#networking

Well what do i do

I have two routers one main and the seconds works like a switch so I had to disable dhcp to get it to work but I can't get to admin now

Xd

reset it then supply the second router with a static ip then disable dhcp on it.

oh

like that, I assume that's dhcp server

it should still use a dhcp client

@dull mirage look in main router dhcp client list and try to find it

Uh

Okay

I won't find it

Bc the switch router is disconnected from main in order to get admin page of main router

so im looking for a doorbell and a camera but idk what to get as ubiquiti stuff requires the dream machine

oh you need to connect it

ethernet cable should be in the LAN ports too

i have no idea what brand to go with Nest im going to get for the smart thermostat but i want something that works with apple home kit so im lost

unless there is a way to turn off NAT

Yes.. from main router goes only one Ethernet that is connected to router switch that's disconnected to get admin page of main

i need a back door camera and a front doorbell plz help im lost now

you need to connect it, if you can't get to main router admin page, that means it's still NATing probobly

looking for inbuilt storage or self hosting on an old laptop or Pi any suggestions ?

Can we go pm? I'm getting lost here in chat

I don't see much activity here

I avoid going into dms

Okay np

So how I'm gonna do it

If I'm connected to switch that's is connected to main i can't get to main admin page

To get admin page i have to connect myself to main router but I have only one cable

it's a switch or a router?

Router

Low budged

what port is it connected to? WAN or the LAN ports

Lans

There is only lans and DSL

huh

Switch router

and dhcp is turned off?

what does ipconfig /all show

This is how it's looks when it work as a switch

Eat

It ain't kicked me from main admin

Okay uhh where is dhcp client

I see only dhcp

look for clients?

or devices

connected devices. yeah.

Devices on lan?

ye

I tested it the router ain't showing there

Devices that are plug in in the switch router does

@peak cloak i got outdoor cat 6 will it fit in the same connector as 5e?

Not sure, the guage may be different

the outdoor 6 has thicker cables by the looks of it

and it has a metal wire just sticking out

so i got metal jacket connectors idk if thats correct just googling and

I mean do you need the admin page od it for anything

buying stuff

Oh shielded connectors

Never worked with those

yeah i got passthrough ones because its easier to connect

well... i wanted to go to the swithc router admin page bc it aint let me pass ports through that swithc router so ssh or ftp aint working

I mean it should, it's just a switch

getting connection refused

Cat6/6a is has a larger gauge. Outdoor cables are thicker in general for the extra shielding. You shouldn't use Cat5e ends on Cat6/6a

you might be having an IP conflict . you would need to resolve that first. https://download.zyxel.com/VMG1312-B30A/user_guide/VMG1312-B30A_1.00.pdf

i got cat 6 on amazon

https://www.amazon.co.uk/gp/product/B08LMPLGFS/ref=ppx_yo_dt_b_asin_title_o00_s00?ie=UTF8&psc=1

this and this cablle

https://www.amazon.co.uk/gp/product/B01HVTV83K/ref=ppx_yo_dt_b_asin_title_o04_s00?ie=UTF8&psc=1

i mean it works... dhcp on router switch is off but cannot acces both admin pages and port aint goin thru that is it still ip conflict?

if both router and (switch) are trying to use the same IP .

nah

Main admin page is 192.168.1.1

and second is 10.0.0.1

or im wrong but jsut like this its in the docs

and ipconfig is saying that dhcp server is 192.168.1.1

Well they need to be on same subnet

router switch and main?

The whole plug into lan thing is tricky since it's essentially a hack/exploit as it isn't designed for it

disconnect the zyxel see if you can access it when its not connected to the main router. by manually setting your computers IP.

So it probably isn't listening for dhcp on lan ofc, which is why it doesn't show up

when i unplug it form main and try to connect to admin page of it i get connection timed out

err_connection_timed_out

well if you changed it to 10.0.0.1 you would want to manually change your computer IP to 10.0.0.2

oh mistake.. the switch router page is 10.0.0.138

you need to be in the same IP range

oh.. so what should i do?

10.0.0.2 would still work.

No not really

my pc is on 192.168.1.14

It's acting as a switch

change your PC's IP manually to 10.0.0.2

It may allow access to switch router but it won't allow internet access

this can be all useless! my main problem is i cant ssh or use ftp or playgames on lan... just ports.. I think it can be firewall that the switchrouter has on

no its cause the switch is set outside of your "normal" lan network of 192.168.1.x

so?

so any port forwards or anything won't go through cause its not part of that network.

they cant talk to each other from what i understand

so i had to change ip of that swithc router?

yes

you should set it to 192.168.1.10

how should i get to its admin page...

by manually changing your computers IP to its network.

if i unplug it from main router and connect only my pc to it still gets timed out

cant you change it on the router ?

specify what router u mean...

draw your network on paint or on a piece of paper

then write what the ip of each is

¨xdddd

then you will know what is what

his router will only deal with anything with an IP address range of 192.168.1.x if the switch is 10.x.x.x that is not within 192.168.1.x range

yeah

the subnet is different

yeah that switch isnt in the same subnet mask

its needs to be 192.168.1.x

if i do this i cant get to admin page of swithc router

its not the subnet per say it is the IP range.

subnet is what bits to match.

yeah but its 192.168.1.x

as far as i remember it had 255.255.255.0

both§

yeah so the 0 is what you can use

you can use from 2 to 255

thats subnet

yes but your ip range can be anything from 0 to 255

anyways. manually change your computers IP to 10.0.0.2 then you can access the switches management page.

how please

what OS are you using?

win

ME 7 8 10 11?

