#networking

It is.

Intolerably so.

I basically don't go outside 9 months of the year.

It's like Dubai, really only exists with air conditioning.

I like my seasons

I miss mine

It's 30c. Right now. In late October.

you call 30c hot

wow. just wow.

Na. It gets up to 46 c.

now we're taking :D

meanwhile the UK 23

if you are lucky for 10 mins

Yeah the issue here isn't that 30c is unbearable. It's that it's 30c in late October.

yeah the UK still feels hot coz its so humid

Heh....it never felt hot in the uk.

since i have lived here i have seen snow 2 times

and like 30 c the hottest ever

It's also really humid here 63%

Yeah, add a Ssl cert to it.

That's because ssl is port 443

Reverse proxy

Nginx reverse proxy specifically is the easiest

So you're trying to forward a web page hosted on port 1500 to the internet correct?

So you have to reverse proxy it through something like nginx reverse proxy manager.

Then setup the cname in your dns

can't do that

Yes you need to put a reverse proxy on the server

https with a cert can only be port 443 for security reasons

Then use a cloud flare cname record

just change the port

that will work

I said that above

Lol

A really hard facepalm

But anyways you can also reverse proxy it if you need it to run on port 1500

CF Invalid SSL error

it's not a valid ssl cert

Mate I told you, reveeerse prooooxy

won't help

if it's invalid ssl you are likely not using a public ca cert

without proper ssl certs anyway

^

It will, nginx proxy manager comes with built in letsencrypt

@topaz carbon where are you getting the cert from

https://nginxproxymanager.com/

...

hmm the cert that cf gave you?

what's the setting on the cf proxy

like, there's an option on transport

is it bound properly to the interface? like if you go to the page do you see the expected cert?

this?

Move to full normal

Not strict.

Strict can cause issues especially with letsencrypt

well I would figure out the cert part you are going to need to know it eventually when your cert expires.

Explains why you got rate limited lol

Lol

¯_(ツ)_/¯

why?

idk I got ssl to work, idk what's wrong with your website

well if it's targeting the wrong site on the same server your vhosts probably aren't set properly.

oh I don't use configuration panels. I just edit the required files.

if you are using cloudflare it already uses it's own ssl cert to the end user

unless you specify otherwise

wdym

that needs to be on port 443

yeah it's a cf cert, but it's not a trusted cert

as in, it's only for use between CF and host

not CF and end-user

actually it could maybe

but it needs to be on port 443

actually I connected to port 443 and it's also not trusted

it's a cloudflare origin cert

it's not trusted by browsers

you need to either proxy through cloudflare

or use let's encrypt or another ssl cert that is actually trusted

nope

still getting cf cert

cloudflare isn't a root certificate authority

nope

what let's encrypt challenge are you using?

well that may be an issue

since I think it's doing the http challenge

but I don't know if port 80 is actually accessible

cuz like here, it forbids http connections

possibly, idk

I just use the DNS challenge, it's the easiest

https://letsencrypt.org/docs/challenge-types/

your hosts file is messed up

or whatever, it's all over the place

no it's possible

I think how it works is that the challenge itself needs to be over port 80, however the cert can be put on a server that's on a different port

yes

no clue

takes a while for dns to update if you had a record already

kinda wanna turn my fx6300 into a router now that i know the board it’s on has integrated graphics

just get a cheap ethernet router

Er-X, Hex, are all great

i already have a router i would just be doing this for fun and because the pc is being used for nothing else

fair

No it doesn't. Turn off auto ttl

Ttl management is basically a prerequisite of web devops if you want to get things done

well yeah depends on ttl

takes however long the ttl is

On cloud flare you can drop it down to 1 minute

short ttls are also not great

depending on the purpose of course

I doubt dns is their issue tho

100% but for troubleshooting it's basically a req

He's an interesting character but if anyone wants to learn dns the guy teaches it REALLY well. https://m.youtube.com/watch?v=4ZtFk2dtqv0

tf

this is honestly a really good explanation too

https://youtu.be/-wMU8vmfaYo

It's good trust me.

They unblocked it

It can’t find a server to test with though

@modern reef lmao

So I've made a public hosting zone in AWS route 53, and pointed the namecheap domain towards the DNS servers specified in that AWS service, is this correct? Do i need to do anything else? Sorry, first time hosting a site with AWS, and first time using namecheap.

I have seen this link like hundred times

It's a good vid

Can't argue with that ;)

Hi, I have a some servers that are with open ports. I learned recently about DMZ, should I use it for that?

Is there a way to get low ping on wifi? like by tweaking router settings

these are my router settings rn

how low is ping right now

ping 192.168.1.1

ohk

@peak cloak

how close are you to the router?

that's good

can't get better than 4ms with wifi

not very far

yeah but in valorant on wifi i get like 60-70ms

on ethernet around 20-30ms

¯_(ツ)_/¯

wifi sucks

I just accepted it and have ethernet everywhere

you could maybe somehow tweak it, but idk wifi tweaking

ohkkk

what model of router is that?

its gx earth 2022

its the router given by the isp

does it only have 2.4GHz capabilities? No 802.11ac?

no it has 5ghz

not sure about 802.11ac

99% most likely will do if it's within 5 years old and has 5GHz capabilities

802.11ac utilizes 5ghz

ohk then it probably has it

should I buy a new router to improve ping?

no point

ohkkk so ethernet is the only option?

you could tweak some WiFi settings - I have a suspicion your router is only operating on 2.4 as the Band Steering option is disabled

are you in the EU or US?

asia

can you check 5GHz is enabled

yeah just a min

I guess it is?

yup

what's your rated speed you get from your ISP?

