#networking

Idk saw some video and the Guy was having around 1gb/s

if you got a damn decent network, storage server, and nic cards on both yes

Since when did just a gigabit become a damn decent network 🤔

A residential grade network that can handle the pressure of intense local file transfer at full Nic speed is damn good by common standards

Ive got a dell poweredge a nighthawk router and a razer blade sooooo that would be enough

You usually need the storage server to have good processing power, a great nic, and some fast drives (or large and fast cache drives)

Then the switch needs to have more than a gigabit of switching capacity or QoS from Windows and the Switch/Router will start splitting up the bandwidth

Wym by qos

Then the client (Computer/Laptop/whatever) needs to have a reliable, stable, and decently high end uplink with the LAN Network everything is attached to

Quality of Service.

QOS is a service on Windows (For the Programs running) and Routers/Switches (for the devices attached) that ensure no one eats up all the bandwidth (or lets you split up bandwidth in dedicated portions to specific network transfers)

In my lan i only have my 3 laptop ans my tv and server thats all so not a lots of services

Devices

How can i have one ??

If your switch has 1 Gbit of Switching capacity, 5 Gbit Ports, your Server, your Machine.... well for example you are on discord rn, you may be streaming, etc... thats using up part of that gigabit switching capacity

Im using rj45 by cpl

Ahhh okay i see

Just because you got 5x 1 Gigabit Ports doesnt mean you can pump out 5 Gigabit of transactions out the switch for example... you can only move 1gbit as a whole between everything

Combined the with the fact you are using an AIO Router (Wifi AP + Gateway + Firewall + Switch + Router) [The Nighthawk], its prob a bit loaded with tasks and already has limited switching/routing bandwidth

And can i chose like my wifi card for internet browsing discord etc and Keep my lan card for iscsi only ??

uh, yes actually

but the process to do that is a bit more detailed

Okay but it will help nop ??

you still wont get the speeds you need to not die of fucking terribad lag loading assets over the network

(Ive tried)

So how can i get good perf with this then ??

You are going to need to lay out your entire current setup for me:

The Server, its contents (What type of CPU, Drive, Network Card)
The Router Model
and the Model of your Computer
and how everything is connected
What OS' its running
And how your network is currently laid out (Including other clients liek TV's, IoT Devices, etc)

Because if you want actual good performance for something like this... you are gonna have to finally get into traffic shaping and network partitioning (wiiiiiiiiiittttttth VLANs!) to make this work.... especially on a Consumer Grade Router/Switch

Even if i have like 2 service running on my whole lan ?? I do need vlan ??1

Well you have another option tbh

Plug the ethernet from your machine directly into the server

Assign manual IP's

I can do that if flat rj45 câble exist

And you can actually talk directly over the wire

Flat RJ45 does exist

and RJ45 is the connector (the jack)

Just need to go under my door

Ethernet is the Protocol
Cat5/6/7 Cable is the actual Wire

"Flat Cat5 Cable" or "Flat Ethernet Cable"

https://www.amazon.com/Ethernet-High-Speed-Internet-Shielded-Connectors/dp/B097MW1MM8/ > Cat8 kek
But whatever it works

Seem good

And how about a 1gbit cpl directly connected to my server ???

Seem easier

well, thats what i meant...

Using cpl ??

what do you mean by CPL?

The plastic that you put to get internet pver electricity

Power line adapter

You could if they are close enough

Hmmmm i see

And btw, if your power is dirty, Powerline Adapters will have packet loss and latency issues

Nah it isnt

And what do i really need to do to get it to work ??

Just need to assign the Ip on the power line ??

Laptop > Assign IP of 192.168.0.1, Set Gateway to 192.168.0.2
Server > Assign IP of 192.168.0.2, Set Gateway to 192.168.0.1

From your laptop, you can connect to the server from 192.168.0.2

From your server, you can connect to your laptop from 192.168.0.1

Okaaayyy i see pretty easy then

yeah direct PC<>PC Ethernet Links are pretty easy

Then imma do it tonight

Thanks for the help buddy

just so you know... your SATA Drives are 6 Gigabit/s

Your NVMe SSD is way faster...

Your ethernet is 1 Gigabit/s

think about it for a moment.

(you are basically limited to the speed of 1/6.5th of your internal drive).