10

isnt it on the same place as change ing dns?

it is

ye im dumb

should i set subnet mask too?

yes

I'm in

Uh

Why can't I remember pass from yesterday ._.

oh oh

ahh and I made a pretty picture. oh well you found it. heh.

Im sorry xd

What should I set?

Dhcp off

Firewall off
Change ip

Right?

change the switches IP to 192.168.1.10

I'm talking about switch router ye

Dhcp off and firewall to?

sure

Gotta type from mobile

Okay dhcp off

Start IP

192.168.1.10

End ip? @primal ice

no just the switches IP

that sounds like the dhcp range

But

Ups wait I'm gonna switch to eng

Or?

Ok

just change the 10.0.0.138 to 192.168.1.10

Ok

Ain't works

Oh ye bc my pc ip

Weird

right now you should go back to getting IP automatically.

Err_connection timed up

Out*

I set my pc IP back

Maybe restart the router?

sure

Hmm

Should I connect it to main router?

I can't get there

what do you mean?

It's unplugged from main router

Like this

oh yeah plug it in

Ok

what are you trying to do ?

can you access the main router and the switch now?

because im confused

No

are you getting internet?

No

you set your computer to automatic from dhcp

Y

in an admin command prompt try ipconfig /release

then ipconfig /renew

Okay it needed time

I have internet

I can access all admin pages eow

grats

Now gonna test the ssh

Nope :/

@primal ice any ideas?

check the qos setting in the zyxel, make sure its disabled.

could someone help me setup a routerboard 3011UiAS-RM with a capsman server for a hap 2 and a hap 3 as ap's

ok

where that?

find it

found it)

qoality of service right?

yes

i set it to off i think i have to restart the router

@primal ice Did still nothing

okay what exactly are trying to do?

and lan games cant work too

pinging 192 168 1 19 responds?

yes

maybe nmap check if the port is open or so

?

use nmap to check if 22 is open from your system

thats command or what

yes

you need to get that tho sadly.. windows is pain in butt https://nmap.org/book/inst-windows.html

i just use 192.168.0.20x for my custom ips

WHAT

wut what

this

why would you use 192.168.1.1x

theres no way you have 254 devices

that doesnt matter does it?

it does not

Not in the slightest

Dunno what's wrong with this. people use 10/8 range while having only 30 devices, what's wrong?

idk i just thought it was weird

nothing weird in it 😛

i thought people do that for when they have 250+ devices on a network

i'm thinking his router is not doing nat reflection.

looks so sketchy

opensource

that website

https://github.com/nmap/nmap

I mean, just hasn't been updated since a while

duh

it isnt signed or something

Nsis downloaded

i use 10.1.1.x/24

easier to type

10.20.128.x/24

ewwww, different numbers

should do 10.20.30.x

technically if you do 0.0 in the middle then it can be really short to enter i guess

whaat

idk if that works that way or not

i have nsis and i need nmap

that seems like some chrome wizardry or something

i know ipv6 can do that

wait if ur on windows why don't you just do pc.local ?

IDK i knew nothing about that

or 127.0.0.1

not really it could be written that way, i mean i cant just enter 10.10 and it'd work, i have to do https://10.10 and then it'd properly do the extention stuff

im completly lost here...

What do i have to do

what is your main router?

speedport plus

model Number

serial number?

model number is what he asked for

my eng is kinda messed up sorry

i jumped in late and didn't know the question / issue. it might be that you're router you can't reach isn't getting an ip address anymore. maybe connect the unreachable router into the reachable router and see if it issues an ip address to it after a power cycle. you can also run arp -a to detect devices on your network

nah

i can ssh through it or ftp

sercom speedprot plus cant finde model number

just reset to factory defaults?

why?

what port on the sercom are you using for the zyxel

wwait

i thought you couldn't get to it anymore.

if its port 4 try using port 2 or 3 it has some funky port settings

@primal ice it in lan 3

Should I plug it into 1?

you can try

Oh

Lan 1 is wan it it problem?

still think its not doing nat reflections though so its trying to ssh out to the internet and not your local lan.

yeah do not use port 1 then.

Well so port 2?

from the manual port 2 and 3 should be the same.

So we have 1 and 4

1 is wan

port 4 is set up to be tv.

Well

Wait

My pc Is plugged into lan2/tv at Zyxel

Zyxel is switch router

Well back to main router

Where to plug it

so?

my pc was plugged into tv at "switch router" i fixed that but still cant ssh or ftp

@north mulch the issue is that he is trying to use a router as a switch. For some reason it's blocking the connections which it shouldn't since everything is plugged in LAN, he also can't get into the web interface which I just think it's not possible without some custom firmware since you can't change the IP of the router lan ip which is on the 10.0.0.0/8 while his main network is 192.168.x.x

admin pages works now

Only issue are the ports

Ssh ftp games lan games nto working

how?

huh

ip ranges

we changed it to 192.168. since the switch router was on 10.0.0.

idk, seems like a even better reason to reset the router to defaults, that way you're troublshooting from a default config

its deafautl config...

It was reseted multiple times for this.