100mbps

OK, are you able to change "Band" to AC only and then change "Channel Width" to 40MHz

yes

After that can you open up the "Channel Number" menu and send a screenshot across

ohk

do you have an android phone?

noo

any android device?

unfortunately no

crap ok, 1 sec

sure

are you in india or another country - just checking the DFS channel list

india

ok leave it on Auto then

ohk

apply changes and move onto Advanced settings for wlan0 - **your connection will drop and router may restart **

ohk ill do that

send screenshot when you are back online

ohk done

ok sweet, move onto advanced and send a screenshot of that menu

change DTIM period to 3

preamble to short

MU-MIMI enabled

802.11k enabled

now a new option showed up

turn on 802.11v - this is BSS transition which allows devices to connect and roam faster

ohkk

yup did that

that should be good, apply settings. router may restart again

ohkk

go onto the security tab now

ohkk

these are the security settings

what options are under encryption?

want to see if we can disable TKIP

ok select WPA2

ohk

the options changed

I mean, useless unless you have multiple APs

have 802.11w on capable, and change Group Key Update to 3600

ohkk

yup did that

true

ok apply that now

ohk

i would recommend disabling WPS from a security perspective if you don't use it, however it's up to you.

ohk

yup disabled it

see if that helps

it might not help ping, but could make connectivity better around the house, and it's a bit more secure now

ohk

just a min ill see if the ping improved in valorant

aight - no worries

yeah the ping is now much better

earlier it used to be around 60-70ms on wifi

but now its showing 44

that's decent

yeah its wayyy better

run ping -t 192.168.1.1 while the game is running in cmd so you can see the connection to your router

ohk

send a screenshot

its not working

you mistyped it

ohh oops

yeah that's perfect for WiFi

ohkkk

which means all the other latency is the ISP, internet and valorant's network so not much you can do

ohk it could be my isp

40-60 is really good in my opinion

its is

cause my friend has a different isp he gets around 20-30ms

you can get an estimation on network latency origin using traceroute

is it a website?

cmd command

ohkk

try tracert 8.8.8.8

well you would want varolant servers

cloudflare probobly has good peering with isp

of course, but how do you find the IP of Valorant's server

look at the conntrack

and see the difference with valorant on/off

?

don't worry about it

actually they have it on their website

https://support-valorant.riotgames.com/hc/en-us/articles/360047225674-How-to-Use-Tracert-to-Obtain-Network-Logs

oh that's sweet

so you can try tracert 151.106.248.1

that's valorant's singapore server

the closest server to me is mumbai

ah so use mumbai server

75.2.66.166

tracert 75.2.66.166

99.83.136.104

this right?

ye

got this

@peak cloak @worn hollow ?

yeah seems normal

all good

ohkkk cool

thank for the help guyss

really appreciate it

only last thing i can advise is to make sure all your drivers are up to date but i assume you have already done that

no worries mate

yeah ive updated everything

lovely

should i delete the ss cause it shows my ip i think

it doesn't

it shouldn't

ohkk

how does ethernet and hdmi both send video signal of the same resolution and frame rate but they are two completely different bandwidths?

does it send the data differently?

yes

also for one, I don't think hdmi is compressed

video streaming over the internet is completly different

for ethernet

What are you talking about "Ethernet" sending the same resolution and frame rate. Internet video streaming or something like HDBase-T or Creston DigitialMedia/similar?

On youtube they say that an 8k60 video has a bitrate of ~80-100mbps but i know the hdmi 2.1 standard it set for 48Gb/s

✨ Compression ✨

that a lot of compression

yes

I didn't know that much compression was possible

hdmi does raw pixel by pixel

streaming over the internet depends on compression

https://en.wikipedia.org/wiki/Adaptive_bitrate_streaming

YouTube uses AV1 and VP9. That uses HEVC/H.265. https://en.wikipedia.org/wiki/VP9

compression is still magic to me

Hey so we're looking for a new switch because ours is pretty old and we think it's the reason our internet speeds are so low. Looking for these:

QoS (quality of service)
to measure how much traffic there is
see how much traffic is going in and out
More than 16 ports

Managed/unmanaged seems to be less of concern, anything will be great thank you

I haven’t used any of their stuff before but I hear Ubiquiti Unifi switches can do most of that (I’m not sure about network traffic measurement, but I’m guessing they do that)

Do you know anything about the sg1024de

Dad seems to be most interested in that

Unifi managment is annoying

If you aren't in the ecosystem already

Never used any stuff so I’d have no clue lol

Iirc there's no web interface

At least on the unifi switch I have

You need to setup a controller

Never in my life have I said "damn, I wish my UniFi switches had a local web GUI"

That's the point of a controller based network...Meraki doesn't have local management either. Its all from a central location

but to answer @timber wigeon's question with @pulsar thorn's response

UniFi switches don't do QoS or any DPI/application inspection since they do not operate at layer 4-7.
They can measure all port traffic though.

Ok, I didn't know that so thanks for clarifying

We found switches we liked its just that nobody sells them

I know of a lineup of switches that do all of that but its not cheap 😂

I did

at least ssh access

That's because its the $29 flex mini switch 😂

if you have the ecosystem already sure no point, but like I have that stupid little switch

even normal devices, don't they have limited ssh capability

just connecting to controller and such

no...you can SSH into them and configure them

But when they connect to the controller and the controller pushes a config, it gets wiped

So if they're not managed and adopted, it'll act as a normal managed switch

I heard from someone that all they have is just ways to connect to controller

nope

https://i.ryois.me/wtgfGYHY49.png

https://i.ryois.me/aJqcuD8jO7.png

interesting

either way for someone for one switch needed, unifi isn't for them

Well yeah, you don’t buy meraki for one thing, you don’t buy UniFi for one thing. You buy it for the management/ecosystem

Or just go get a dumb switch

ye

now this right here is premium flagship gear

is tplink branded switches more reliable then the net gear ones?