On a razer blade its like nvme 2.0 and 4to cost like 400€

I can't afford it lol

NVMe 2.0 goes 36 Gigabit/s

Yeah but i only have 500gb on it

The only thing that i've bought for my blade was 64gb kit of ram

Guyss Does a bad router affect ur wifi speed even if ure using lan cable?

what do you mean

I wanna configure my local nextcloud server such that I can access it anywhere in the world

how do I do that?

someone suggested port forwarding but idk how to do that

of course

a router that can only route 200mb/s will only be able to route 200 mb/s, regardless if it's wifi or ethernet

I am planning on getting a long ethernet cable to connect to my router downstairs. If I connect the long cable to a splitter in my room then use two short ethernet cables to connect to my console and PC, will that work? if I am only using one device, will that give the same result as directly plugging in the long cable to the device?

splitter? you mean switch?

as long as this "long" cable is less than 100meters, yes

something like thishttps://www.aliexpress.com/item/1005001386811681.html?src=google&aff_fcid=da136ab9ba1448d5971b961d2856f902-1640012697643-02527-UneMJZVf&aff_fsk=UneMJZVf&aff_platform=aaf&sk=UneMJZVf&aff_trace_key=da136ab9ba1448d5971b961d2856f902-1640012697643-02527-UneMJZVf&terminal_id=f77551accf61440db2c003528d86efe8

noo

this wont work?

the only way I see it working is if you have 2 splitters one on each end, and you will be limited to less than 100mbps

and would require 2 short (patch) cables into router as well

no, I will run one cable from the router and plug it into the "right side" shown in the image. then use two other cables connected to the left side for my two devices

that won't work

it doesn't have a switch chip inside

so I need something like this? https://www.harveynorman.ie/computing/networking-and-connectivity/modems-routers/tp-link-5-port-metal-gigabit-desktop-switch.html

yes

ok
for the ethernet cable, I am planning on getting a 20m one
is there anything I should watch out for?

cat5e or higher

cat 6 is good

anything higher is a waste of money

and if I am using a switch, getting a cat6 long cable but cat5e short ones is the same as using all cat 5e ?

or will it be better since cat6 has bigger bandwidth (from what I read)?

guys i think my PC cable lan receiver thing is damaged

not really

it can support higher freqencies and such, but you will be limited by the interfaces on each end

My lan speed in other gadgets are 125mbps but i only get 9mbps on my PC (lan). is there anything i can do to fix it?

swith, router, and pc I bet can only do gigabit

or is my motherboard basically damaged now

so by the router and switch?
or you mean the devices?

by everything

my router just died due to lightning, like literally got hit when it was raining thunder

@peak cloak how can i confirm that my PC lan cable receiver is damaged?

im using my backup router for now

2,5gbe should already be avaible by now for routers baseline why vendors so lazy

the way most do it, it's practically useless

paying 300 bucks for a premium router that only has 1 gbe lan ports /facepalm

300 bucks is wayyy to much

https://www.ui.com/edgemax/edgerouter-x/

what I have

present, what should i do for now?

¯_(ツ)_/¯

https://www.asus.com/nl/Networking-IoT-Servers/WiFi-Routers/ASUS-Gaming-Routers/RT-AX88U/ what i have

asus...

should i buy a new router for now and see if my PC recovers the wifi speed?

i hate that router so much i got merlin on it and telling my router by script to not advertise it self as dns and to piss off

cos i use my nas as dhcp server + pihole bassicly

I can do whatever I want

It likes to shutdown wan just cos it cannot connect to dns even tho it has a ip adress configured

my routing table is pretty unique too

I wanna get a switch with 2,5 gbe lan ports that i can install my own router os on that i want

switch?

router os?

Oh sorry i forgot you dont speak my language

managed switch or something

ax88u is bassicly just a linux device with fancy interface

no?

switch doesn't do routing

or do you mean L3 Switch

those still don't have the best routing performance

No idea im still researching on it

but just want to install my own software on it and firewall kind of like pfsense

why your own software

own dhcp server also

EdgeOS is pretty good

Cos i want configuration to work my way

RouterOS as well for mikrotik devices

Not the way asus or some other brand has set it up

actual routers let you configure everything

cos my network relies on local dns

edgeos, routeros, etc.