Chnaged things:
Dhcp - OFF
FireWall - OFF
Qos - OFF
Ip changed

are you're trying to ssh to this router directly?

was that enabled in the security preference page of the router?

the switch part is fine its the router now not routing properly on the lan .

im trying to ssh to different mechine at my local network

this is all sorts of messy

like the switch router is now on the 10.x.x.x network? while main is still on 192.168.x.x?

they should both be on one range for something this simple

tahts changed now

all is on 192.168

/8 /16 or /24

?

its /24

on both devices?

hrm not the greatest thing, but on the sercom enable upnp.

yes both devices.

what?

in the sercom management under home network enable upnp

you might have to restart it after enabling it.

yo....

it enabled.....

hrm

hmm can it by the main routers firewall?

it could be.

set up a rule on the firewall for tcp and udp incoming lan outgoing lan any address any port permit

again might require a restart of the router.

could also be the device you are trying to connect to firewall settings.

both have firewall off

idk where...

portforwarding cant be it? i have them few

it dont have like firewall

only thing i see is this

under internet firewall ip filtering

ip filtering is the firewall rules

this?

no

none of that?

no of it

er none

then where

i see this:

and this:

internet connection?

er configuration

also that router may not have that function.

have you tried ssh between 2 devices connected to the same switch?

yes

i found in manual security

it can be the firmware

did ssh work in that case?

no

connection refused

does 192.168.1.19 have ssh allowed through it's firewall?

its firewall is down

for testing

is ssh actually enabled on that device?

just trying to eliminate configuration issues on the hosts

well

even games cant work

It sounds like you have some configuration issue somewhere, likely on the modem or router.

ye in the docs there is advanced configuration.

But i have modfied firmware from t-mobile

Is ubiquiti stuff (dream machine pro, POE switch, NVR, cameras, etc.) still a good choice for a home network? I heard a rumor (though I can't recall where) that ubiquiti was planning on getting out of the security/surveillance business. Basically I want home security stuff but I don't trust ring, etc. and want it all on hardware that I own.

Doubt the rumor is true, they're still developing new hardware and software lol.

i would tend to be of that opinion as well.

Plus Protect (Surveillance) is going to be used heavily in their new programs

I've only used UniFi Network, not Protect, but a lot of my friends do and its been fine for their usage. Just general home recording and such.

it would seem like a big change in their business strategy, since my understanding is that they really make their money from commercial infrastructure, and companies will pay big bucks to have an all-in-one system like that.

how's your experience been with network? i have an edgerouter that I think is great, but that isn't really representative of the whole unifi ecosystem

Yup....new plans to integrate networking, access control, user directory, surveillance

Its fine if you just need like basic stuff lol.

I don't have a lot of firewall rules besides blocking traffic between stuff and port forwarding. No policy based routing or anything else.

i don't have any of that stuff now and i don't really forsee really needing it. i'm more looking for a good system that i can essentially set up and then not really have to worry about. the only "complicated" thing i have is a pihole, so i'd need to change the DNS of the router. I'm not going to do any hosting (except maybe the odd local game server for friends) so...idk. The main reason i'm drawn to it is the security stuff, and if i'm doing all that, i might as well use the whole ecosystem to simplify all that stuff too.

Tbh, with UniFi its been fine at several locations....

Then again its not like a lot of complaints where they're either running beta firmware, weird/unsupported configs, or super super advanced usage

agreed. or if they are, they theoretically have people on staff to make sure that nonsense works

but ever since school started back up and such, I've had no issues just leaving it running

I just leave it and it runs on its own and auto updating. Which is super nice

okay, good. that is reassuring

I need help...I'm in a dilemna

The wifi on my laptop is problematic

the second test was run immediately after the first with nothing changed in any way

This is from my phone which is connected to the same WiFi…. I chose a distant server to emphasise speed difference

The 2 devices are connected to the same WiFi network and are equidistant from the router… (they are actually at the same spot)

The router is only broadcasting a 2.4 GHz 802.11n signal (no 5ghz)

Speed tests from other sites such as fast.com show similar discrepancies

And when I get decent speeds on my computer… I still get a lot of buffering on sites like YouTube and Twitch with up to 80mbps speeds… a check in task manger shows utilizations far less at 2-6 mbps total when streaming

My Laptop is the only one facing this problem among all the devices that connect to this network

I have tried all tips found online including network driver uninstallation and reinstall and even gone as far as completely wiping the laptop( I keep most of my work remotely backed up)

The problem still persists and is actually very recent

network card info

problem persists even if I use dynamic IP address

Results when using same Speedtest server as computer

Location: Kampala, Uganda

latest test... I find the difference in upload and download speeds annoying

All tests are run with as many apps closed as possible on both devices( all visible ones on phone, all visible ones plus some that run silently, like steam and spotify, force closed so background bandwidth taken < 0.1mbps)

I shared your views. I ended up grabbing some Amcrest poe cameras. 8mp versions. And set them up on a pc running blue iris software. Is been solid for about 4 or 5 years now. I store the footage on a 2 bay NAS but you could easily use internal storage as well.

speed went up during speedtest and immediately dropped once it was done...I had momentarily closed discord but had an edge tab(The new Chromium-powered edge) with a very slowly buffering Youtube(LTT) video

final info(not eligible for win11 because I have a 6th gen Intel, but probably wouldn't have been able to download it anyway with this issue)

I repeat...the above stated issues do not occur on any other device that connects to the same wifi

Some ISPs give speedtests priority

or they run speedtest servers themselves

right on their network, so no going through peerings

whats wrong with that

speed of peers isnt their problem

my wireguard config is broken somehow

it sends a valid peer connection back to my client but it doesn't send internet data

well congestion?

when it's right on their network it's usually faster no?

