#networking

How are you connecting now?

USB dongle with no antenna? motherboard wifi with nothing? or a small antenna?

so ppl use ccie to attempt to make up for inexperience?

wait I thought ccie was "higher level" than ccna

Mobo WiFi

And it’s on and off constantly so I can’t play games or anything

Are you using an antenna with your mobo wifi?

No

Well that's a huge impact to performance, it should have come with one,

I’ll check the box

I’ll try it out brb

Found em

Cool, yup those will help a ton

People cheat on their CCIE or just lie about having one and think it's a magic job bullet of sorts and can't talk to basic network questions

I can now send on my pc

Thank you so much

Yup 🙂

ooh so is it like the $100 bill? it started off as being so valuable that everyone wants to fake it?

Yup

There's a specific group of people commonly found in outsourced IT that can basically naturally read a 1000 page book once and instantly spit out the information from their heads with very little study time and retain it. But then you ask "tell me about a problem you had implementing this technology and how you worked around it" or "tell me about 3 ways to make BGP change path and which would you implement?" and they struggle

A real CCIE should be able to answer this on the spot

@clear igloo also theres people that write their resume like they engineered the network but then you dig deeper and its like "oh, I just followed this script and configured interfaces all day"

Yup, interviewed some of those

Held up a diagram the entire interview and kept saying "I worked on this"

thats a new one. I would have ended the interview for sharing of confidential info

Well he didn't know anything, couldn't tell us what basic segmentation was

😄

but they worked on an ACI network 😛

yeah ACI you have to be very careful putting down. Some companies are OK with you being weak but if you put it down you gotta be prepared to talk about how it works at a high level lol

I had an operational candidate surprise me and admit he worked it operationally but was able to describe the way it works pretty well

Yah, definitely not something you jump into or anything

I still have issues with it because I touch it once a year

making EPGs/BDs is easy, the rest you forget

infact we touch it so little, cisco had to remind us some of our apics are almost end of life

lol, wow

they're big... its multipod x3... but we dont change the engineering that much

Yah, that's fair

and when you have it abstracted too with something else like Ansible then you touch it even less

we're still very early on ansible

most of us just dont have the time

the actual team responsible for ansible helps the entire org, not just network

Oh yeah, I forgot this gem. I know someone on linkedin who was hitting certs as a junior in high school and I just noticed he graduated, passed CCIE, and all he has to show for all that work is a job at a VAR which if the title is right is the most entry level you can get.

passed CCIE with 0 enterprise experience

Looking for recommendations on a 10gbit network card?

anyone here familiar with setting up port forwarding on mikrotik routers?

I am having an issue where it will not allow me to put in multiple ports, it is saying it's outside of expected input.

Shown here, it turns red as soon as I put a comma in the field.

and it says

I would really rather not have to set up an individual rule for every single port I want to forward

I've looked up expected syntax for this, and from what I can tell, I'm doing it right, so I'm not sure how to fix this.

Have you tried using a semi-colon instead?

idk if that says a lot about the dude or CCIE . like, the RHCE certification is much too easy imo

Has anyone figured out a convenient way to share Ethernet for Android devices? I've been trying to get my computer's Ethernet shared to my phone via USB, but it won't allow me to have the computer control the USB tethering, so the phone is trying to create an ethernet connection based on the very limited wifi it is picking up instead of my computer giving my phone Ethernet through USB.

can you make a hotspot with your pc? ive seen that option on kde, might be there on pc

I've tried every punctuation I could think of, including %20 and &. furthermore, even after setting up individual rules, somehow they aren't being used...anyone know why that would be?

Is it possible this is related to the fact that I have my PC at the IP these point to connected to my router via a secondary router that has DHCP disabled, and is being used as a switch?

if you are using it as a switch it should not matter.

if you have it plugged into the wan port of the secondary router then yes nat could be screwing with you.

That's what I figured, but wasn't sure if I was missing something.

That said, I still have no idea why my router isn't using the rules I set up.

could be firewall rules.

either on the server or on the router itself.

and by server I mean your computer.

I don't have any such rules as far as I can tell.

My guess is, I've done something stupid on the Mikrotik that has circumvented all these rules, and I have no idea what or where it might be.

well you need to create rules on the computer firewall to allow the ports to be open. same on the router. just because you forwarded the ports does not mean the firewall is actually allowing the ports to be open.

Okay I'm trying to turn the hotspot on but I don't see settings for it anywhere on my PC. I'll send pictures in a moment

Those rules ARE part of the firewall.

My PC also has the program unrestricted in the firewall.

Is there anyone in here that knows Mikrotik?

I'm literally not seeing the options I should be seeing in Windows 10

it would be under wireless you want to turn the computers wireless adapter into a hotspot. if the computer does not have wifi you can not do it.

It can use wifi but I think my parents disabled it because it is now connected to ethernet

And I'm not sure how to reenable it

https://www.c-sharpcorner.com/article/how-to-set-up-wi-fi-hotspot-in-windows-10/

I'm getting an incorrect syntax error

I'll pester my parents to undo whatever they did to disable wifi entirely

So I have a bit of a situation with my networking setup… I have a Minecraft server (A) and other server (B) in my internal server network, and a DigitalOcean VPS (C). I’d like to forward traffic to and from server A through server B and then server C, which is outward-facing. How would I go about doing that? (A <-> B <-> C <-> Client)

Replace <NetworkName> with your network name, and <Password> with your network's password. Also, you should generally NEVER copy-paste commands from the internet.

Would some sort of vpn or tunnel be the way to go?

Oh! Sorry, I forgot to mention that B and C are connected via WireGuard.

But I'm trying to figure out how to generally forward packets between three servers

like they're hooked up with a switch?

Wdym?

Turns out I had an incomplete rule for another IP that was redirecting all the traffic to that IP instead of the intended one.

you want them to talk to each other almost like they're hooked up to a network switch correct? @sly wadi

Ye, pretty much

The end goal is to expose server A to the internet

expose A from C's address?

Apparently my parents disabled the wifi adapter

I'll need to figure out where drivers are and enable it that way

Device manager?

here's a basic diagram of my networking setup. I want to follow the red path.