I have a netgear right now that keeps hard crashing after being up for 6-8 months of run time, the gs108T

It's web interface is so slow too 🤢

guys what is this

It looks like a log on your network port

This

what is causing it

I installed Linux on my second drive and Now windows won’t boot on my main drive Hey can anyone help

wrong chat

but it could be that the UFI got deleted

now that is triggering

1 in 300

Not an issue

This. Normal jitter

I wouldn't say jitter, more so the low preference for devices to respond to ICMP

I've had very good experiences with the new Omada platform line including their switches.

Had bad experiences as well with Tplinks previous smart switch non Omada line where ports would go dead even though their link up.

thanks for the input. that's good to know and omg that problem with the ports is terrible

Omada has been great overall

I got my hands on an old hp procurve 3500yl managed switch, but the web interface gives a java error, ive tried IE, chrome, and safari

is there a way to fix this or a specific browser i can use

if you know please ping me

If it can take a firmware update via serial or something like that definitely do so, they can be extremely temperamental best you can do is try different ones.

K will look into that, i sadly dont have a serial port or a pc with one, is there any other methods you know?

USB to serial adapter also called USB TTL is essential to working with any of this older gear, definitely look into getting one their extremely inexpensive.

It can help you update firmware, recover bricked devices or simply reset things if you mess a config up and lock yourself out.

I'm not specifically familiar with that model of switch but what I said above usually applies along with any documentation provided by the manufacture.

Cool thank you, will def look into buying one

Went to sleep but r u sure if it happens now and then

Hopefully someone can help. I currently have "sturla.uk" domain, and an internal "internal.sturla.uk" AD domain. Using Cloudflare, I am wanting to be able to redirect *.internal.sturla.uk requests to the DNS servers "dns-0{1..3}.sturla.uk" but I cannot figure out how to do this

Obviously, this would only resolve for requests that can access 10.1.2.1{0..2}, which is what I am wanting

Can you run pfsense on a raspberry pi?

Not really. Pi has one Ethernet

ah, hmm, doesn't have two nic

that's right, bummer

I wonder if someone makes a clone that has two nics

Maybe a WiFi one could? Use the ethernet for WAN, and LAN with the WiFi?

I'm not sure if it would work. It's just an idea

Hmm, here is a NanoPi R2S that looks like it has two ethernet prots

https://www.friendlyarm.com/index.php?route=product/product&product_id=282

I think I might get one and give it a go, be interesting and if it works, awesome

You can

Router on a stick

Wouldn't reccomend

And I wouldn't use pfsense, but it could work somwhat

I'm still waiting on the release of VyOS for ARM. There is a tutorial on getting it working in a Pi though

You can find carrier boards for the CM4 module that have dual gigabit ethernet ports

Nope

I mean yeah it's freebsd but there's no port to raspberrypi

It sucks because I'd use one as a basic vlan switch (main net + vlan in > ethernet bridge out)

Yeah, I see that now, well that sucks. It looks like they have talked about porting it, but nothing so far, or at least that I found.

It looks like Opensense has an ARM build

Yeah I know, you can probably do your own thing but it's too hard custom

Actually??

According to this post "opnsense, a fork of pfsense, has a development ARM build" I haven't gone to their site to check yet.

Looking into it now

Yeah nah unless you compile it yourself

This has to be compiled? https://pkg.opnsense.org/FreeBSD:11:armv6/19.1/

Oh from what I read I presumed so

Already downloading that image now

I thought you can build for arm already

What’s the best cheap router I can buy

It’s only for my room so it’s doesn’t need a big range and my internet is also slow so it doesn’t have to have high speeds

Can anyone recommend a cheap VPS provider in the US with a static IP?

Nexusbytes

thanks

based on what happened in the past 3 hours

who downloads executables on a desktop outside of a software repository in 2021? 😱

Windows users?

It's been a while since I've used windows, but is it still a thing?

my only pc with a windows partition boots to steam full screen and I nuke that partition and restore from an image every time anything breaks with this install

Very alive and well

winget exists now

Suddenly I feel happier that I've dropped windows in 2001

(my other complaint back then was that it used a truly horrible directory structure with drive "letters", I assume this is still a valid issue)

I mean this goes all the way back to DOS, you can't change this

well, it used to represent physical hardware and logical subdivisions of it, modern filesystems aren't device-centric

mhm uuid

sighs ALMOST have the cash for the MOCA adapters I need

https://www.amazon.com/dp/B0931V5847

I don't see why my unused for Satelite wiring won't work for this since its RG6 75ohm cabling with a single splitter in the mix

We took the satelite off and replaced it with a large OTA antenna

Currently got $54.48 in my Amazon wallet

any comments to give me from the results of this tracert?
First one is to my router, second is my modem(It gave my public IP). Target was fast.com but that doesn't mean anything realyy since it has a lot of servers

traceroutes don't show your public ip, can't tell you anything without ips

The Ip at hop 2 is my public IP and that's why I cut the IPs out

just color over it

you must be under cgnat maybe then

Ok I am less than 100 points away from another $10 amazon giftcard for this

normally it does not

hacker wouldn't really gain anything anyway

Hopefully that $10 will be enough for taxes and any shipping and handing I have to use

and I mean reccomendations on what?

Comments
Good? bad? anything out of the ordinary?

time for a new modem

ISP only has that 1 kind

Does mine to Google count?