sounds like routing issue

Address = server ip
SaveConfig = true
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 500
PrivateKey = server pubkey

[Peer]
PublicKey = pc 1 key
AllowedIPs = 10.66.66.2
Endpoint = my home ip:500

[Peer]
PublicKey = pc 2 key
AllowedIPs = 10.66.66.3
Endpoint = my home ip:500```

PrivateKey = priv
Address = 10.66.66.6/32
DNS = 1.1.1.1, 1.0.0.1

[Peer]
PublicKey = pub
AllowedIPs = 0.0.0.0/1, 128.0.0.0/1, ::/1, 8000::/1
Endpoint = serverip
PersistentKeepalive = 21

i actually forgor

i forgot to do routing

should the Postup and Postdown rules also be on the server config?

yeah it is

the top one is server config

ah

thank you

im just reinstalling my entire kvm now because too lazy to undo my errors

The issue is that it’s only that specific laptop that gets this issue all other devices on the same WiFi don’t get it

It’s only this laptop that has this problem on the entire network

I don’t get slow speeds on any of the other devices and neither do the other people in the house

how do servers have different public ips per server

you can have multiple interfaces

what does that mean?

plus any big "server" is not one singular server, it's a whole network

you know how you have an ethernet port, that's an interface, you can multiple ethernet ports which will be more interfaces but you can also just use vlans and other network devices as interfaces

like a router has multiple interfaces

Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth0             10.10.30.61/24                    u/u  
lo               127.0.0.1/8                       u/u  
                 ::1/128                                
wg92             172.23.84.34/32                   u/u  tech9
                 fdc1:e70f:34b0::4/128                  
wg93             172.23.84.34/32                   u/u  Kioubit.dn42
                 fdc1:e70f:34b0::4/128```

a server can too

wg is a wireguard tunnel which goes over the eth0 interfaces

but something like 1.1.1.1 is a whole network of servers

using anycast

so it goes to the shortest path to the closest server

this sounds confusing

networking is a whole wormhole

bgp is one monster in itself

apparently it's confusing enough that Facebook got it wrong so...

anyone use a yubikey?
thinking of getting it to store ssh keys, pgp keys, and the other 2fa stuff
how is it?

I mean one of my friends working at a corner of the street cheap datacenter also has stuff like FB does, well the core routing and shit, they never got that wrong in like basically all the years

FB's automation screwed them over

but mynameisjuan is also always saying how many people who manage bgp now shouldn't be

@peak cloak still not working

https://www.wireguard.com/quickstart/
https://www.youtube.com/watch?v=n00ayGUdCaI

Address = 10.66.66.1/32
SaveConfig = true
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 500
PrivateKey = 
[Peer]
PublicKey = 
AllowedIPs = 10.66.66.2/32
Endpoint = ```

thees are the links i used and all it does is connect without sending internet

idk, I don't mess with iptables, I hate it

I just use pivpn for mine

to manage that

bruh

but yeah seems like routing issue?

if tunnel is fine

dont know how to fix this shit

FUCK

what the shit are rx errors

oh

receive errors

how 2 fix

this worked in the past

seems like the tunnel actually isn't doing well ¯_(ツ)_/¯

wat

is there anything "bad" about connecting a ubiquity Access Point FlexHD in the attic? Do you all think i'd see a noticeable reduction in wifi speed?

i've already tried this multiple times

how the fuck do i fix it

I have no clue

check wireguard logs?

you would need to look that up, I forget how to enable and look at them

theres no server logs apparently

Would this be the right place for unraid questions?

I guess

idk anything about it, except that other people say it apparently sucks

@peak cloak would client logs be useful

maybe

wqait

Really? I just spent half a month trying to get a Synology clone working and just got myself a SuperMicro storage server

what the fuck

Was apparently used as a flash storage server

Got it for the cheap

im a genius i fixed the proble

what was the issue?

one line in the config

i didn't change the IPV6 that it was trying to take

::2 rather than ::3

oopsies

fun

not even one line, one character

I didn't like FreeNAS and saw unRAID or OMV as alternatives

I do want performance and redundancy

usually the preferred storage from what I hear solution is something that uses zfs

sorry man im stupid rn

apparently the way unraid's storage works sucks

cant you use unraid and zfs together?

wut

no

maybe if you hack it together

So why does the benevolent leader Lienus use it in production at LTT?

linus doesn't know much about server/storage/networking

But the homie Anthony does

I know they use GlusterFS for their deep storage

level1techs is where it's at

But I don't really need stupid amounts of redundancy either

Linus home server video

yes

completely ignored😑😑

Anyone able to help my identify what my network issue is? I can run some tests if needed, I am on wifi, but things arent all that bad in terms of ping times and packet drop rates. The issue is I get dns errors for hours at a time seemingly randomly

Discord calls, I can stay in, but cant join, chrome allows me to refresh a page, but not look for a new one, and I can play games like csgo or p2p fighting games like rushdown revolt

I'm kinda stumped as to what it is, my brother has in the past used a wifi jammer against me, (which he couldnt be using anymore, I fried it with 12v through its reset pin and it smelt burnt), I'm really not sure what it could be tbh

And when stuff loads at all, websites load really slow

And discord, but games are 100% fine

And for context the ping test was 100 packets to google.com

Things were fine, for a bit, but for the last week things have been bad

First, is the issue only on your pc? or on all devices that connect to the WiFi network?

Only my pc

My phone is fine

They are on a wifi repeater sub net tho

Unsure how that effects things

Did you tweak the settings on your computer in any way, such as to use a different/specific DNS, static IP, or VPN?