That's the thingy I need

I found it and enabled the thing

routing

basically

easiest would be a direct wg tunnel between outside server and server without B in the middle

but I guess if ip forward is enabled on B and C it shouldn't really matter

but you'd have to work with iptables which is ugly

tried that and failed

from Server A can you ping 10.7.0.1

wait, why does Server A and B have the same IP

Ehhhh server B is meant to be like my main routing server, so if possible I’d want to set that up

actually now that I think about it, it may not be nessacary, just for NATing on server C

if you want something just for routing, I reccomend a routing os like vyos

Ahahahah oops. Server b’s ip is 10.6.0.3 iirc

Nope

expected

Does vyos use standard unix networking tools? Or does it have some special interface

ah ok, so in Server A you would need to set a static route static route 10.7.0.0/24 next-hop 10.6.0.3, then in Server C, static route 10.6.0.0/24 next-hop 10.7.0.3, and make sure ip forward is enabled on Server B

I mean the cli isn't standard unix, but under the hood it uses iptables and all iirc. It's just linux with more added on top, it's a fork of vyatta

to add a static route you need to do this on ubuntu https://www.cyberciti.biz/faq/ubuntu-linux-add-static-routing/

I try to avoid touching command prompt unless I absolutely have to, and all the other options aren't working (which they still aren't). I'll ask my parents are what the password is for the ethernet

password for ethernet or wifi?

Ethernet

normally ethernet doesn't require a password

right okay

That's what I thought but using the command prompt line says otherwise

I wouldn’t have to set anything up on server B?

(Except for modify sysctl)

no, just make sure ipv4 forward is enabled

the password its trying to set up is for your hotspot.

K

Ah thank you!

I'm still getting syntax error

netsh wlan set hostednetwork mode=allow ssid=Kitty56 key=Pa55w0rd try that

So would this go into /etc/network/interfaces?

Trying it for the laughs let's see if it works

It doesn't but thanks for the laughs

is the wlan enabled? can be installed but still shut off

I enabled the driver if that's what you mean

For context

No that's just psudocode

I forget the syntax

Aaaaaa, ya don’t put pseudocode into a code block!

Thanks tho

Mine just says not connected because it is enabled

I’ll try it in a bit. Gotta go for now though

Yeah, and make sure IP forward is enabled on B, then you should be able to ping and therefore communicate between them

hrmm

Also, for Networking troubleshooting, tcpdump is great, I was able to actually find a problem yesterday with a setup of mine really fast

Apologies for horrible picture quality

Did I type something wrong?

remove < >

I hate my life

Thank you that solved it

and you can change the ssid= to what ever you want and key= what ever you want

There's no drop down menu

Why it no work

I'm giving up on it for today but I'll mess around later and hope I get the result I need

librenms is kinda cool

@rocky badge you wouldn't believe it, but it was an SSL error

the entire time

https://i.jcksn.rip/lkinL.png

How, browser showed it as fine

Idk, but discord is coming up in my access logs now

https://i.jcksn.rip/E8gcq.png

what we like to see

How do I fix partial internet connection? I’ve tried messing with IPv4 but that didn’t help, I’ve tried reinstalling internet drivers that didn’t work, I’ve tried messing with preferred dns servers, I’ve tried restarting my wifi, uninstalling latest update and everything but nothing has worked. I’m starting to give up and might just hard reset my computer

partial?

what does that mean

gonna guess microsofts toredo tunnel for xbox gaming. 😛 and there is no fix cause its garbage.

ah, that

Only parts of it are working, like discord YouTube and Google works fine, but stuff like games and other programs don’t work

what programs?

just trying to narrow it down

Valorant, epic games too I think steam i can play offline games and use the friends list but nothing else I can’t check stuff like workshop

weird

gonna guess some kind of CDN outage in your area. 😦

try changing your dns to 9.9.9.9 and doing an ipconfig /flushdns @fickle widget

9999 for both of them?

you could use cloudflare as the secondary 1.1.1.1

I just tried and didnt work

it won't fix the toredo thing but could fix steam and other launchers. though you would have to restart them for the changes to take effect.

oh okay

ill restart my computer in a second then, but what even is toredo?

i dont remember installing something like that

its the xbox garbage protocol stack.

tries to create a tunnel directly to the xbox gamepass blah blah servers.

oh hey they totally removed it from windows 11. an actual + for upgrading 😛

restarted computer still on stupid mode

yeah its most likely an outage of some kind in your area.

yall know how to get past mac address tied network blocking on an iphone

was told you guys would know more about this questoin

Guys help

What are these spikes

Update to my problem, I have tried launching it in safe mode and it seems to work in safe mode but idk how to switch back while keeping the same internet stuff from safe mode

Because if I can then it should be fixed

so my mom will be working from home for a customer service company, she will be remoting into a virtual desktop on a server at the headquarters. would this use up alot of bandwith? and would i see my ping increase? she will most likely be on the same networkswitch as me.

she talks on a internet phone line and also has to search up stuff on a website database

so perhaps its not that bad

you won't notice it

alright, thanks 🙂

hey, if im connected to a vpn, how do i tell what port it is using?

netstat?

call the help desk

correct answer

ok

This new router I got looks like its ready to fight to the death in a robot arena battle

stupid

such a joke

Things gonna hover above a cow and pick it up

UFO type stuff right there

Quick question. If I have a 10Gb switch with 4 10Gb servers connected, each with 2 NICs in teaming mode and a 1Gb link to a router, will the servers be able to communicate at 10Gb teamed to 20Gb, or will they be limited to 1Gb?

Theoretical speeds, I get there is overhead etc

communicate to where

between themselves? theoredically 20gb, assuming teaming is perfect

depends on switch throughput

Cool, thats what I wanted to know

That is what I thought, but wanted to double check

as long as they are in the same network (subnet) they communicate directly

if they were in different networks, like in vlans and the switch wasn't a layer 3 switch than no, it would be 1gb or less

Got ya

I think it is a layer 3 switch, but they will all be on the same subnet so its fine

does anyone know how i can set up 2 machines remotely to test some attacks on them for my cyber sec assignment

the only one exception to this that I remember is smb multichannel, where a pair of nic can be on different subnet but still aggregate the bandwidth for a file transfer to a single client.

I barely got it to work right tho

the time it did idk what settings I used.

finally theres a #linux channel to send server people to

Laughs in Windows Server /s

i'd still send them there

its more relevant than networks

bro what

i never knew ip addresses were bought

so my isp buys a bulk of ips and gives one to each customer?

when i have 3 devices am i using 3 ips?

because their ips aren't the same

uhh kinda, with ipv4 each customer gets one ipv4 address and it gets NATed to the devices since we have a shortage of them

with ipv6 an ISP will usually assign a block of ips, usually something like /56

which is like 25,000+ /64's

which those have ALOT of ips, but that's the smallest routable subnet in ipv6

your ISP buys IPs and then announces them to the world using BGP

I wanna know when Comcast will phase out ipv4 completely on the residential side of things

I haven't embraced ipv6 on my router interface yet

Won't be for a long time...

so my isp is paying $10 for every device i connect?

also who the heck owns them to begin with

well actually when ipv4 will be just too hard to get how will websites work because domains are ipv4 right?

or can you connect ipv6?

what about minecraft servers without domains those are v4

or is v6 also supported

Will ethernet save me from this horrible connection?