I once asked if they had better hardware but apparently I was already getting the same treatment as a business, since the company is the one that arranged and paid for the installation

cloudflare

only slightly worse to cloudflare over google

ping the two and see

yup 19 for cloudlfare over 16 for google

why

My laptop has just shut down but Cloudflare had an average of 136 compared to Google’s 189 ms

are you out in some rural area?

meh

My country is 96% rural by area

canada

I wish

so US

Thousands of kilometers away

I know I am rural but my connection says otherwise LOL

better now

Make that only a couple of points away from the $10

oh for some reason I saw seattle on the traceroute

but there wasn't, so I assumed NA

not my tracert that's for sure

maybe you mean seacomnet

yeah I misread

which is one of those ocean cable companies

mine has seattle. :p

yeah that's what I saw

https://seacom.com/

ah africa

but yeah since you are transatlantic to those server you are not doing bad.

I mean sea cables don't mean transatlanic

see it could go by sea

ae-1-26.cdn-gw-cloudflare.dr-01-dar.tz.seacomnet.com [41.206.127.102]
was the last hop before "1.1.1.1"
This is within a neighbouring country
Cloudflare's website says they have multiple servers in different locations

yes

1.1.1.1 is an anycast address

so It's not across the sea

his modem though.. at

no, it's the second hop

usually

It's likely a shorter distance between me and that Cloudflare server than it is from Vancouver to San Francisco

my router and modem are separate devices, also second hop IP is my public IP, so connection between Modem and ISP device(server?) is bad

so is mine, should not matter, unless your modem is actually a router/modem and you are double-nating

could be cgnat, but cgnat in africa, they have so many v4 blocks so no need

no, modem is just modem and only NAT device on home network
Only one input/output on it and that's Ethernet with power, if that means anything

router does nat, not modem

but judging that you said one output, then probobly just modem

"router" acting as bridge(Simply for Wifi broadcasting purposes, plus ethernet ports), DHCP allocation done on "modem"

so modem is nating, so modem is actually a router/modem

yeah I would say your modem to ISP connection has some issues.

nah

yes, I believe so, all network config beyond changing SSID/Password done on "modem"

either that or his modem router has some really crappy hardware.

continuous pinging what I believe to be closest ISP IP

or just ISP issues

Yeha that just looks like a bad line or severe congestion

Just picked up the $10 AGC hopefullly it doesn't take to freaking long to show up in my email so I can use it quickly for the MOCA adapters

MOCA should work fine with my unused RG6 75ohm direct TV wiring

they should, but I have no real experience with moca adapters.

I should know once this $10 AGC comes in and I can use it to get the MOCA adapters ordered lol

New 10Gb switch came in today. I'm so happy.

Now my NVMe server can be used as it was intended, a network game file server.

Just waiting on my new Melinox cards to arrive.

haha love that usw-8-150w with the optiplex usff beside it

Yeah, its my micro "server". It runs unraid with a few of my small docker utilities and hosts my personal minecraft server

I have to say, it has been one robust little mini server

had it running for the past 4 years now and it hasnt let me down and is very quite and uses little to no power

Does anyone know of any normal consumer/gaming type routers that can handle forwarding the same ports to multiple IP's. I currently have the Asus RT-AX82U and we used to be able to forward the same ports to multiple IP's and now lately at least on Warzone/Modern Warfare and COD Cold War we can't all get on. There are 3 of us, 2 PS5's and I'm on PC, and we no longer can get on COD together. It will launch the game and then give me vague error codes, and then sometimes I'll be able to get in with an open nat type, and then my 2 roommates it will take awhile to connect them to cod servers. Today right now it won't let me connect period with my roommate on. Weird that it was port forwarding fine until a couple days ago. Everytime I reset the router and then setup port forward it works fine for a night, then next night all of a sudden it struggles to do it or can't handle it.

Holy crap. Almost 1TB of usage in 24 hours!

can't at all

impossible on a technical level

you would need more IP endpoints for more ports

for minecraft for example you just use a different port

mc java looks at SRV DNS records so people don't need to enter the different port

there's also services that you can use to tunnel to a different IP endpoint like ngrok

Except it was doing it fine for awhile. I know the answer is generally no, but I found a non consumer grade router that lets you create rules for forwarding the same ports to different IP's. To setup my own ports I would have to know Activisions IP address's for ext address entry which activision doesn't give out and they change.

How would router know what traffic goes to what device then

That's the weird part. Idk why it was working and why resetting router gets it to work temporarily, but you could have packet info tagged with the user or gamertag or activision ID so that that PC or console would only interact with packets tagged with the same ID

Upnp

That's what's making it work

Upnp is enabled all the time, so why would it stop working

I suppose I can remove the overlapping ports and just let Upnp figure it out

Upnp is basically automatic port forwarding

Bad from security standpoint, and it's stupid that they make you enable it

Still don't get why consoles need direct internet access, Nat traversal exists and lots of services like zerotier are able to create a tunnel through Nat just fine

True, but we don't have anything connected here holding say classified data, we really just game and stream at home. And I'd imagine that would be on Activision to implement so probably not anytime soon.

Okay so the only overlapping ports are 3074 on TCP and 3074, 3075, 3076, 3077, 3078, 3079 on UDP. So I could forward some of those UPD's to the PS5's and the rest to my PC and should be okay as long as they don't overlap.

Hey, all, does anyone know a software for Windows that can limit network traffic of different devices on a network that is free? Preferably that's also available for Linux.

