
.3 .4 .5 .6 etc

last time i used docker they didn't get any IP from the actual LAN, they got their own 172. something IIRC

Yes

172.16 is the default space for the default bridge yeah

This is the bridge network (defualt)

mmmm i see

When you expose with ports like 80:80, 53:53, etc, its doing NAT

whats prob happening is a Pinhole Loop with the host server

But u can't just ping 172.x.x.x its will not work

You can however get a DNS lookup

I think I will just change the dns on the host and get over with it

I will say this, if you cant ping that container.... there is some IP Tables routing issue

(Server)

I can

do nslookup google.com 172.x.x.x (172 being containers IP) inside host server

I have a arch as server

You cannot use the 10.0.10.3 IP as a lookup

Don't have ns

sudo pacman -S dnsutils

Thanks

I will try it in a few min

Your resolv.conf on the Arch server should be

nameserver 172.x.x.x```

It cannot use its own IP or Localhost/127.0.0.1

as the NAT is done outside the scope of the Host servers "local loopback" with MASQURADE

So u just solve it

I can't use the arch own ip?

No, it has to be the containers

In the eyes of the host server, its not running the DNS Server, the Container is

So u solve it thanke u so match

np

sorry for not checking in earlier

Hhh

is this bad

Heh sorry. Hope you get your shit sorted

Why are they doing it?

?

Security Projects, Metrics, etc

Identify and target common public security flaws, address them through use of media, patches, or updates

^ @plain siren @rose sparrow

They are checking for vulnerabilities and hoping people give them information to "opt out" so they can scan you more from other places or do more intense scans. The only "research" they do is to steal information and break into networks

I mean, not trying to sound like a dick but how are you sure

I mean it very well could be that, but like, is there any source or so

Well their website says copyright 2014 to 2021, it's actually not been registered until Jan of 2021

There is a single link and a single description on the site that claims they are doing research and a form to opt out, nothing more

I mean, hm, did you check the domain reg date or so?

No links to associated schools or research, nothing

icann lists domain registration dates

Yeah it seems sus on its own

Plus they are on every threat feed I've seen and listed as malicious, some places like the sans institute show they are constantly scanning ports 22 and 3389 just as an example hundreds of times an hour. If that's not sus I'm not sure what counts

wait, SSH and RDP

Yes that is just striaght up a botnet looking for open root logins or so

Yup

Haha Its russian

Seems like there is a few websites sharing the IP they are using

They are russian sites

That makes it even susser

godress.com.ua for example

Which is actually legit

they probably using the same provider or so for the hosting

There is a dating site... in russian

And an underground grayhat forums...

oh and baby shit

That's.......

Yeah. 😂

How to can I check if my LAG is working?

(Ports bonding)

Hey guys I need a network switch... ideally 2.5Gbit or more on german amazon

if you need A switch

https://www.amazon.de/-/en/QSW-1105-5T-2-5Gbps-Negotiation-Unmanaged-Switch/dp/B08CKT147N/ref=sr_1_3?dchild=1&keywords=2.5+gbit+switch&qid=1629567943&sr=8-3

if you need a BETTER switch for 50€ more

https://www.amazon.de/-/en/Ethernet-Unmanaged-Rackmount-Lifetime-Protection/dp/B07695FD9Q/ref=sr_1_5?dchild=1&keywords=2.5+gbit+switch&qid=1629567943&sr=8-5

My pc is only getting 100Mbit instead of 1000Mbit despite my network card in windows saying it has 1000Mbit connection and it says 1000 in the router as well, I really dont seem to know how to fix it i tried putting my network adapter at 1.0gbit full duplex but I am getting low download speeds regardless of what router and network adapter says. Tried different settings and everything. Changed the connecotr on the pc side(it was a bit damaged so i thought that might have been it). ISP speed should be 1gigabit, getting the correct speeds on other deivces connected through ethernet. but my pc wont when i connect it either directly or through a switch. This problem only started occuring after switching to a new router through the isp despite using the exact same setup.

When I connect the ethernet cable to the switch it automatically gives off 100mbit on the settings page of the router and when i put it in my pc directly it says 1000 but i only get 100mbit speeds

The cable is the issue

What category is it?