Havnt touched my settings in ages

this is the sort of things that happens

And just then, I couldnt send messages, but I could get yours

I'm a bit confused now, but anyway I'm not a qualified network specialist...what I would do is to try to change my dns provider to something like Cloudflare(1.1.1.1, 1.0.0.1) or Google dns(8.8.8.8, 8.8.4.4) in the settings to see if that helps. If you are not familiar with the process, I do not particularly recommend it unless you have guidance

will do, which one is better?/what are the perks?

I can change it real quick, just unsure which one I should change to

I believe Cloudflare is faster and more private, with Google dns SImply being ultra reliable but slower and less private

Personally I use Cloudflare

Fair enough, I'll do cloud flare

It says 1.1.1.1 (Unencrypted)
1.0.0.1 (unecrypted), does that mean anything?

could you send a screenshot

sure

I believe that should be okay

Fair enough, just wasnt sure

It doesnt bother me to much

I dont have much to hide

Just in case, disconnect and reconnect to the wifi and see if there is any change, In case you completely fail to get a connection, switch back to the previous settings(Presumably it was automatic, giving you your ISPs DNS servers)

will do, and yeah it was

Are the services working now?

Discord and netflix is

like netflix?

Gonna test something else

Thanks for the help man, things working again

Happy to help

I have my own problem though that I have completely failed to figure out😑

I wish you luck

Literally wrote a short essay giving as many details as possible and simply got left hanging

If I knew the issue I would answer

detailed above in the message I self-replied to

is there anything "bad" about connecting a ubiquity Access Point FlexHD in the attic? Do you all think i'd see a noticeable reduction in wifi speed?

The ethernet cable that isp sent is much worse than the one im currently using, should that be a concern

I think you’re pretty free to use any Ethernet cable you have as long as it’s not one of the really older ones

anyone know stuff about vpns?

Dose any one know how to get around blocked website's without a vpn?

@primal ice
Im that guy from yesterday... It started to block some websites...

why does my pc not wanna connect to some websites

bol.com works fine for my gf

i have same problem with pricerunner.dk

tried running these commands:
ipconfig /release
flushdns
renew
netsh int ip reset
netsh winsock reset

still doesnt work

Not all servers have icmp enabled

icmp?

Ping is not a protocol, its a utility suite which uses ICMP messages

But it works for their GF, I assume they're in the same place/on the same connection

I thought they meant the website works

Not icmp specifically

True, hard to guess and would definitely need that clarity from OP

well i couldnt connect

works now tho no idea why

thats what i said in my first message lol

You said "works for your gf" after posting a picture of your pings making it hard to determine if you were pinging from her PC in the same location/on the same connection or she was just accessing it over the web browser fine

works now for some reason tho

ah no not same network

Well that's a huge difference

ye

Different ISP?

works now tho

so dw about it

Hmmm, wizardry!

thanke tho

computer moment

since when did they add slowmode to this channel

Haha, yup, probably a bad cahce or something

Since a while ago

slow mode has been here for about a month perhaps?

guess i have to leave now (fuck whoever decided slowmode was a good idea in this server)

Doley

last time i was in here it was a free channel with no slowmode where people could speak freely

i hate slowmode, especially since i type rather fast

aside the mile long list of forbidden words you mean

it discourages me from messaging in this server

but I'm not going down that rabbit hole 😛

We all know what happens...

yep true this server needs more active moderation than having to rely on that stupid fucking bot

target acquired
missile launched

sometimes i wish i could just be admin fix server and cause peace

oh no mods pls dont ban me now

You'd be surprised

last time i sent a gif mocking someone for saying thy chat was death i got a warn

thank you bot

Still no one can help me?

https://tenor.com/view/fire-mouth-firing-my-lazer-cell-dragon-ball-z-dbz-gif-17318792

i finally fixed and setup my pihole on my raspberry pi zero!!

Bruh i thought you meant peehole

let me reask my question

I have a WiFi connection at home shared by multiple users

All devices are getting satisfactory speeds both in speedtests and actual performance with streaming and downloads, averaging around 40mbps,with the highs in the 70s and the(very rare) lows in the 20s [Mbps]

except for my PC, which is only getting 300kbps-8mbps on the same wifi network

The problem persists even after disconnecting some of the other devices

My PC is the only device on the network that gets this slow, no matter the time of day

But to add to the confusion, at rare moments the speed on the PC increases to match that on my other devices, with no changes made by me at any point

Right now I am getting less than 1mbps on my PC, I have failed to maintain a Zoom meeting, but getting 43 mbps on my phone connected to the same WiFi (It has no SIM card so I am confident that I am not using mobile data), and I am attending the same meeting from there with very clear audio and video (Well, as good as it gets)
The PC keeps this very slow speed even after disconnecting the phone and turning it off for good measure

these are the network card details for my laptop

If I have a pfsense vm under proxmox, and I want to connect my laptop to the internal network via an extra ethernet cable on the server, how would I go about doing that?

The WiFi card is capable enough so it’s not that… hmmm

are your router settings restricting bandwidth to your laptop

one q: do you really need 2 ports for VyOS?