You can't really do that, one device on the network can't limit speeds of other devices in the same network, that's something the router should have set up (QoS)

Thanks for the info 🙂

Looking for new wifi, what is the best option rn? Budget around 600 + need to use eth

morning guys, so i got a problem which is totally understandable from price perspective, so a week ago my dad ask my neighbour who he claimed have a server, 3 of my neighbour already use a wifi connected to that server, my dad do it as well, it goes pretty well, untill i can't connect to the router and having a network blackout, and everytime it got connected, it'll says "no internet". here's a diagram for reference, lines are LAN connections

we pay 10$ a month for this thing

idk what's wrong with my dad

the commercial ISP wifi is just 20$ per month

with 30$ fee for installing the wifi

can someone help me with this

also i can't log in to the router

i tried http://dlinkrouter.local/ and http://192.168.0.1

and the no connection things only happens on specific time for example in the morning (5-7am range) and the evening (3-5pm range)

just for some info, the TL-WR240N is shared with neigbour as well, so the D-LINK router is inside my house while the TP-LINK receiver is placed ouside my house that are shared with my neighbour

👀

I've come to the solution of doing 1 modem 2 routers. First I'm gonna exchange my current modem which is single ethernet out, for a dual ethernet and then connecting each router to each ethernet in hopes that this specific modem handles addressing internally with the 2 ports. I'm pretty sure though that it will be relying on getting the public IP address from xfinity and assigning it to only 1 of the routers and I fear the 2nd will not be able to get it's own automatically, and I'll have to haggle with xfinity to give us a 2nd IP. I'm hopeful the dual port modem will handle addressing internally for both ports but I don't think it will since the modem's firmware gets configured and uploaded by xfinity when you activate or switch modems. In any event the reason I'm doing this is because we are running into the issues of all 3 of us trying to play Call Of Duty at once and trying to get around the whole port forwarding to 1 internal ip address thing.

too bad we didn't start the public WWW on IPv6, this would be a lot easier to hand out multiple public IP address's.

Networking expects i need help

Why is my ping so high but my download speed is normal?
Image below for reference

possibly not the same issue but my dad has satellite internet. 700+ ping with 20 down.

What did ur dad do to fix his problem?

My isp tech people just came into my house and fixed it but its still high ping

Nothing he can do. He has huegsnet now (garbage, but it is the only one he can get) spectrum is supposed to be running lines to his street but high ping comes with satellite internet

Do you have sat?

like bro wtf is this....

that ping is crazy... do you have satillite internet or?

idk what that means

but im on LAN

do you live in a really remote area? my dad does and so no ISPs have lines near him

no, im using ISP

ISP is just Internet Service Provider. So spectrum, CenturyLink Etc.

yes isp

Internet providers who have satellite are also ISPs everyone with internet has an ISP

yes isp

i think its my router

I cant login to 192. etc admin thingy

is the password default?

should be admin/admin or admin/password

nope, it literally doesnt show up lmao

smh @celest lantern

huh yea i would probably look into a new router

do you know if your ISP provided you with that router?

nope

you could probably call and ask if that is hardware they provided. if so ask for an upgrade or a replacement or buy your own and return that one

i just factory resetted my router, gonna configure the settings rn for family

i hope this fixes the problem

ffs still high ping

Resetting the router really does nothing respective to making the ping lesser

Maybe do a traceroute and see where the ping is going high

Not the best way, but it works

Try not to hit the cable

https://www.amazon.com/UMTELE-Concealer-125-6-inch-Paintable-Management/dp/B07VX599SF/

I have damaged a little bit anyway i get full speed

I need some networking help can someone help me in vc or pm?

Its about a router wireless hot spotting and a nas

i need help changing ip

hei guys, Need a help, Can Anyone suggest which VPN is best for Gaming ???

Probably doesn't really matter, as long as they have a server nearby to your location. I would suggest looking for a vpn provider which supports the wireguard protocol, much faster and less latency

wireguard protocoL !! is that a cisco proprietry Protocol??

haven't heard of it !!!!!

It's actually fully open source

Might be cisco, not sure

oh okay ! thats interesting/

not cisco for sur e./

as I am new to this "Wireguard" protocol, Can you suggest me one ???

suggestions any ?

No clue. I self-host a server

Cisco open sourcing......in my dreams maby

yeah same here ! in our dreams

Pls help

Router like #ROUTER ?? or Typical WIFI- router !! 🙂

Wifi router

report to computer crimes unit

anyone know about chainging a routers UI? I have the router my IPS provided me and it gives me the speeds i need but i hate the UI and dont want to buy a new one just for that reason

pretty hard to do without reflashing even then you'd have to find a working ROM TLDR its pretty impossible

damn alright thanks

How can I use ufw to block all ping packets from an outside network coming into a subnet A?

I think i figured it out

-A ufw-before-input -p icmp --icmp-type destination-unreachable -j DROP
-A ufw-before-input -p icmp --icmp-type source-quench -j DROP
-A ufw-before-input -p icmp --icmp-type time-exceeded -j DROP
-A ufw-before-input -p icmp --icmp-type parameter-problem -j DROP
-A ufw-before-input -p icmp --icmp-type echo-request -j DROP

Looks good to me 🤷🏼‍♂️

Btw to default deny everything, I can do;

sudo ufw default drop incoming
sudo ufw default drop outgoing

But if I wanna accept ssh from outside, I can do sudo ufw allow 22/tcp
But if I wanna accept ssh if and only if outside wanna connect to e.g., 192.168. 1. 2
How do I do that?

This is while I'm watching youtube in the background, is this ISP problem?

Seems fine

Heh

@peak cloak Really?

@wheat flicker There is nothing wrong with that output

But I notice increase in ping while in VC etc

IS this really normal

Spikes or increase in average ping?

spikes

Yes its normal. ICMP is not reliable, you WILL see spikes at times

Discord

and that is while watching YT in the background?

Ye

Its normal then. ICMP gets lowest priority. Other traffic will get preference and you'll see spikes. All depends on a few things. Mainly whatever bandwidth package you have

spoken like a true ISP support tech

Got 250/15

is there no way to fix that

Do you actually notice any voice issues?