And try a different one

should be cat6 with the right connectors

@peak cloak Could u help me please?

should show in the end devices?

never used LAG, never had a need

Oh OK thanks ;)

Not see for sure

hey so if i bought a new roughter and turned my current roughter into a modem would i get better wifi or just the wifi the modem is geting

You mean wifi range? Depends on the new router
You mean speed? No
You mean stability? Possibly, depends

I need help trying to get my windows smb server port 445 to be allowed via public ipv4

and yes I have done this, I think it maybe a firewall

.

Do I need VPN if i rarely use torrenting, don't use streaming services (except Spotify, which, i think, bonds your country's library with pricing, and i use Russian ones cuz i'm broke af) and my country doesn't censor anything?
[ping me]

the only geo restriction in common use i recall is Youtube Topic audios, which are mostly unavailable in Moldova (only by certain labels like Nuclear Blast or AFM Records)

0 dbm

Tl-Wr1043nd op

Especially when unlocked to full TX power in openwrt

But this is just too much for any sane use lmao

Honestly. No.
I only use a VPN for p2p transactions.
Other than your IP there's all sorts of fingerprinting techniques that companies use to track you.

No you shouldn't even worry about torrenting with a VPN. the most that can happen is your isp sends you a letter asking you to delete a specific album that you've torrented

They'll shut the service to your house and fine you if you are a repeated offender.

However it depends on the ISP, honestly.

If someone is happy enough to get you for copyright infringment, they will go through other means like fingerprinting and looking for sites you've registered with both your email / username.

Still no Ethernet fix for my PC now there’s no connection at the switch but the Ethernet status menu has bytes passing in and out?!

@livid compass every thing else works on the modem?

Even the WiFi that barely makes it to my PC

@livid compass how about I try the PC on a different router?

Hey guys I have a situation where it says “Ethernet doesn’t have a valid ipconfiguration

Need help on my internet speed. Have a new xps 15 9510. Im getting about 400 download speed on my phone but only about 30 on my laptop. Not sure what the problem is

This isn't the perfect place to ask this, but I feel like there would be a reasonable amount of overlap here. Does anyone know if the cheaper Yubikey security key will work with a 5 nfc as a backup, or should I buy something more expensive?

You don't have to worry about yubikey to yubikey compatibility, you just need to make sure that the services you are using support both models / methods. or that they fully support having more than 1 yubkiey. I personally have 3 that i use for most services, 1 primarily, 1 as a backup, and 1 that stays on my keys.

Alright, thanks.

I have a large multi building establishment that I need to upgrade internet for. Ideally, it would appear as one large network to upwards of 200 devices. I also hate to say this, but each entrance (3) also needs a stable connection. Is there any one solution that would be best for my use case? (Mesh, point to point bridge, etc.)

so you would need lots of APs

That would work, but some areas (entrances) don’t have wires run to them.

tbh, if it's multi building, and pretty big idk if you are qualified enough. You would want to split it up into multiple subnets, etc.. You don't want it on one flat network (broadcast storms, etc.)

then you gotta run wires to them

or use some P2P antanees

heavily depends on the specific details

Ok, thank you

dang 10G-SR transeivers are TINY, wow (very thin)

compared to what?

10G-SR and 10G-LR are the same size, only when you move up to QSFP do they really get any larger

Sometimes I get amazed how tiny they are too

I expect SFP-DD to roll out in a few more years, then you'll have 100Gb in an SFP form factor

:o

Don't we have like 1Tb

Per transceiver

Nope, 400Gb in QSFP-DD rgith now, 800Gb in QSFP-DD800 soon

1.6Tbps interfaces are possible but nothing on the market probably for another 2-3 years depending on how things shake out

Pretty sure I remember seeing a Nokia router with one Tb or so

I mean you can have a tb/s on a fiber link with mux/demux

Maybe that's tb/s routing

Yah, but no native transceivers on the market. Mux/demux and DWDM for sure

Yeah, but you can plug that directly into a network device

Needs to be demuxed

https://www.globenewswire.com/en/news-release/2021/01/27/2164807/0/en/Nokia-and-Elisa-push-network-boundaries-with-world-s-first-1T-deployment.html

Unless there's a router with that

dwdm is pretty ahead tho right

Like so many tb's on few strand of fibers

Yah

100gb is the pretty common right now though. At least in the data enter environment.

DWDM Is basically the goto in the large cloud Providers rn

400Gbit Backbone Deployments and Multi T-Bit Bonded Bridges between Quadrant Zones

Anyone know how to turn an Ethernet connection from a desktop PC into a mobile hotspot?