You on 5GHz wifi?

Your ISP has assigned you 1 "public" IPV4 address (you can find this by searching "What's my IP"). Each of your devices has a "local" IPV4 address (which are not owned by your ISP), which will be mapped to the public address in the router

This isn't the case for all, but this is what the majority of home users have.

it might

No, per customer, which you pay for

Well with IPv4, it used to work that you requested a IPv4 block of ips and you got then from whatever internet number authority you are in, so RIPE in Europe or ARIN in north America for a small fee. Now because of the shortage they cost a lot more and people buy off each other. But ISPs just a a big block assigned to them which they pay for and then distribute

Wut?

Domains are nothing but an abstraction

This vid explains dns real well

https://youtu.be/-wMU8vmfaYo

so

The link speed for a phone on router just got cut in half after a few days

What does that indicate

All i know is that i have cat6 cables

anyone here used roboshadow? I'd like to try it but worried about it sending data back to their server https://play.google.com/store/apps/details?id=com.ecs.roboshadow

Hi, I want to build a 10Gb further proof home network. I have expreance with 1Gb (course its just a regular cables) but not with sfp/+/fiber

Could someone help please?

My setup is:

Pfsense on VM with 4 NICs on one big machine with all of my VMs and containers

1 switch (CRS328-24P-4S+RM)

Everything is on RG45

For 99% of the population 1Gb ethernet is future proof. There likely won't be a need for 10G in the home unless you are transferring lots of files over your home network constantly. or unless you just have no budget and are wanting 10g for bragging rights or something

10GB ethernet is overkill for home networking unless you need it for bussiness purposes

I need it for my server as @north mulch sad I'm streaming/moving files all over my network

Streaming works fine over gigabit Ethernet

Bruh you don't need 10gb ethernet upload for streaming

Yeah. That assumes you can even get 10g service to your house

I'm talking about my LAN not WAn

Streaming on LAN is still fine with 1gb. You can stream 4K over 1gb

What abut moving?

I have my files on machines all over the net will it be still fine?

Gigabit Ethernet can transfer 6-7gb of files in about 3 minutes. Assuming they are large files.

If you’re moving a large amount of small files it’s going to take a long time regardless

I don't want to wait 3m

That is why

I can afford this cost

But the prablome I don't have the info of doing so

you would need 10g NICs, a 10G switch, and fiber or DAC depending on placement.

not to mention a NAS or server that has 10G capabilites, and to actually take advantage of the 10G speeds you would need SSD storage instead of HDD.

so even with 10G, you will be able to use only like 2-3GB of network speed

I have ssds on all of my machines, and about the NICs that what I'm asking want to buy sfp/+ fiber or coper

My switch has 4 sfp+ ports

Then feel free to go buy them, seems you know what you need already.

Linus did a video on upgrading his home network to 10g a while back, though his use cases as dramatically different.
You'd also have to be really careful with the fiber, as small bends can damage the fiber

Fiber is pretty durable. Bends can introduce loss but at short distances it doesn't really matter up to a point

You can tie a knot with it and upon release it will even work. Might be slightly damaged but still durable

yeah, i mean mostly during installation, pulling it too tight around a corner or trying to get kings out

I guess for a home user, this would be fine.

Some idiot guy on YT litteraly took the fiber cable and bent it fully and was showing nothing on his system was working, and when he put it back it somehow worked

Yeah, even a slight kink in an enterprise environment is pretty much toss it. But for home, people need to be less paranoid about fiber and being so fragile. Just done pull hard on it or get the end dirty

Pretty sure that was Snazzy labs

Yeah, if we find bad fiber at work, i have to go replace it.

Ive done it as a test a while back and its plenty durable

Always better to just be careful since replacing a 30m fiber cable is a goodway to ruin my day.

💯 ™️

some fibers are made better than others too, there's no guarantee that the fiber you buy is as durable.

But I do t know what to buy... Which one to buy?

So I will go with fiber or copper cat6?

And also what NICs to buy for the machines rg45 10Gb or sftp+?

i'm not sure that 10g is possible over cat6 or not, but even if it is, your current switch probably does not have 10g ethernet ports, so fiber or DAC cables are your only option.

My switch has sfp+ so its on the sfp+ model to deal with not the switch and cat6 made for 10Gb up to 50m

your switch does not have 10g RJ45 ports, only SFP+

Yes

So its depend on the sfp+ module

I can convert it to rg45

Quick read i found on google

nascompares.com/2021/05/17/upgrading-to-10gb-network-in-2021-an-beginners-guide/

Can't say i've used or recommend anything on that page, but maybe it will give you a better starting point

Tanka ;)

Hey, do we have some network pros over here who have spare time to troubleshoot a weird stuff I'm experiencing? What's the problem? Setup is as follows: NAS (unraid) -> switch -> cable in the wall -> cable -> Mac. The bold and underlined stuff is the issue right now. With shorter cable I can get the connection to NAS, with longer one I can't. With both cables I can connect to NAS directly from switch. If I can get the longer (longer- 3m vs 0.6m) cable working then the next step is getting a bloody PC to connect to NAS with a longer cable. Why here and not forum? Maybe that angel of IT guy is willing to get into voice chat to live troubleshoot not do million posts trying to understand each other 😺

🤔 What about 2.5 gb ethernet? My motherboard has a 2.5gb port. All I need is a modem with its own. I already have a fast ethernet cable.

The cables combined might be too long, that's why shorter one works but longer doesn't

I'm happy to hop in floatplane voice chat and explain

go big or go home

😄 👍 Hell yeah. Think I'll go and get that free modem upgrade Comcast is offering. It can give me 2.5gb throughput so why not.

don't think so

🤔 no?

does comcast have a 2.5 gig plan

Well, no, I don't think so at least. I haven't checked.

like can dociss even do that much

comcast really trying to push as much as they can from their cable network

🤔 I'm trying to find the page where they list the modems they offer. One of their most recent one can do 2.5. Not sure if they actually offer a service plan for it though.