I finally got around to adding a wiki article on ping/trace so the NOC can stop escalating every ticket that came in on it

I do not notice any voice issues

but I don't get it, bandwidth is fine and all

I wouldn't worry about it. Theres are ton of factors that it can be and its only really a problem when you start to notice it in applications

Ok I trust you

I also notice this

I'm going to be using ubiquiti unifi gear for my home network in my new house. is it worth spending an extra $100 to get the switch "enterprise" over the regular one? https://store.ui.com/collections/unifi-network-switching/products/unifi-enterprise-switch-24-poe vs https://store.ui.com/collections/unifi-network-switching/products/usw-pro-24-poe . The only real differences I see are that half the ports are 2500 Mbps instead of just 1000 Mbps (and the corresponding increased throughput/etc)

Ubiquiti
Enterprise

Do you need the extra port bandwidth?

their name, not mine, lol. i agree with you, but i'm also not going to go get cisco certified to network my house.

not really, tbh. but i want to future-proof as much as possible and it's only $100 which isn't too much in the grand scheme of things for this project. i'll have gigabit internet service from my ISP

I have a TP-Link TL-SG108E network switch. Last night I had a power outage. Lasted around 2 mins. When power was restored, my switch no longer seem to work properly. None of the devices connected to the switch seem to get any internet. In windows, Ethernet seems to appear as "Unidentifiable network". Is the switch dead?

Kinda network related, kinda not... How easy would it be do drop a network cable through a studded wall into a port in a wall? Preferably without cutting holes or anything

Is it a difficult job for an electrician? Or basic?

Depends

If it's just a simple wall ez

I've done it before, but in the opposite way

From the bottom

There's already a telephone cable which is no longer needed, so possibly that could make it easier

It has insulation in too

Fixed it. Reset router helped 😅

what type

Honestly, not a clue...

like spray foam insulation would be a pita

its a 20 year old house, and we moved here 6 months ago

but if it's like loose insulation it could be easy

I've really only done it with interior walls which only have this sound insulation which is simple to just pull apart you you could just push the cable next to the insulation

Is there a way to make every device on my network use DNS-over-HTTPS?
Or even systemwide on PC? currently I’ve not done an in-depth search, though all I’m seeing at the moment is to enable it within browsers

Have router or another device be a DNS forwarder that forwards over https

So basically it listens on conventional port 53, and forwards the requests over https and can cache as well

Could use router if it supports it, or can set it up to have a pi for example so it

Just then make sure you change the DNS server field in the DHCP server to device

Thank you for the help!
Is it possible to set it up systemwide on PC minus installing softwares/ VPNs, as I tend to move around a bit with my laptop?

Idk, you prob can.

setup https://coredns.io/

you could also let it use a adblock list

then in your router/modem dhcp settings tell it you use the coredns server ip

could someone help me? so i built a new pc yesterday and it works fine but idk why my internet is so slow on it. I am directly connected to the internet thru an ethernet cable and i run 9mbps max. I know it isnt an internet problem bc when i did the same to my older pc i get 285-300’s. I alro tried it without the cable and got 4-6 mbps max

update your ethernet adapter drivers

Someone in the office complained of really slow wifi speeds so I start testing the wap they're on with my phone, everything tests normal

I test it with their phone, they're getting like 5 Mbps

I test her phone with a different wap that no one is on, tests normal

@ivory vault let's check from the very basic. Just verify that your client is connected on the right band. That is if you have deployed dual band aps, just verify that your clients are connected to the 5GHz band

To me it seems like your 2.4GHz band might be cluttered

I cannot tell because her iphone doesn't say and I don't have access to the router settings

And the higher level IT person in the office doesn't give a fuck because the office is moving soon so I have to tell the attorney to just suck it up

Hey friends, I am experiencing connection issues since several weeks/months with the predominant problem pattern being generally heightened ping and constant ping and jitter spikes. Sometimes I do experience packet loss, but not much. Our bandwidth in both down- and upload is okay.

The dialogue with the ISP is problematic, so I am turning to you guys to hopefully help me out here.

I have recorded my ping with pingplotter since several days. It looks like this:
https://i.imgur.com/khvlpI1.png

Additionally I might note, that I have seen a variety of ping patterns, but this is the most occurring. Especially in "prime time" for the ISP. I have made these measurements without any bigger download, just light browser usage.

ping is not really an accurate way to measure your latency

ICMP is lowest priority for routers so it can get dropped easily if there is a lot of traffic

it honestly looks just fine

What would you suggest?

nothing

oh like how to measure

uhh, would be more complicated

something to measure latency using tcp packets or similar, would require setting up a remote server

I can def. attest that the internet is not behaving like it normally does. I can not enjoy multiplayer games anymore since I have constant ping spikes and rubber banding.

hmm

Well, is there a method I can use to get better results to analyze without setting up my own server? Or is there a service you know of that can help me with this?

then there probobly is some issue, just lots of people use ping as proof, when it really isn't. If your actual experience is degradded then there prob is an issue

I know that the pings pingplotter uses can be dropped, but as far as I know pingplotter is widely used for network analysis?!

not really

Yes, sir. It def. is.

But bottom line is that you can not see anything from my pingplotter output? Not only from the picture I shared but from using pingplotter generally?!

I mean from an ISP standpoint something like a traceroute would be more useful

wouldn't be 100% accurate, but def more useful to give as information

Pingplotter gives insight into that aswell. Do you mean this?

yeah that looks like traceroute

@ivory vault I am getting the picture clear now.

Honestly I am not an iOS user, so I can't guide you with checking the connection band.

And in an enterprise grade network infrastructure, 2.4GHz and 5GHz bands have the same SSID.

So there might be 2 problems; first one is regarding the band
Second one is that the IT personnel must have messed up the bandwidth configuration.