All the router settings are at their default with the exception of switching my dns provider to Cloudflare instead of the ISP-provided one

Uh change that back to default that could be messing with it? Idk, just test it

why would you

I have 1 virtual "port" on my test router

it's not going to any end devices on my network yet, in that case I'll add another one

so one physical port is fine?

if you are running bare metal it can

yes bare metal

look at "router-on-a-stick"

I'm running virtual

oh okay I'll look into it

basically you have one pysical interface, but then you use vlans to a switch for WAN/LAN etc.

yeah I understand now, thanks!

are there any disadvantages of doing it that way? using VLAN with one router port to seperate WAN from LAN?

the one major disadvantage is bandwidth

you have 1 gigabit link for both LAN and WAN

@crisp bay

yeah

it'll be shared then

are you trying to use it as main router?

oh, so if i had a 10GB uplink to the switch and then split it it'd be fine? interesting i thought there'd be more disadvantages, like instinctually it sounds like a bad thing to do

no, for monitoring purposes. I'll connect 5 servers to it and use it as a firewall if it's possible

I mean there's more disadvantages, but that's really the main one

ah, that's fine then

I use it for bgp

for dn42

no change, just got slower dns lookups, I should emphasize that It's only my PC getting a slow connection

whelp if its just that device, then I would say its the wifi card in the laptop. possibly a bad connection on the antennas or the card itself is going bad.

I kinda need help rn. I am currently trying to connect my FreeNAS fileserver to my PC via ethernet. So there is no DHCP server that can assign addresses for the NICs. Is there any way to configure that on FreeNAS?

https://pureinfotech.com/set-static-ip-address-freenas/

:google:

Yeah I just did

I actually used the same article

But thanks anyway ^^

hey, how come I've never seen 172. private address? like 192 is common in home routers, 10. with corporations due to the large address base availability...ive never seen like 172.20.2.0

They seem to be used on vpns and such more

like on the dn42 network they use that ip range

https://en.wikipedia.org/wiki/Reserved_IP_addresses

100.64.0.0/10 is also private, supposed to be used for cgnat

My school uses all 3

or like 169.254.0.0/16 for ipv4 link-local

10.x.x.x for most stuff, 172.16.x.x for guest, 192.168.x.x management

huh

oh cool

wouldn't it just make more sense to have everything on 10.0.0.0/8?

easy to guess

eh, I'd just put everything on /24, /22, /20 VLANs lol

well I mean yeah, not everything on flat /8 lol

the way the school does it makes it easy to tell

"oh your ip starts with 172, yeap that's guest"

I'd think

really? interesting

Like when I was using tunnelbear to test something pretty sure it was a 172. address

or maybe they have 16 million devices on the network? lol

make sense as it's never used elsewhere so less chance of issues

maybe I should change mine

172.17.2.17 is fun

172 range is also confusing kinda for a newbie

Since for 10.x.x.x and 192.x.x.x it's 0-255 on the X's

I mean

it is what you want it to be

beyond the first two octets, its also 0-255

172.16.0.0/12

172.16.0.0–172.31.255.255

Yeah

I can make mine 172.17.2.0/24

Ye

wow I'm such a nerd

oh also, anyone here use a "static ip only" /"no new mac address" type of setup at home?

no

it's mighty tempting to do at home

infact I have the opposite

Everything must be DHCP compliant

oh ya

but the dhcp leases only to certain Macs

and leases are infinite

Still no since that sounds like a major pain in the ass lol

Yeah

Statics seem like pita

Dhcp exists for a reason

"honey why can't my new device connect to the WiFi?"
"oh wait, let me register it first"
"just tell me the 12 character code"
files a divorce

And if you really need security use something like 802.1x

Super easy to spoof MAC

Statics at most would be for servers

My friends dad insists on doing the whole Mac whitelist thing

😆

thats a lot of administrative overhead

Well at home

So like no smart devices

Still a lot of overhead

Yeah

Can't ask for wifi

https://i.ryois.me/gz3quHuUpz.png

https://i.ryois.me/3D9LMur7l9.png

You know the type of people who think they know tech, but they really don't that much

He's one of them

at my college, they do whitelisting by the oui portion

one point it was requested that all equipment Mac addresses be noted for further hardening

I think that policy fell through tho, bc of how annoying it was

at one point, even all vpns were blocked

thankfully, they loosened that restriction

well i live alone, and literally have had the same set of devices for the last 4 years

why would it be any overhead? does your home have random devices floating in and out?

see yea, sounds really annoying at a school or any place that has an unpredictable or large number of people...but like, genuinely asking, do any of your houses have devices that are introduced multiple times a week? you get a new phone maybe 1 every 2-3 years and that shd be it no?

...which is also a question i wanted to ask for ppl who have a guest wifi at home

yeah, my mom's and sisters friends, plus new Alexa devices and smart home stuff

the list of mac addresses that have connected to my router haver remained the same for 4 years

also their phones have randomization for Mac addresses

it's enabled by default

i can list out all 20 macs from memory bynow, lol

oooh right forgot about randomized macs...it says its a security thing, what does that prevent btw?

tracking a user via beacons in malls and stuff

makes it less reliable

interesting

but the mac remains the same as long asyour connected to the same wifi?

or does it jst change every hour regardless or smthg

when you connect, it changes then

aah ok

I think each time it reconnects

unless it rotates on time interval , not sure

i just realized cuz my windows machine does NOT like grabbing ARP/ reverse dns or whateverr fromt he router, so i have static ip's assigned to everything (like if i type in "mymacbook." every other machine is like "oh yea router says this is the ip")

so i'm like...well, why not just have whitelisting

and do like a /29 subnet

I know i had a strange issue like this myself too... my clients would look for a server that no longer exists using <dnsName>.local and it caused an annoying delay of 5-10 seconds before it attempted trying the real dns server

Hi

NAS shows in SMB log that Shield is connecting to it with SMB3_00.