Help

@terse nest you mean turn your wifi card into a mobile hotspot or are you trying to connect your ethernet into a wifi hub and use that to share your connection
@pastel plinth run command prompted as admin and then use the following commands [ ipconfig /release all ] then when that is done then do [ ipconfig /renew all ] and that should help to fix it if your connection is dynamic and not static

First of all you'll need a wifi adapter for your desktop.

Hello Guys , so I've Patriot 3200 16 19 19 19, JJR Die 2 x 8GB.
OCed to 3800 / 1900 FCLK.
One day it ran fine even passed 14 TM5 Cycles, next day at night it failed TM5 and gave LOTS of WHEA (See file attached).

So, one on discord, suggested me increase vsoc from 1.1 to 1.125v and try again, so i changed to this ...changed back to 3800/1900 fclk and will now run 10-15 TM5 Extreme cycles... lets see, last night TM5 failed and couldn't finish as those WHEA errors came and self reboot... so now will be interesting, if VSOC bump indeed fixed it.

Also I did SLIGHT RAM voltage bump 1.35 to 1.37

P.S. CPU: 5800X, Board: X470F, 750W PSU Antec bronze, CPU cooler: AIO 240MM Xilence.

Note 21-22th was opziming PBO/Curve, but then disabled them to ficus on RAM optimization.

Also, CPU hitting 95c peaks at linpack extreme and also when runnun OCCT VRAM together with PRIME95 Large, together.

Sir, this is #networking

Even thought this is networking. Your FCLK might be the instability there.
You can increase SOC voltage but over 1.2v is where I would draw the line between increasing the voltage.

Anyone know if a Cisco 10 GB PCI-e Dual Port Network Adapter 68-3544-04 73-12522-04 will work with a Asus m4a87td evo Motherboard?

How can I do a speed test in terminal (linux) on lan?

iperf

Its native or need to be installed?

installed ofc

what is the dist?

What the name of the pkg?

what os?

? Not a native speaker

Arch

idk, but on ubuntu it's just iperf3

ok thanks

pacman -S iperf3

Oh u meant distro?

yeah

Oh hhh

Thanks ;)

It's need to be on both the systems?

yes

because on one system you run iperf3 -s and in the other iperf3 -c <IP>

The -s is the one I'm going to be connected ?

-s is the 'server' and -c is the 'client'

So this the a way to check lag teaming to right?

it only shows network speed if i remember correctly

not latency

Anyone know if a Cisco 10 GB PCI-e Dual Port Network Adapter 68-3544-04 73-12522-04 will work with a Asus m4a87td evo Motherboard? I really need to know so I can upgrade my network for my TrueNAS system

I need help with a very technical thing, is the latency over SFP+ actually better than a rj45 connection?

what version of true nas?

the interface doesn't matter that much

iirc, but copper has less latency than fiber

so like a SFP DAC will have less latency technically than a fiber link

The Newest version that came out TrueNAS-12.0-U5.1

but copper degrades fast over a long link

ok, I have a latency sensitive service running on one server that needs access to another server, for now, it is just a meter of rj45 cable, running at 1Gb, will it improve if I add a SFP+ nic?

see here https://www.freebsd.org/releases/12.0R/hardware/

so basically my question is, SFP has lower latency than RJ45, even if it is just a couple miliseconds?

Then what do you think would be best low cost dual 1 gigabit or dual 10 gigabit PCI-e 2.0 card

probobly

with DAC

https://forums.whirlpool.net.au/archive/2715534

I meant link afourtion

Link to ports as one

that won't show on a single connection

however iperf3 has a -P flag

-P, --parallel # number of parallel client streams to run

don't know how useful that is

No I config port 2,3 on the router as one and did that on the proxmox

Nic teaming

yeah that won't show as a single high bandwidth

Oh ok

maybe with -P?

idk

Link aggregation these days is more used for failover from what other people said

I know to trat it like a road and cars

You have to rods of 1g each to drive

Well I just bought a " 394795-B21 - HP DL380 NC380T Dual Port PCI-E Gigabit Network Adapter 374443-001 " for like $8.00 LOL

and that one is on the list for what will work with TrueNAS

Should I upgrade all my Cat5 to Cat6 or 7 Cables for my True NAS?