Yeah, here is the list. The white one at the top can do 2.5. https://www.xfinity.com/support/articles/broadband-gateways-userguides

@peak cloak 🤔 Well, they are starting to offer it in Atlanta at least. Its expensive as all hell though. 😩 https://corporate.comcast.com/news-information/news-feed/comcast-begins-rollout-of-residential-2-gig-service-in-atlanta-metro-area

🤔 I've got another question. If I ping a device, like a barcode scanner, and packets are dropped, that doesn't necessarily mean something is wrong with the scanner right? If we're talking an enterprise environment, could it easily be an issue with an access point along the way?

ICMP could be blocked

but yeah it can be anything in the chain

🤔 I thought so, I'm just kind of preparing for my job interview tomorrow. Its entry level. So if packets are dropped, wouldn't pathping help identify exactly where its happening even in an autonomous enterprise network?

Has to be more useful than just for websites right?

If a host device, especially a barecode scanner, is losing ICMP responses, focusing on a network issues is the wrong option. ICMP is way at the bottom of the priority list in the network stack. This is why using pings for packet loss is just a preliminary tool

🤔 Right..I just know I'll be told to ping certain devices I guess by an IT engineer or something in this job. They coordinate with them when something goes wrong.

If ping is the be all end all for them...you're going to have an up hill battle

Ping is just a tool to use for a quick high level overview. Start with a ping:

1. If there is packet loss, try another device in the same L2 domain.
2. Ping the gateway for the device, does the same loss occur? If so move up the path or run a traceroute with both ICMP and UDP and look at the path and if loss cascades
3. Look at the TTL, is the response not decrementing the correct amount of hops?
4. Is the loss periodic or follow a pattern?

Thats how ping should be used. Even service provider routers throttle ICMP when they have the horsepower to handle it.

🤔 Got it..See they didn't teach it like this in the class. It was too 'by the book' and straight forward as one would say. That's why I always found it odd how people will just ping a website, see packet loss, as if that proves something concrete. I always tell people to ping the next device in their personal network topology first, at least 30 times or so, usually the gateway assuming there are no access points in between. If there is no packet loss, he at least knows the issue isn't on his end. I just pinged google 30 times, the TTL stayed the same at 114 seconds. TTL is 64 pinging my gateway.

Most they'll say is "ping default gateway, and then ping a website". 😕

They tend to not teach it in classes because interpreting pings/traceroute is an intermediate level. AKA, they need to teach the basics before they can explain the why. You cannot explain ICMP loss due to aggressive WRED and buffers before getting to the point where you can explain QoS.
I will say generally ping gives you a good start and most loss of congestion or artificial constraints

And that's where most people fail to understand traceroutes. They will see loss on a few hops in the middle but no where else. If A-Z has no loss, it doesn't matter that hop D is at 50%. Now if hop D,F,Z have 15,26,40% loss, then you have a solid case to pursue

🤔 Right

@hollow marlin Another question, what if the RTT is bigger than the TTL? How is that possible when I can still connect to the website? And, whats also weird are the number of hops shown when doing a normal tracert command versus a pathping. The former says 18 hops, while the latter says 9 hops. WTF. 🙃 (There were a bunch of "request timeouts" on the former as well if that helps)

RTT and TTL are not related. Round Trip Time is just the latency between sending a request and receiving a reply. Time To Live is just a fixed counter that is decremented each hop (if a routing decision was made, TTL is decremented) to prevent endless looping.
TTL was very early on for a incredibly brief period of time based on actually time which turned out to be a mess and changed to hops.
TTL and RTT is the core of traceroute for both these functions

Also pathping which I assume uses record-route, is an ICMP extension. Not all equipment supports it and many block it. If it's blocked or unrecognized the request is just forwarded on as normal. If pathping doesn't use that, then I honestly am not sure as I'm not familiar with it

@pulsar thorn I doubt the total length as the cable in the wall should not exceed 10m. When would you have time for voice chat? I’m GMT +3 time zone so workday just started

🤔 Well it does record the route like tracert. It does seem to just forward the request to the next hop if icmp is blocked I guess. It shows the RTT at each hop. Problem is the hops wasn't the same as regular tracert. Maybe a few of those routers really didn't support it. 😕

Sorry boss I’m in +10 so it’s 5:30 pm might not be able to help when you get off work

If you’re free on weekend then I can wait until that, then day is free

Sounds good, we can message for now anyway

Alright, I’ll ping you on Saturday then, about the same time would work?

Yeah any time is good 👍

I have a question. What can improve a country's network service?

from "Digital Quality of Life Index 2021" perspective

where do I find PrivateInternetAccess server list? I just lot connection and it's not reconnecting to VPN.

They had a list at the bottom of the page which had the list but now I don't see it, was using us-texas.privacy.network:1198 but lost connection a few minutes ago and unable to connect, I feel exposed. 😄

https://www.privateinternetaccess.com/account/client-control-panel#downloads

scroll to the bottom and you can download openvpn configurations

If the government wants to improve it

Thank you, guess I can get the addresses out of those files.

actually, there is a openvpn folder that is fqdn based (recommended) or a openvpn-ip folder that is specific ip addresses

Well, looks like it's working by IP for me right now, 154.3.251.20 works but not us-texas.privacy.network

you could have a weird DNS issue that isn't resolving us-texas.privacy.network

I set their Smart DNS to my main a few days ago, but issue just started 30 mins ago, hmmm

Wanting vs justifying the cost is the problem. US and AUS are mostly rural and span a large land area which would cost billions to taxpayers. You could argue gov spending in the wrong areas but there are valid reasons why some countries are behind on infrastructure

@rocky badge sending @clear igloo an order for 3 million

i was getting very confused why my dns records that corresponds to a LAN ip adress could not be resolved. even though pi.senbil.net is a vaild dns record for 192.168.0.104 yeah this a good security feature but i can't turn it off from the web interface and i need to use this domain to make browsers trust the ssl cert anyone know how to turn this of on keenos routers

Whats a cheap wap ?

define cheap I use ubiquiti I find it fairly inexpensive for the quality.

tp link omada

Im looking for something for my aunty she wants wifi upstairs and downstairs but the house has metal reinforcements

Hey someone can help me block one IP address from my internal network to worldwide and open all traffic only to specific IP address?
Mikrotik hex-s

im not sure if this is the right channel to ask but would a raspberry pi make a good nas? ive only got 100$ to spend so i can only get the 4gb one. ive already got one of those 2 tb portable seagate drive so i think i can use that

good no, descent probobly

for 100 bucks it may be a good option

i think im gonna go with the raspberry pi, ive always wanted to learn linux

So I tried that... (host C)

(host A)

on B what's the output of sysctl net.ipv4.ip_forward

?