First one can be resolved from your end, for the second one you'll have to contact the IT department

You might be facing either of the two issues, or there's a alim chance that you might be facing both the issues

I am the on site IT person but basically I just replace wires when they break. Smarter IT people have the ticket now, but thank you

"And in an enterprise grade network infrastructure, 2.4GHz and 5GHz bands have the same SSID."

no, its anything goes like consumer gear

ive had routers from asus 6-7 years ago where you can do all on same SSID, make new SSIDs for each, or whatever

And AFAIK the OS usually chooses the higher GHz first, because in the wifi menu or whatever it'd only list one

yeah it's client choice

does anyone know though why windows is weird and shows sometimes:
<SSID_Name> 1

or even 2 or 3 sometimes

thats not been my observation, its usually signal strength. but ive gotta be honest I split the signals up to keep it on 5G years ago and have no idea what it does now

Ah, i see could be

There are a lot of devices that will just grab whatever band which is where band steering comes into play so you can nudge them from 2.4Ghz to 5Ghz

i got pissed with my devices switching to slow 2G even though the lower signal 5G was way better

another thing that annoys me is like most of the IoT crap still ships 2G only

what is it $5 more for them to put 5G in? pssh

Come on now, that extra $0.00001 5G capable module, is a lot 😛

i have a bit of IoT and pretty much all is 2G

Sonos still uses 2.4Ghz G for most stuff

Most at least uses N

im tired of zwave so pretty much anything new gets wifi

anyone do the win 11 upgrade that just popped? Wondering if theres a fresh install option. I need a good wipe

I don't want to touch win 11 for at least a year

I upgraded a while back but there is a fresh install option from the media creation tool

I did mine with the media creation tool. It's an okay upgrade... it definitely has that feeling when the first windows 8 or windows 10 release came out

you can't even right click anywhere on the Taskbar anymore for a quick context shortcut for task manager

settings rectangles are way too big and distracting

and OMG you can't easily switch between audio outputs by clicking the volume icon anymore

yes you can on the window icon on the bar

pretty much where everything useful is at

but that's just one spot , what about anywhere?

like it is in windows 10

the simplified audio control bothers me the most

Anyone know if 32GB download and upload is a possible DDOS attack.? My unifi switch showed that. And once that happened whole internet slowed down and sites stopped loading

you have ports open?

probobly

Only ports for minecraft server.. But is protected by TCPShield. IP was never given out.

Should I consider contacting my ISP to get an IP change?

I mean is it fine now?

Yes..

Though I’m worried of it happening again.

anyone know why my brothers PS4 has Lag on a 5hz connection next to the WAP ?

or is that the PS4 that is the problems ?

Is there a reason why my internet doesnt work on browsers?

everything else is fine but the only thing that doesnt work is my browsers

what's the error

timeout?

name not found?

wtf?

?

"NET::ERR_CERT_COMMON_NAME_INVALID"

it didnt let me send it just now

so you get a big "Connection is not private warning"?

when trying to access google.com?

yes

make sure your system time is correct

and you may need to update root ssl certs

or someone is tampering with your connection

how do i do that

you are using chrome?

yes

the only thing is i cant google stuff

uhh, just check the time and check it's correct

uh wym by that

like the clock?

uhh yeah

also can you send a screenshot/picture of

no need to blur, this is just taken from a wordpress tutorial

click on "Certificate is not valid"

send that

Click on Certification path

then click on the very top one

and show what the certificate status is

example:

what about google.com.ar

is your computer configured to use a proxy

how do i check that

Win + I -> Network & Internet -> Proxy

hmm yeah windows says it's fine

prob proxy or something

disable use setup script

should i turn on automatic?

no

okay

done

try it again

still cant search anything

Google issues most of their certificates from GTS CA (google trust services)

it being issued directly under DigiCert seems sus

on this page, click the details tab

Scroll down to Subject Alternative Name

(Also https://crt.sh/?q=www.google.com.ar) This website shows zero certs for "www.google.com.ar"

and DigiCert does not list G1A as a root certificate. https://www.digicert.com/kb/digicert-root-certificates.htm

im there

Something, or someone, has probably installed that onto your system and configured your PC to use that proxy.

Click on it and screenshot

Oh fuck sus

i didnt build the pc it was built for me by my sisters bf

well her boyfriends friend actually

Did you install the OS?

wym os

did you install Windows

nop

ok, so someone could've done this.

Also, an 11 year issuance time does not sound like Google. Someone probably did this

uh i think windows was cloned

the windows they installed onto my pc was cloned

Windows key + R -> inetcpl.cpl in the textbox then OK -> Connections tab -> LAN Settings button -> Uncheck all https://i.ryois.me/v73FsmJUlB.png

So there's group policies in place....even more sus. Someone/something is probably doing this maliciously then.

Have you installed/ran anything suspicious

not as far as im concerned

is this Windows 10 Pro or Home, or do you not know?

To find out Windows key + R -> clear out the textbox and type in winver. There should be a line saying "The Windows 10 Pro/Home..."

Blob rocks.
I would just clean install a new Windows instead of getting this far.

^ that would be faster yeah

its pro

but sounds like your sister's boyfriend's friend either intentionally or unintentionally did this if it isn't a program you run

Try Windows Key + X -> find either PowerShell Admin or Command Prompt Admin

click yes for the UAC prompt if needed

run

RD /S /Q "%WinDir%\System32\GroupPolicyUsers" && RD /S /Q "%WinDir%\System32\GroupPolicy"
``` This deletes all group policies on the computer

Stole!

Then

gpupdate /force
``` in the same window

That should remove all proxy settings

should i run cmd or use the powershell?

Either one, as long as it’s running as admin

Windows Key + X should give you either power shell or CMD as admin option

okay

should i try searching something?

yeah

didnt work

Can you do this again #networking message

nope still cant

Any error?