Cat5 should probably be upgraded, yes. I think it has a max of 100mbit. If it's cat5e, I don't see much point unless you have 10gbit

Hey. Anyone have a recommendation for a cable modem for Spectrum? I’m looking at the Netgear CM1000

Best way to get a modem for your ISP is to check the ISP's website and see if they have a modem list. That way you get one that will be at the speed you need and are known to work with that provider. That is how I get all my modems.

Note: you may want o look at a faster modem on there list so that way if you upgrade to a better internet package you will know what you are working with.

Yeah. I looked at their list and this one had top recommendations

if it's on there list then it should be good.

I've bought almost every modem for my ISP's on ebay. LOL

just make sure you read the listing page really well and if they have pictures of the modem info for the model number then it's all good 😄

Although I have never been a big fan of NetGear. I like my arris modems 😄

Am i correct in thinking that a Windows Server 2019 Datacenter edition acting as a Hyper-V host can activate unlimited Windows Server VMs without needing additional licenses?

no cause you will need to activate each one with a different key. the only way that can happen is if you have a key for unlimited activations

This is a server UPS. Does anyone know how i can connect it to home products like a PC and monitor? It uses a different output plug than normal

that's common in datacenters

Do you know what kind of converter i need to connect it to my home products?

something like this

https://www.amazon.com/Tripp-Lite-IEC-320-C14-IEC-320-C13-P005-12N/dp/B006ZB30VE/

Maybe get a power strip with a compatible input plug and plug everything into it?

https://www.amazon.com/ACA1017-Adapter-Official-Certification-Standard/dp/B07DCWXTYM

idk how safe that is

I need a pure sine wave UPS and all pure sine wave UPS's are made for servers

At least from the shops here

What does OS Stacking do/mean? I thought that would be the same license is stacked onto the vms

Can someone please help me I’ve tried fixing my Ethernet that says it’s not a valid ip configuration but nothing has worked

Yes

https://docs.microsoft.com/en-us/windows-server/get-started/automatic-vm-activation

https://docs.microsoft.com/en-us/windows-server/get-started/automatic-vm-activation#avma-keys use the AVMA keys

Anyone here have experience with openvswitch?
I have a question, I can't find a good guide for it on centos 7 with ovirt.
I'm trying to configure lan nic on my cloud pfsense that I host on ovirt with openvswitch but can't make it work.

safe as long as the product is rated for 200v+ thats why the plug is strange

Can anyone recommend any 2.5GbE NIC's, which would work nicely with PfSense?

I've found one, quite cheap tbh, but it's with Realtek controller, and I've heard that PfSense tends to have issues with Realtek NIC's

They also tend to have problems with low power cpus. won't even come close to line speed

most I could get out of mine was 200mbps ish

don't use pfsense

yeah pfsense and realtek dont like eachother, i ended up just running a sfp+ 10g to a unifi switch that has 2.5gb ports and doing it that way

also qnap has surprisingly cheap switches that support sfp+ and 2.5gb

whats your incoming bandwith that you're using 2.5 from pfsense anyways? you can technically bond ports if you need more lanes

also

pfsense itself

doesn't it suck for anything greater than 1gig

nah

without expensive hardware

and higher power usage

way back when, but it handles bonded 10gig if you have hte right hardware lol

well ofc with enough hardware

lol

still

at that point, dedicated routing hardware is better

i have mine running off of a gen 6 i5 i think

no issues

I am going to do a massive upgrade soon, waiting for hte new threadrippers to come out to drop the price on the current zen 2 ones, do unraid with file server, firewall, automation engine, home automation, some dockers, 2 windows vms, plex. all in one box

unraid...

yeah the easy gpu passthrough is the reason im going with unraid

is that with a 10gig routing load?

i have proxmox setup as my current hypervisor and i can do it but eh i want something easy to manage

unraid sucks btw

everyone know that

yeah theres nothing running atm i have my unifi down for upgrades

im aware on unraid but i had it up and running and for what im using it for should be fine. my only concern is (and i havent looked at it in a min) is if zfs sitll has a benefit over it, ive also never exp a drive failure with unraid so im curious how that looks

let me get you the unraid rant

i have esxi licenses and id be more comfortable running a hypervisor and some vm's including freenas off of that but theres no gpu passthrough support without some fuckery

unraid uses one or 2 drives for parity

that sucks

zfs strips it

yeah

but you need a shitload of ram for zfs too

and unbuffered ecc specifically

theres also Nutanix single node

but again the gpu passthrough would prolly be an issue

not really

it's just cache

1gig per tb

min 8 gig

zfs eats ram for metatdata for used blocks

let me ask a zfs dev

@bitter forge

It is somewhat of an oversimplification. Yes, ZFS will probably perform better if you don't have tiny amounts of RAM, or grossly mismatch your pool to your memory size. So say attaching a 100TB pool to a machine with just 4GB of RAM. That having been said, will it work? Absolutely. Will it work well? Probably, depending on what your definition of "well" is. Will it be optimal? No, probably not.