1. Create an access-list for approved addresses under firewall and
2. Create a forward rule with the source address of the internal IP and destination of !address-list with an action of drop
3. Make sure thes rule is in the correct placement under the rules

Oh oops! Ip forward is on, but I accidentally set the routing rules for C on B

ah yeah

so, does it work?

nope. (host A then C)

show output of ip route?

on which machine?

the later one

10.7.0.1 I think?

hmm

hmm indeed

ping 10.7.0.3 works fine right?

weird how basically it itself is saying no route, but it's literally in the routing table

if it was 10.7.0.3 saying it it would make more sense

yep

uhh I can't post screenshots?

you posted 2

ope

my client is being buggy as hell today

@hollow marlin you have any ideas? could it be some linux things I don't know about. this is the diagram https://cdn.discordapp.com/attachments/387022787480387605/899420217510350858/unknown.png
trying to be able to connect from A to C and vice verse by routing through B

and this is them trying

https://cdn.discordapp.com/attachments/387022787480387605/900546876112252978/unknown.png

@sly wadi I doubt this will do anything but try ping -I wg0 10.6.0.3

from 10.7.0.1

ohhh

looks like WireGuard weirdness

wait I think I know why

wireguard allowed ips

need to allow 10.6.0.0/24

you know how to do that right?

ah ya

on which device? host C?

B and C

ah k

@peak cloak hmm, it only works one way

hmm. I rebooted host C, added the routing rules again, and...

And... now it doesn't work the other way either...

I'll revisit this tomorrow

Ope, apparently (rereading this) that didn’t work either

yeah, hmm to clarify 10.6.0.3 is B or A since your diagram is wrong there

10.6.0.3 is B iirc

Just looking at chat, one way connectivity says a firewall issue

no it's not working either way

ICMP Redirect Host tho

I see that. Getting a redirect based on the diagram doesn't make sense if its setup that way

Does anyone have a good suggestion for a decent network cable? The ones I have bought in the past to go between my modem and router seem to flake out after about 6-9 months

As long as it works and stays that way im happy

As some people are still remote working. What tools do people use if they want to remote into an office workstation? I know where software like Teamviewer, Google Remote, AnyDesk, etc. Just wondering if anyone has a different solution than buying licenses for each workstation. Is there something that can be accessed via a VPN but not Windows Remote Desktop

A 100gbe switch
With 10gbps network adapter

If Windows Remote Desktop is good enough to access servers over VPN why would you not with a desktop?

spare yourself the hell

even the most anal orgs I work for with security are using windows remote

if you want a perm solution its usually citrix 😄

perm non-VPN i should say

we use citrix and then have to use RDP. I wish it was one step

heh I mean ive never seen anyone manage servers not using RDP

if you're gonna let the servers do RDP theres no reason the desktop cant

wanting access without VPN is the only reason

but if you did citrix its going to RDP inside anyway, right

im guessing the issue is these users have 0 work laptop now that i'm reading it again so I guess my points are worthless

still good insights. I like how it doesn't need VPN and it doesn't let employee's home network merge into the company network this way

If you are looking for something non-production ready, have a look at Hashicorp Boundary. It still requires RDP but you can access your network securely without a VPN

I got a new tp link router and I already have an isp provided crappy router. I was wondering how I could get the best possible setup.
Is bridge mode the way to go?
Or is there a better way?

I think the firewall is fine. this is host C; host A doesn't have a firewall.

Yeah I realized that after looking at the rest of the chat

oh! I fixed it!

turns out wireguard was just borked on host B

now, my question is, how can I forward port 25565 from host A to host C?

so... how do i know my dhcp's ip from the client?

ubuntu 20.04 btw

ok so you can ping both directions?

kinda confused on what you mean with your port foward, so that traffic on port 25565 on Server A gets forwarded to C?

or the other way around, which would make more sense according to your diagram

yep, the other way around. I want to use C as sort of a reverse proxy.

yes

yeah that's what I do actually

basically you need to make some nat rules

I use vyos on what is basically like your server C

https://phoenixnap.com/kb/ssh-port-forwarding ?

no why

OW no

this is their setup

it's all connected

just needs some nat rules

excuse me WHAT

?

I do something similar

do you like it? ehehehe

Hnng

Taking that as a yes

     rule 20 {
         description "Forward to School"
         destination {
             port 25564
         }
         inbound-interface eth0
         protocol tcp_udp
         translation {
             address 10.10.30.63
         }
     }
     rule 25 {
         description "MC Server (Bedrock)"
         destination {
             port 19132
         }
         inbound-interface eth0
         protocol tcp_udp
         translation {
             address 10.10.30.63
         }
     }
 }
 source {
     rule 10 {
         outbound-interface eth0
         translation {
             address masquerade
         }
     }
     rule 20 {
         outbound-interface wg0
         source {
         }
         translation {
             address 10.1.1.2
         }
     }
 }

these is my nat config

Where does that go?

let me see what the iptable output is

that's vyos not iptables config

Ah sad

of which device?

oh no I will try to get the iptables translation of my config

ah

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o wg0 -j SNAT --to 10.1.1.2
iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 25564 -j DNAT --to-destination 10.10.30.63
iptables -t nat -A PREROUTING -p udp -i eth0 --dport 19132 -j DNAT --to-destination 10.10.30.63

@sly wadi I think this is correct for my config

so let me try to write them for you

AAAAAaaaaaaaaa no! not iptables! help! my soul burnssssss!

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A POSTROUTING -o wg0 -j SNAT --to 10.1.1.2
iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 25565 -j DNAT --to-destination 10.6.0.5

why I use vyos

don't wanna mess with iptables

speaking of vyos, is the OS just like regular linux kernel or is limited in some way, like is it missing a lot of features that Debian has for example?

mm

vyos looks a lot more appealing now

is this on host C?

ye

k 1 sec

it's built off debian

https://docs.vyos.io/en/latest/contributing/build-vyos.html

like in here it says Since VyOS has switched to Debian (11) Bullseye in its current branch, you will require individual container for current, equuleus and crux builds

hmm, doesn't work.

oh, is the second command supposed to be 10.6.0.5?

make sure you open the firewall for 25565 too

ye, firewall is open

whatever the end server is

it's messed up on the diagram and I always forget

also @sly wadi make sure on C that ip forwarding is enabled as well

and change interface names as needed

like WAN may not be eth0

ye, not working.

ok see at least if traffic is going into the wireguard tunnel

tcpdump -i wg0 port 25565

huh so it seems ok

Oh wait!

could be the wan rules

the wan src nat

so I can use for everything else along with it?

I would not use VyOS for General Services.