Still says some settings are managed?

yes

do you use a microsoft account to log into the computer?

see what domain it's connected to?

its most likely local group policy

no

ah

sometimes a reboot is needed, but gpupdate /force should update it

I forget local policies exist

then should i reboot it?

it wouldn't hurt lol

yeah try it

yes it is

it got fixed

nice

is there a way to change the local group thingy?

you can search now?

yes

#networking message this command removes all group policies

So you shouldn't have any local group policies

i cant sign in

it wont let me type anything

sign into what

microsoft account

i also cant search anything on the searchbar

honestly

you may want to reinstall windows

Does anyone know if i can change the speed and duplex for my wifi adapter? My internet was capped at 10mbps on my ethernet cable bc i saw some yt video saying i should change it or wtv tk fix a problem but its normal now but its so inconvenient having a lan cable going through the whole house. So i bought a wifi adapter but the speed wouldnt go higher than 1mbps

Holy crap I’ve been trying to get my router/modem to be basically a modem and use my stand alone router as a router but I don’t know where to plug the router Ethernet cable into the router/modem should I use the Ethernet port or broadband

So ISP > Router/Modem WAN > Router WAN I think is what you're trying to get?

Yup it’s messy but I gave up and basically now I have my own private network in my home

Top right is switch which is connected to router/modem, router/modem is main network is home, that other spare network is my own mini network now that I connected to the router/modem

I don’t think that’s how I’m supposed to set it up but at this point I accepted defeat

rack

hmm the bot deleted my message and idk why

what was the bad word

Does a Cable Modem have two gateways?

??

Traceroute shows 192.x.x.x and 10.x.x.x

1st and 2nd

show

is it a modem or modem/router

modem/router

you have another router behind that?

nop

either cgnat

the second hop isn't responding to icmp thing

when I ping it

not everything has ICMP enabled

or some weird thing I had with optimum where the second hop showed a 10.x.x.x which was probobly an internernal ISP address, but I had a publicly routable IP

10.x.x.x is a private subnet

no need to cross out

So is it fine

Thought it was weird that it showed two gateway ips

well it's not two gateways

BUT is it fine

depends what fine means, check your router/modem to see what IP it gets

to see if not under cgnat

ipconfig or the website

ipconfig shows 192

192 is also website

router web interface

Either MPLS and they never enabled no-TTL propagate or the interface has multiple addresses and the private address is the primary. Not too big a deal really

yeah, that's what I thought, something with 2 interfaces and reporting the 10.x.x.x one

yeah you are under cgnat

Is that bad

what is cgnat

I mean, kinda, not really, depends. Basically you don't get your own public IP address, but everything is natted along with other people on your ISPs network

ok so like what are downsides to this

Me don't get

can't port forward basically

and you share an IP with other people so if they do something to get IP-banned, you get IP-banned too by nature

wait I can't port forward

The web interface has a port forwarding thing tho

ok, doesn't mean it will work

Stinky

eugh is there a way to change

ask isp

ok will do tomorrow

Do public addresses change under cgnat

Sometimes between router reboots, yes

sometimes just randomly from time to time

never seen mine change at all

My first IT job....and never would have thought it'd take this much to get a printer set up in an enterprise environment. I mean good God Almighty. 😟

printers. nothing but problems in my college

We got some real Dinos of printers sitting in the printer graveyard room. they are going to be raffled off to students last I heard

they just don't know when to stop working. they keep printing and printing and printing...

too bad they are oversized junk

i never had to deal

😆 I'm learning how cheap Amazon really is, and why they have so much money. I would figure that their SNMP console (or whatever its called) would take over after enabling it, and doing the basic things, like adding an IP address and subnet mask. But no, literally every single step is manual. HUGE time waster. 🙃

@peak cloak Is CGNAT the same as double NAT

For simplicities sake, CGNAT is essentially similar to double NAT. https://en.wikipedia.org/wiki/Carrier-grade_NAT

://

Hey, can someone help me, im struggling to find something

im trying to find my port so I can set up this proxy, I seem to be mentally deficient and cannot find what it is

Ok I called ISP and they told me that I can port forward and all

(Though I'm supposed to be under CGNAT(?))

can someone help me with rds

Are they referring to ipv6? like do you have a public ipv6 address assigned to your cpe? Because with ipv4 you could put the port forwarding in the cpe but it wouldn't open it on your public address because it doesn't know it. I guess one could write software to make that link happen i'm not aware of isp's that have done so.

you may have ipv6 service

IMO cgnat is only acceptable when you have ipv6

yeah but there is a ton of wisp carriers that have no idea what they're really doing on the networking side and just trying to make a quick buck these days.

yeah

cough cough PNAT ipv6

I heard a story of an isp who claimed they had ipv6, but they cgnated ipv6

Guys can anyone help me with rds setup on windoes 2019 server

did you install the RDS role?

CGNAT IPv6? really?

Dont know how true it is, but I just remember hearing it somewhere

there's just no reason to CGNAT IPv6

you can get huge amounts of IPv6 space for cheap

there is only one good reason to do NAT at all on IPv6, and that is for failover for normal consumer connections

ex. you buy service from a cable ISP and a DSL ISP

the DSL ISP is just a backup in case the cable one goes down

both give you an IPv6 prefix

but if you use the cable prefix and the cable goes down, the IPv6 is no longer going to work

but if you NAT it with netmap, then you can translate the IPv6 prefix for cable to the IPv6 prefix for DSL

and then you have failover

mind you I think a lot of companies that are worried about this don't really need to be that worried about it

buying a backup DSL connection in case a cable connection goes down... I don't really see the point

I have a cable connection at home and it has never really gone down.. never felt the need to have a second connection just in case, from a small-medium business perspective

if you are an ISP, of course you need to have a few BGP transit feeds from a few providers