yeah

but yeah, it's not a strict rule

im looking at 108tb raw disk

so id have to math that, but whats your recommendation on hypervisor? and i apologize i realize this is the network chat.

I am super new to discord, i miss IRC lol

@bitter forge ```Probably 64 gigs would be enough to get to nearly maximum performance. 128GB would be nice, but it also depends on how your workload is structured. Would your working set mostly fit into those 128 gigs of cache? Does it compress well? Is it mostly tiny blocks with random access, or large sequential reads? etc. etc.
Answers to these questions probably affect your RAM amount selection much more than the simple pool size parameter.

all the server people are in here

got ya cool just dont wanna violate rules

yeah im open to suggestions

if unraid isnt the right choice. i could do proxmox seems like a butload more work to get gpu passthrough for plex transcode

my current proxmox is on 2 skull canyon nucs so idont have any gpu to passthorugh and test

problem with unraid is it's just bad storage

what about one box to do storage and another for the hypervisor

could technically run freenas under its hypervisor

yeah i was trying to self contain

at htat point id grab a qnap and not bother with any of it lol

true

Dont have a wifi card, just want to use the Ethernet as a hotspot

Don't have one. Any other way?

wut

gotta somehow "make" wifi

best way is to just grab a switch and AP

or something like this

https://www.amazon.com/TP-Link-EAP235-Wall-Beamforming-Installation-Integrated/dp/B08HSNYH57
both AP and switch

Anyone a PFSense/PFBlockerNG guru in here

Im trying to block several *.domain.com style URL's but not having much luck. I added the URLs to a custom part of a DNSBL List I use, but it appears to still be getting let through.

Not an expert but I've used pfblockerng. But why *.domain

Should just be domain. Com

will domain.com block any and all subdomains?

Would block anything sub of that

Yeah

hmm let me try

hmm I can still go to the site

Could make a fw and just block it

I just added these URL's to the custom part of a Block List i subscribe to

yea I was thinking that as well, but if i make aliases and block them with a FW rule it will still block all subs?

Did you add it to DNSBL Domain name blocking custom list..

Yeah just use the whois feature in the ipv4/6 to query

added it to the custom list at the bottom of that

Sorry on mobile. I'll load the package when I get home and try

Let me see the custom list

Copy and pasting

Thanks for the information. I added a new DNSBL list - no source defined, and the status = OFF.
Added the target domain to the Custom Block List, did a force update and the domain is blocked :-)

hmm

maybe my testing is bad

hmm, my test machine is using pfsense as the dns server

Delete your source

And set it to off

yea i just created a new list

Ipconfig /flushdns

And try to hit it

It sucks for your power bill

@rare snow any luck?

No not yet, I have up for the evening will try again tomorrow

hotspot is a wireless technology. You cannot do it anyother way. You need a wifi antenna of sorts.

I deabled my hearpin rule and I can still acsses as before, why is that? It's bec I'm using domains with a revers proxy?

Hi, I have installed Windows Server 2022 on my HP All in One computer, but when I connect my SD card in the dedicated slot, it’s not detected in its file explorer. Does Win Server support SD cards ?

Did u format SD card?

.

It’s new

Haven’t done anything yet

But it does get detected on my laptop with Win 10

No idea sorry ditch win long time ago

Lool. So you use Linux now ?

Linux on servers 100%

Except when you need it for stuff like AD

Or games

True, the problem is, my parents also use that computer for normal stuff. So no Linux 🥲

Oh, then why windows server...