^

I'll try adding the iptables rules according to this guide https://www.digitalocean.com/community/tutorials/how-to-forward-ports-through-a-linux-gateway-with-iptables

I use digitalocean, you need to make sure the src nat masquarade rule is correct

ah..trying to do something with it..I need to get a different CPU that can support VT-d...yes VM and PCI passtrough

like you don't want to be messing with linux commands in vyos

only really use the abstraction vyos provides

SR-IOV too

yeah, I have set up a VM a while back, it's just a CPU not supporting IOMMU

Containers 4lyfe

ah yes

No please

depends

WOOOO! Following the DigitalOcean guide and adding those few extra commands fixed it!

Thank you so much @peak cloak for helping

Many companies run the stable branch in production and sounds like its stable enough. Then you have monsters running rolling release in production

I meant like running a webserver on it, but yes it is stable enough for Production.

People who do Rolling Release in Prod need to be shot

np

I normally run stable in the lab, but needed rolling for fixed feature

With my little time messing with rolling in a lab, I couldn't think of any sane person who would decide to put it in production

Even as a route-reflector that would cause havoc

you ever messed with danos?

based off another fork of vyatta att used

VyOS is the only open source ROS I have messed with

The DANOS Project?

ye

Honestly, i need to toy with it again since its matured more

is it possible to have mc.denyed.us redirect to an mc server without it exposing my personal IP address

Yep! You can use something like https://tcpshield.com/ as a proxy or you can route your connection through a VPS if you’re a masochist

im using cloudflare rn to redirect the subdomain to the actual mc server but it still exposes my IP and dont know what i should change on my cf dns record

Try following this tutorial https://youtu.be/M2tkE1QXc7o

thank you my IP address isnt being shown anymore

Nothing masochist about it

Pretty standard

I don't remember who was asking about ccie

https://www.reddit.com/r/networking/comments/qci4jh/ccie_isnt_worth_the_paper_its_printed_on/

Here's yet another rant 👀

You would have to use Cloudflare Spectrum for this

Cloudflare's Typical Proxy service only forwards HTTP/HTTPS and WebSockets

am i dumb or something im having slow internet but im having like 80 mbps

is there a downside for setting my pc preferred wifi to 5 GHz network band?

Hey y'all this is probably a stupid question but do I need a specific plan from my ISP to take full advantage of a 5ghz WiFi 6 router?

No, unless you need the range of 2.4ghz

Depends, do you have a NAS or something at home that you pull lots of data from, like a media server? Also WiFi 6 can do much more than 1Gbps, so you might need a fast plan to take advantage

Not quite, it's for use with Oculus Airlink

heh I liked this one

It really is true

Can we control our own pc via Remote Desktop(Microsoft in-built RDP) from another device of ours running on a different internet network ?

sure

just don't do it without a vpn over the internet

I use TeamViewer if its what ya asking for

I tried port forwarding as said on youtube but it didn't work for me.

I once got taught how to hack a computer and control it remotely, but it was low level by exploiting an error and I'm not legally allowed to share the info

I could try to find the info again and see if theres a way to use it legally

you shouldn't expose rdp to the internet

Unless you want to have a REALLY bad time 😄

Is there a way to allow/filter a particular device trying to connect by MAC address

It doesn't work that way, a MAC address is Layer 2

there is no MAC on the internet

Okay. I'm pretty new and I don't know a lot about it. I'll get to the point.

I am trying to connect to my PC by my phone on cellular data. Can we to do it assuming wherever I am outside my house?

ofc you can, you can use a solution like team viewer, which goes through their servers, or with rdp you can go directly to your computer, but rdp isn't very secure, so in order to secure it you would want to run a vpn server to tunnel to your home network, and then rdp from there

Can we run the VPN server on the same host device ? Also, I thought sharing files would be easier through SFTP. Is it a good way ? I don't know how to setup any of them.

you can and its common on AP networks

unless you mean specifically for internet

interwebz

I'm literally a network security researcher. I have ocsp and ceh certifications. Please give us more info about this vague claim.

I'll read about it when I get off work in a few hours.

"hack"- can mean anything from finding an open rdp port to low level overflow advanced stuff

I know exactly what it means. I'm just taking the piss on this comment, because it reeks of a skiddie

ye ik, I'm adding on to your statement

I hate the word hack

Hack: "To read HTML code and report a vulnerability" 😄

I remember when I was like 12 and got a mate to install back orifice and opened his cd drive randomly for fun

It's been over 20 years since then

As long as it's ran in a black and green terminal, it can be called a "hack"

back in the icq days you could remotely crash someones win98 machine or control it.

security was a completely joke back then.

Fun, is when someone you're living with becomes super paranoid of network security even though they don't know what they're talking about.

There is nothing to be paranoid about, I just assume most states can hack me regardless of what I do. Like the latest apple hack was basically confirmation of that. I speak no negativity online of any state and embrace my future skynet overlords at this point.

Nonononono it was for educational reasons, we exploited an old version of windows 7 that had some security flaws, we basically did a wannacry race

Everything from VMs to VMs in private servers

When someone does Mac whitelist

It's a pita for very little to no security benefit in a home environment

My friends dad does that

I literally have a password on the wi-fi network, i think even the included firewall is enabled too, and yet now mom's paranoid of it being hacked due to weirdness with her bf's google home

like what

Home firewalls are just deny all new on wan

there ain't much i can do beyond updating the firmware or fork over however much for a dedicated firewall

Will do nothing about some trojan or anything else starting a connection to some remote server

even then

that won't help if the issue is alleged neighbors sneaking in via wifi.

Yep

Just change the wifi password, even tho I think wpa2 is kinda easy to crack

i think i have mine set to AES

yea, wpa2 with aes encryption

Yeah pretty standard

Only other thing I can think of is gathering enough money to do a pfsense build, which I obviously ain't about to do.

I want to one day, but not over security concerns that are pretty bogstandard.

It's honestly not worth it

Just get a er-x or hex

More power efficient, quiet, smaller

Dedicated appliances are better

So that's not legally secret at all..? Exploiting a well known vulnerability isn't anything SEKRIT.

Running say a Metasploit or nessus scan in a fortune 50 and finding internet facing databases with default passwords is.

Or for that matter even something like gvm can find that.

Can I get some help with setting up wake on lan on my pc everything I do is not working

Hi I'm trying to setup wake on lan for my b550-f wifi gaming motherboard I have everything confided like it's on in the bios and lan card setting but when I push for it to wake on my phone my LEDs turn on for a second and then go back off

How do I fix my Nat type from my Nintendo switch D to B?