I use Total Commander on phone and there is an option for SMB 2.0
When I don't checkmark it it shows "NT1" in the protocol my phone is using (where Shield logs say SMB3_00), when enabled it shows SMB2_10.

What is better?

Docsis has changed too

smb 3 is better but 2_10 is a revision to smb2_0

smb1 is insecure and should be if none of your apps or services depend on it

Total Commander can't do SMB3_00

So NT1 is SMB1?

I never seen "NT1"

that's my guess, yes

Thanks

Eeeeh...

My friend asked for login to my wifi so he can have internet in his workshop.

Can I somehow secure my NAS? He isn't into IT, but still. He has like 5 year old Android phone that had like two updates 5 years ago 😅😂

could someone help me setup my mikrotik router it's partially configured. But the main thing is i need capsman working correctly as it works but it doesn't assign an ip to my phone over dhcp. in about an hour orso if posible

yes, using the NAS's host firewall and disabling insecure protocols

and keeping it up to date.

basically that should stop 99 percent of stuff

NT1 is what samba calls smb1

It is a OpenMediaVault so that's why I am a bit scared about security. However Synology gets new hack methods nearly all the fcking time...what gives...

I can see that there is a certificate tab

I haven't used that before. but change reject to drop

However he connects with phone. And his local IP can change am I right?

Or the other way around? Make firewall that accepts certain clienrs and reject everyone else...

For guests I just have a guest wifi

Which is isolated

My TP Link router (AX73) has Guest network, but when I disable Local Access it disables internet.

Pretty useless if you ask me.

if someone atm could help me figure out what is wrong with my mikrotik capsman setup would be great as it's very weird the problem

so the weirdest problem is if i log in via mac address on one device it drops the connetion in a second idk why as it's a new device

possible set up to only have 1 logon at a time, I know that is how pfsense is by default.

no was a weird mikrotik bug now it works somehow

eh whaa, really?

hi i need help my server isent working with Lan i have the ethernet pluged in all the lights show trafic is going throw but it dosent work and in the setings it says there is nothink pluged in but as i said trafic if flowing

Hello I'm from moonpot.com, trying to speak to Linus or the team?

is there a way of bonding an ethernet connection with a 4g wifi tether for increased download speeds

without too much hassle

No

I have a ethernet cable that's very long, i ran down to my computer, but the connection is really spotty, i assume that I'm using the wrong ethernet cable, its probably stranded core

can anyone help me with a issue I have with teredo?

I can't find it anywhere it is Missing from the add legacy device thing

intenet

And how should I fill it? Because his IP might change...
@little schooner

PS: I can't find a good explanation on how VPN for single device is possible. I can understand that the whole network will be routed through that remote IP, but only 1 device...? With software/app and no router settings?
Do I need public (and static) IP in order to use a VPN? And if not, can I stay with dynamic publicly unaccessible IP and use VPN to remotely connect to my home (access NAS, PC...)?

1 vpn client?

As in the device is hosting a vpn or it's connecting to one

Huh?

Can you speak in sentences. I am just guessing what you are talking about.

? As in the one device will be the vpn client? Really all a vpn is a tunnel.

So it allows communication over the tunnel without having to worry about the layers below it

Yes. As I need VPN just for my NAS and maybe a PC.

I don't want to affect my PlayStation and other devices...

What's your end goal?

Security I meant privacy

But I'm not sure if I need public IP as many people have it without knowing it and guides might not mention this requirement.

I don't get it

You are trying to connect the Nas to just a vpn like nord?

If you are are using your Nas for is locally you don't need it

But, if you want to host a vpn to be able to connect to NAS from anywhere, then that makes more sense

Then, yes you do need a public ip endpoint

No I have download clients setup on the NAS and I would like some privacy from my ISP.

Ah, Linux isos

And yeah. That was the 2nd part...if I can get like Nord or ExpressVPN, then route my NAS through them and be able to access my NAS from anywhere...
...but as you said it. I will need public IP and connect to it and VPN will do nothing for me in this scenario.

I think you could specific traffic to go over a specific interface with iptables

But again...you were probably right. Without public IP I can route however I want, but that traffic won't escape the NAT of my ISP.

So what exactly does windows use for mapped drive credentials? For whatever reason mine is my old Microsoft password even though I've changed it

i have a dumb traceroute question.. my instructor is asking why traceroute IP address would be different say after two minutes apart. but they aren't and haven't after 30min 😐 only reason i think they would change is if the server shut down or something

or if the traffic was too much and was redirected

bleh i'm putting that

👀 wrong chat

I mean it wouldn't most of the time

but they could change, mostly cuz of something down

like a pysical line could be down

bgp is used on the internet to handle routing between AS's

so if it sees a link down it could reroute

I don't know of a route that would switch every 2 minutes

maybe bgp flapping, but that ain't a good thing

ok yeah that is what i thought @peak cloak so idk what they are asking then

What@peak cloak said. It'll only really change if it finds a faster path

now i get to watch stupid ted talks about the internet and write a paragraph about it

yes

what I don't like about school

yup

can i get help setting up an ipv6 tunnel on my ubuntu machine?