Cause it’s basically Windows 10

Not meant to be for general computing

But without let the useless features

Not really

See, my parents can use chrome, ma office and exe files just fine on that Win server

So no problemo

If you want windows without the bloat, use a debloater

And I get the server features, that’s the main reason why I installed Server 2022

I use it as a NAS and Plex server

For my laptop which is my main PC and all the TVs

Ah, but tbh get a second box if you can

Yeah. I’ve always wanted to. But no point now since I’ll be going to college soon

So am I, but I have 2 computers as servers

Used Office desktops are great

👍🏻

I’ll see, I’ll ask my dad for an abandoned PC from his office, install 8gb ram and run FreeNAS

100%

Why not created VMS on it

😂😂

It’s has a quad core i5-4590t with 6gb ram

its a super computer, what do u want

Look jus buy a rpi 4 8gb and make it a server

Ohh you’re talking abt cloud service, I thought you meant virtual machine on my local computer

No

This was a jock

But was liagit, its bettwen 50-100$

Depends on the area u live in

hello

my port fowarding doesnt work

i have no idea why

Does it work locally

And what are the first 2 octets to your WAN IP

so like 10.43.x.x for example

external ip right?

Yeah, bit you gotta get it from router

188.27

Not from Google

From router right?

i think so

Ah good

What are you hosting?

nothing i just tried opening a port

Well ofc it wouldn't show as open, since even though the port is open on the router, there's nothing listening on port 8008 on whatever 192.168.0.104 is. So the port scanner doesn't receive any response and assumes it's closed

xd i am parallel with networking

how can i male the computer listen i want to see if it actually works

webserver, netcat

there's lots, but on linux netcat is the easiest

i am on win lol

https://nmap.org/ncat/

it works thx

whats a good dns server to use

8.8.8.8, 8.8.4.4, 1.1.1.1

Multigig managed switch prices make me sad.

just get 10gig...

sfp+

It is funny how hard it is to sell 10G switches 😆 tried to sell a MikroTik CRS309-1G-8S+IN router/switch

tried for close to 2 months now

for how much?

and where?

I am located in Norway so i have just tried the local sales pages..

ah

don't think the market is that big in norway

not sure tho

could try on r/homelabsales too

i am trying to sell it for 200$, new price on it here is 340$

good price tbh

i know, 2/3 of msrp

not a single message recived about it

I replaced it with a USW-EnterpriseXG-24 (24x 10GbE RJ45)
and i have supermicro 2x 10GbE nics in all my systems

Those prices make me even sadder.

$1400 for a 16 port.

do you need 16 ports?

MikroTik CRS309-1G-8S+IN (8x 10GbE ports + 1GbE PoE boot) = 280$
MikroTik CRS317-1G-16S+RM (16x 10GbE ports + 1GbE PoE boot) = 320$

SFP +, Not RJ45 on those models.. idk what you are looking for. 10G trancivers can cost a bit so

Wow 8 just I'm just terrible at shopping for network gear

https://www.amazon.com/Cloud-Router-Switch-317-1G-16S-RM/dp/B0747TC9DB/ref=sr_1_5?dchild=1&keywords=MikroTik+10gbe&qid=1629929919&sr=8-5
https://www.amazon.com/Cloud-Router-Switch-317-1G-16S-RM/dp/B0747TC9DB/ref=sr_1_5?dchild=1&keywords=MikroTik+10gbe&qid=1629929919&sr=8-5

Oh right $FP

:(

They are SFP+, not RJ45

Id be fine with like a 16/24 copper gig and 2 or 4 SFP+ that can do 10 gig but everything I can find is spendy af or sold out.

https://www.amazon.com/MikroTik-12-Port-Switch-CRS312-4C-8XG-RM/dp/B07VS1XJZ6/ref=sr_1_2?dchild=1&keywords=MikroTik+10gbe&qid=1629929919&sr=8-2
This MikroTik have 8x 10GbE RJ45

and 4 SFP+ / 10GbE shared / combo with 4 10GbE RJ45's

Like an HP 1810-24G with 10G SFP support instead of only 1G would be perfect.

So you do want a switch with SFP or SFP+

Like an HP 1810-24G with 10G SFP support instead of only 1G would be perfect.
If you dont mind SFP+ then i would just go with either of the switches i mentioned first, if you want RJ45 i would have gone with the 12Port i linked last.
@bold drum if you are on a tight ish budget

CSS326-24G-2S-RM

That switch only have 24x 1GbE RJ45 + 2x 10GbE SFP+

you only want to have 10GbE uplink and "downlink"? not the rest of the ports?