There's letters now for Nat type? Tf

Only Nat types I know are source and destination

yes, switch goes as high as A letter

I could only get A with port forwarding

Seems like "NAT Type" letters are a nintendo thing

Yeah. Well, since my nintendo switch has a letter of A, I know its working hard in all school subjects and qualifies for scholarships and stuff

Idk if it's just an xbox thing, but they use "open" and "strict" etc

@pulsar thorn how's it going? I'm free to do some troubleshooting about that weird issue I was having 😺

is a router a access point device or a switch device, or both

yeah I can chat quickly, gonna finish my icecream and have a shower though

Alright, ping me when you’re ready

@devout arch I'll be vibing in pilot voice

gotcha

Good luck @devout arch 👍

Thanks 😃

When I get to solution I'll write here

👍

Exactly but still you could manage to make something w it, still I think I lost the document eith all the steps and things you had to use

Hi, does anyone know how to be able to utilize 866megabits/s max over AC? These are the speeds I'm getting while I'm next to the AP.

Neither

A true router is neither

My router tho has a switch chip inside

Don't use it though

And wifi routers are access points as well

Like Micheal said, a consumer wifi router is a router, switch, AP all in one, some even add modem too

i see

And consumer routers barely do any routing, just NATing and forwarding all traffic to the next-hop from ISPs dhcp server

Never. You'll never hit those speeds on wifi unless you're in a lab

I just had a quick question, im in a Networking 1 Class and we are focusing this chapter on GP/GPO/GPM and their roles. I learn by comparing things to IRL standpoints. Would a discord admin/mod or whomever has power technically be using a GPO on discord to manage roles, channels, etc..?

isn't that microsoft AD? not networking, I'm not too familiar with AD but isn't a GPO basically a group of policies so it's kinda akin to discord roles

My networking class also consists of WIndows Server. So were just applying both somehow idk. The book definition says " a template that lets administrators manage or configure what users can or cannot do on a device or network." So I just compated Discord to the definition to help me understand it better.

Anyone have any familiarity with setting up Pfsense?

@clear igloo @waxen scroll https://i.ryois.me/YORlKcqsBo.png

BYE AD

dew it!

https://i.ryois.me/TCBk9PmYff.png

Morning fellas

Sorry I didn't see this earlier, but yeah I would say I'm kinda experienced

Any reason why if my Wan is plugged in it prevents me from opening the gui? (My physically plugged in)

you are plugged in from WAN or LAN?

by default it blocks all new traffic from WAN interface

LAN

You getting an IP address?

I have to manually enter it, but once it’s in the subnet and plugged in LAN side the gui works, if the WAN is plugged in as well nothing.

You mean lan access doesn’t work if wan is plugged into internet?

Yes, I mean, I’m only trying to get the gui up so not sure about anything else, but that looks to be the case

When you can access gui, what are your interfaces set to, and what do your firewall rules look like?

What do you mean by “interfaces set to” you mean the port name? Or the IP? Currently their are no rules, which is a problem. But it took me three days to figure out unplugging the WAN side allowed the gui to be accessed

Also yeah no rules is a bit of an issue

Sorry boss i gotta sleep, it’s nearly 2am and I have school today

I’ll lyk when I get back on later and we can try and fix it

Sweet! Ty!

Is seemless roaming basically making the network the same ssid and password ?

no

that can be roaming, but it's not seamless

seamless, also known as fast roaming requires the support and implementation of 802.11k/v

from what I understand

What is the difference between an actual VPN and a VPN protocol

same thing as, what's the difference between a website and http(s)

So if i do the ssid and pass the same on my router and AP

Will that be roaming ?

So basically nothing?

I bought a new router that I'm switching everything over too and it has the VPN feature, and uses OpenVPN and idk if its the same thing as a actual vpn, what would it do and what would it not do compared to a normal VPN

@peak cloak

so basically a vpn service like nord or proton or whatever just uses some sort of protocol (openvpn, wireguard, etc.) to connect you directly to their servers and your traffic goes to the internet from their endpoint. Running a vpn server yourself allows you to connect to your network from anywhere on the internet and go out of your endpoint or access internal services

yeah, just not seamless, depends on client to decide when to switch and may take 1-2 seconds to switch from station to station

Oh ok thanks for that

Should i reserve ips for my switch and my AP?

I mean if you want to, don't need to

Because i think i did everything correct the controller works

Only thing is the AP is getting hot for some reason

I mean things get warm

Idk it was super cool when i used it with the poe injector

Now i am running ot off the switch

poe injector is passive poe probobly

If it breaks imma get the wifi 6 version

Also i want to make the pihole work on all devices that connect

if you use the controller with all APs you can get seamless roaming iirc

I have a router that works as an AP

Its the isp one

:(

I dont know how to make that the pihole will work without configuration

uhh

just change the dns server DHCP advertises to pihole

Idk how to

This isp router is supper dumb

go to router -> dhcp -> change dns

@peak cloak so the open VPN on my new router nighthawk is basically a vpn

get a actual router

But im broke now :)

I mean yeah, a vpn is a vpn

Will it hide stuff from isp?

no, it's literally your own vpn

well depends

show screenshot

@autumn bay I actually just acquired a nighthawk x10 r9000 for 150 dollars off at my local Walmart

Screenshot of what?

the openvpn settings

Does this look like it ?

dumb

actual DHCP settings

I want everything ubiquiti so its seemless

Fair

you can get a er-x or hex for cheap

under 100 bucks

Does it have wifi?

routeros tho has a bit of a learning curve

no, that's the point

just a router

Fudge

The OpenVPN setting on my router or on the actual OpenVPN application on my computer?

router

Doesn't really show much

Imma get the dream machine

Probably when i get some money

that thing costs more than what I put in

and I have a rack, poe switch, router, servers

although I did get a bit of stuff for very cheap

Im still living with my parents and i have limited space

same

I had a 24 port cisco switch but i sold that

so yeah, it just runs a vpn server and allows you to connect to your home network from anywhere

I feel that :( my moms disabled (3 back surgeries and currently a brain tumor can never work again)

Probably should have kept it

Ahhh

like I thought

So is there a way to have my whole network routed thru a VPN service such as normal, express, etc

Nord*

is there, yes but that's not what allows it

it literally just runs a vpn server

nothing to route all traffic over

plus tbh vpns are very scammy

misleading advertizing

I just want to be able to route most of my network traffic thru a VPN. I would like to hide stuff from my ISP on everything and anyone else

This looks correct right ?

How would I go about doing that?