MPLS-TE and auto-bandwith is really the only non-fault related rerouting extension. Basically every 90s (most vendors by default) the router will sample a few intervals to get a rough average bps, if the detour/secondary path has more available bandwidth, it'll reroute it.
In theory routes changing every 2 mins is a bad thing

or is this not the right channel to ask

tunnelbroker?

yeah im trying to use tunnelbroker

they have instructions

you need to also have direct access to the net

ive been following the instructions for an hour but i get an error each time

or router needs to forward a specific protocol

RTNETLINK answers: file exists

is one i forgot the other one

im also using linode as my host

wait

your using linode for ipv6?

then forwarding it to home?

ah now I get it

im trying to use lavalink since i have a couple of unlisted videos on my channel that i want to play in a voice channel on my bot but i cant do so without having an ipv6 tunnel set up

ive done this before but while using a different vps provider and it worked perfectly fine but now im using linode and i cant get it to work

if you just need a ipv6 address not a prefix, why not just use the vps provider's native v6?

this is the example that HE gives auto he-ipv6 iface he-ipv6 inet6 v4tunnel address 2001:470:xxx:xxx::2 netmask 64 endpoint 209.51.161.14 local x.x.x.x ttl 255 gateway 2001:470:xxx:xxx::1

i have no idea what that means

ah yea

instead of using the tunnel just use linode's v6

you just need ipv6 on vps right?

lavalink uses load balancing and switches ips from the ipv6 block

and thats what ineed idk if linode has some sort of v6 block or whatever

they should

ah but you need a block?

yeah it uses some /48 block thing

they def do, do you need to pay extra idk

why so much

1234:1234:1234::/48

is what i need to include

you have a link?

that's wayyy to many for a simple application

/48 should be for a pysical site

a /48 is 65,536 /64's

https://blog.arbjerg.dev/2020/3/tunnelbroker-with-lavalink https://www.linode.com/docs/guides/set-up-an-ipv6-tunnel-on-your-linode/

and /64 is 18,446,744,073,709,551,616 ips

huh so it basically just needs those for trying to get around blocking

yea basically

dumb

you cant do more than like 2 searches or play anything for longer than like a minute without your ip getting blocked

from yt?

yeah

how do the big music bots do it then?

the same way im trying to do it

i think lavalink was used with rythm

lavalink:
  server:
    # ...
    ratelimit:
      ipBlocks: ["1234:1234:1234::/48"]
      strategy: "LoadBalance"
      searchTriggersFail: true```

example of the config

well anyway what error are you getting

so something wrong with config file

what's the second from the bottom read

thats all i can see

give me a sec im gonna connect with putty instead

@peak cloak

i know how to get rid of the no buffer space error

but that isnt the issue rn

how do you know

seems to be the error

look

its gone

still errored

https://askubuntu.com/questions/109709/hurricane-ipv6-buffer-space-error

seems to be a half configured tunnel

i have to delete the half configured tunnel

which i just did, as u can see here i have no more buffer space error

ah

try sudo ip addr flush dev sit0?

https://raspberrypi.stackexchange.com/questions/13895/solving-rtnetlink-answers-file-exists-when-running-ifup

what do i do after

try to bring up the interface again?

same issue

look at the second answer

https://blog.karssen.org/2013/03/28/solving-rtnetlink-answers-file-exists-when-running-ifup/

they fixed it by removing gw from their interfaces file

which i dont have

you do

gateway?

gateway, but it's weird since you need a v6 gateway

could try a workaround

comment out the gateway line

see if it works

no more error

🤔

ok we could try a add a static route

I think it's like this

ip -6 route add 2000::/3 dev eth0 metric 1

so actually we need 2 static routes routes

ip -6 route add <HE-GATEWAY> dev sit0 metric 1

then

ip -6 route add default via <HE-GATEWAY>

@thick minnow

let me try

file exists

getting the same RTNETLINK error

maybe you already have a default assigned

show output of ip -6 route

not all if you don't want to, just see what's in there

so it seems the routes needed are there

actually no

have no idea what im supposed to do

you were able to do ip -6 route add <HE-GATEWAY> dev sit0 metric 1 right?

yea

I have an idea

ip -6 route add ::/0 via <HE-GATEWAY> ?

@thick minnow

same errorr

hmm

I'm not too familiar with ip, so I don't really know what to do next

unfortunate

maybe @plain siren would know

I don't really know the intricacies of routing on linux, mainly just use vyos abstarction

should i be using public or private ip for the tunnel

im assuming public

wdym

i have 2 ip addresses from linode, one is public and one private

oh yeah for sit you want local

@thick minnow I want you to try something to see if the tunnel works

try to ping <HE-GATEWAY>

PING 2001:470:c02a::1(2001:470:c02a::1) 56 data bytes

nothing?

34 packets transmitted, 100% packet loss

rip

hmm

i had no issues using my old hosting provider

but i have no money to pay for that one anymore

so im using linode's trial since i cant set up a tunnel on windows locally

at least i dont think i can

you technically can

need to forward protocol 41 tho, which I doubt your router can

not port 41, protocol 41

dont think so

i have an xfinity gateway

yeah no

doesn't xfinity have ipv6?

idk

i dont like xfinity damn near everything is managed through xfi now instead of the usual gateway and its all ove rthe place

rip

I have everything separate

all that I have from verizon is the ONT, which gives my router a ip, and that's it

everything else is mine

yeah :/ i have to be careful what i say publicly but Xfinity is moving everything to be managed through their apps and the xfi gateway instead of standard configuration tools

I'm not a fan of it but it's not like i have a say lol

Can I use a WiFi router to "extend" my connection from an LTE router?

how do you mean? like you can't do to the router page to change settings?