Static ip on the pi

And i left the others on dynamic idk if thats correct

uhh, for one I don't see the point in doing that, but if you really insist, you would either need to get another router that can support that, flash 3rd party firmware, or basically run a second router on the network for vpn access and routing over the vpn service

Would you make your switch a static ip?

everything managment on my network is dhcp reserved / static

And AP or will that mess things up?

@peak cloak could I get any old router and flash 3rd party firmware on it as long as it also supports my current speed

And would you be able to help me do it when I get it?

Basically can I get a cheaper router and run it

Sure, thing is that depends on what it can do, I'm used to routers like vyos that can do basically everything. I actually have a similar setup at home, implementation wise, but for a completely different purpose

I could go to the Walmart and get a netgear router that supports my wifi speed

For 40 bucks it's on clearance

It's a ac1600 netgear I believe

For the second router thing it would require the ability to change all routes on main router, including the 0.0.0.0/0 route, the ability to make Nat rules, etc

Actually thinking about it, it would be easier for you to just find a router that can do it

But again, I honestly don't see the point in using a vpn for all your traffic

I'd just like too tbh

It's a long story and it's not worth explaining over slowmode.

Would you be able to dm me links of routers that are capable of it?

I honestly don't know

all I know is that openwrt can do it

Okay would you be willing to do research for me on it and dm me stuff? I don't know exactly what I'm looking for. If you have spare time and don't mind I'd greatly appreciate it

is this free?

If you cant/don't want too I understand. If you do thank you in advance

some features such as cloudflare dns is free

and proxy for websites is free

but tcp proxy with cloudflare is not

like getting a dns name or u mean there dns server ?

their nameserver

ah

as in, change your domain's nameserver to cf

yeah

1.1.1.1 is the answer. 1.1.1.1 is always the answer.

nah quad9 is much faster for me than cloudflare.

nah

10.0.20.1 is where it's at

heh

I know we don’t normally send Speedtest results here but my school just upgraded from 100/50

I'm guessing they haven't added bandwith restrictions yet. XD

On wifi in a classroom I get 100/100

Our live streaming pc gets 1000/1000

all the bandwith

what they go up to?

Isn't that kinda cheating? Your literally just testing the speeds within your university. I can pull that all day by speed testing my connection to my router.

uhhh nah, look at the url lad

oh sorry it wasn't on the pic

https://speedtest.lost.rip

I use my own speedtest server because Ookla is blocked for students

That doesn't tell me anything. What server is it pulling that from? It looks like it is pulling from the university server. Most universities do this. Try fast.com

I'll record when I get to school tomorrow

you can ping speedtest.lost.rip and you'll get an IP that isn't owned by NSW Department of Education

P.s. I’m not even in university lol

Cat5e or Cat6?

You asking what we have at school or what you should run?

What should I run

Get rather

Depends what speed you want to achieve

1gbs

Cat6 is best for 10Gbps

Oh cat5e

Is cat5e future proof

No but cat6 is

Cat5e tops out at 1Gbps, Cat6 maxes out at 10Gbps

But tbf 1gbs will last for a few more years

Do cat5e should hold

For at least a couple

If you’re not worried about 10Gbps just go cat5e

Ok 👍

if youre running new cables use cat 6

it's still cheap and doesnt have any shielding to work around

and 10gigabit wont become an issue for a while

I only go with cat5e because we get 100/20 so there’s no real benefit

Should i disable 2,4GHz wifi? All devices at my home is capable with 5GHz wifi

Just run cat6 these days as 10gigabit and not much more money. Also if your network is slower then that. As you can get a Nas with 10 gigabit etc

Cat6

5e is on its way out, cat 6 is the standard now

Cat5e is only useful if you get it free or way to cheap tho would not run it in walls even if it's free

me with cat.5 cabling in the walls

Even with the price difference?

I mean it's not that much more expensive

20 bucks more for 500 ft box

Oh I'm just getting like a 15m cable for now

Not long one

is it in the wall?

Nah not in wall

It's for connecting pc to router

sure go for whatever is cheaper

at least 5e tho

Do quality matter

Like the wiring inside

technically yes, but for a short run I don't think it matter too much

Like expensive vs cheap cat5e for example

as long as it's copper it's fine

not aluminum clad

Avoid aluminium okok

If you are doing any sort of cabling I would sincerely recommend cat6 over 5e.

If the cable is already in place and you can't be arsed to change it 5e is fine, however for any new runs 6 is basically a requirement nowadays. Check on sites like cable matters for bulk cable, make sure you follow t568b when crimping, and make sure you don't crimp it backwards(the most common mistake I see)

anyone else having issue with bgp.he.net today?

as in very slow

oops wrong server lol 🙂

fine for me

eh, they have shitty routing for it anyways. I shouldn't have to have my packets to go to cali for it

should be distributed and anycasted

yeah just checked, goes to Fremont

I would have expected for it to also be hosted in NYC at least

or somewhere on east coast

eh I have ft at home and I can see that most of HE's originated routes have shitty paths

ft?

full table

ah

I use it often too, works here normally

Why do you have full tables at home?

for fun

I leave full tables for my home lab, I wouldn't bother using them for my connection. Also I don't know why you assume they have crap paths, especially is you are peering over a tunnel

will using a female to female coupler lower my network speeds ?

No

also any idea how i can get a cable that isnt soooooooooooooooo stifff

like the outdoor stuff

Unless you are connecting out of spec lengths

i have 30 m from router to switch

5e or 6

6

Then you're fine.

can i mix and match ?

Yes but it's best not to.

I wouldn't throw a female female coupler on a mixed

i need a flexible cat 6 cable

but they are all outdoor

or do i buy a terminated one and cut it to size ?

So get outdoor uv rated spec and as for flexible...um...if you are flexing it too much you're likely to have more problems than the female to female

Especially if not uv rated cable

i got a black one that is out door

but it just wont bend and i want to bend it

is CCA cable ok?

I heard it's bad

Idk about that I'm not in structured cabling

amazon has such a bad search option

do you guys think its better to get a terminated cable and cut the ends off to make my own cable ?

or should i get one without the ends ?

can't you just go to a hardware store

the UK has none of that

at least near me

really? nothing like home depot or lowes?

tesco

we have B&Q

Lol Tesco isn't going to have what he needs

the UK sees ethernet cables as specialist equipment

not just a cable

bruh even then

like home depot and lowes even have specialist stuff

one home depot is like 5 stores in the UK

so amazon is the best i can do

and amazon only has 305 m of cable

for some dumb price

I miss the uk, but I dont miss the inconvenience

The UK is losing its mind rn

Oh I know

found this

and im about to lose my mind

https://www.comms-express.com/
People in r/homelab apparently recommended

305m

i only need 25m :(

ah lol