@thick minnow http://demo.mt.lv/webfig

routeros demo

can configure anything

it's too manual in some things

as long it accepts ssh and configuration via ssh as well and persist its good

oh ofc it has an ssh interface

try connecting now to the demo

interface is slow and lacking in configuration often

and slow cos just typing a command is faster usually then setting a few options

I like vyos

it's cli only, edgeos is very similar

Its easier to deploy a docker container in shell then via interface for example

Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
       O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       > - selected route, * - FIB route, p - stale info

IP Route Table for VRF "default"
S    *> 0.0.0.0/0 [210/0] via 173.63.205.1, eth1
C    *> 0.0.0.0/30 is directly connected, wg0
C    *> 10.0.10.0/24 is directly connected, eth4.10
C    *> 10.0.20.0/24 is directly connected, eth4.20
C    *> 10.0.30.0/24 is directly connected, eth4.30
C    *> 10.0.40.0/24 is directly connected, eth4.40
C    *> 10.1.1.0/30 is directly connected, wg0
C    *> 10.10.10.0/24 is directly connected, eth4.1010
C    *> 10.10.20.0/24 is directly connected, eth4.1020
C    *> 10.10.30.0/24 is directly connected, eth4.1030
C    *> 10.200.1.0/24 is directly connected, eth4.2000
C    *> 127.0.0.0/8 is directly connected, lo
S    *> 172.16.0.0/12 [1/0] via 10.10.20.46, eth4.1020
C    *> 173.0.0.0/24 is directly connected, eth1
C    *> 192.168.100.0/24 is directly connected, eth4.100```

I can do basically any vyatta command in edgeos

I like the cli this has, routeros not so much, maybe it's just a case of getting used to it

im still learning how to do stuff by command but most stuff i already know is so much easier and faster then doing it by interface

sometimes its simply not even possible by interface

I like vyatta based cli, many nice things like tab autocomplete, ? for available options, etc.

and config is json-like

I blame windows honestly for my lack of knowledge they made things so easy you just skip that kind of knowledge while in linux its mandatory to know such thing

this is an example of a port forwarding rule in vyos ```rule 10 {
description "forward minecraft to 10.10.30.60 (Brothers server)"
destination {
port 25565
}
inbound-interface eth0
protocol tcp_udp
translation {
address 10.10.30.60
}
}

That kind of thing i like about asus and is pretty easy to setup

Just copy paste bassicly

Wish my router could setup ipv6 ipam honestly altho its probably possible to do with dnsmasq script as well i just haven't done my research yet on it

build your own linux or bsd (pfsense/opnsense) router box. enjoy iptables. have what ever ports you want to spend money on configured how ever you want.

iptables 🤮

heh

No but they do damn well for what they need be

Just wait guise..... FPGA based Software Defined Network appliances that can do L2/L3 Switching, Routing, Firewall, Gateway, etc based on what functions you flash onto it

https://m.youtube.com/watch?v=47NRaBVxgVM

Really cool course for anyone interested in understanding the history of the internet and how it has become what it is today;

Why is my downloadspeed so slow (12mbps) in steam and other applications but when i do a speedtest its 100 mb up and down

steam measures in megabytes per second

speed test is megabits

Dumb question, pretty sure the obvious answer is correct, the modem for an Xfinity connection has to be from their approved hardware list, right?

"Depends"

Whats your current model of Modem?

I'm moving and changing providers, trying to select a modem now without kneecapping myself

Planning to get just a modem and set up some microtik equipment from that.

I'm also wondering how much DOCSIS version/channels matters for me, I'm an online student and I play some games but I'm not streaming or anything abnormally network dependent

Gigabit does way better on 3.1

But 3.1 supports 10Gbit, 3.0 supports 1 Gbit

I'm signing up for a "600 down" plan, who knows what speeds will actually be though.

Guys, could my faulty motherboard be the reason why my lan cable isnt fast?

Well, find out for one where the TAP point is for everyone on your street... take a look at the quality of it and see if its rusted/beaten/etc..... If it is, then the noise from your neighbors bad physical connection will fudge with yours... cuz... Coax

is a physical LAN design just saying what goes where ?

What?

Like a design, yes and no

yes

is it how its going to be connected tto the rooms and stuff ?

yeah

oh ok thanks

I mean, you also have network design

but that's not pysical, but rather the design of the network itself ontop of the physical layer

im doing the lan and wan stuff rn

that's like neither

this a logical one

I guess

then the physical one is just saying what goes where

@clear igloo

HA, 21 years uptime

that router can drink now

If NTP was accurate, based on the last reboot date, it would be actually old enough to rent a car

Orlando?

Lurick and I have an NDA so we can share 🤣

im having troubles port forwarding for a mc server and when i try to check the port is timed out

what are the first two octets of your WAN IP, from router

someone helped me it works

any one know of any good ethernet network switches where you can chose how much bandwith goes in and outputs?

most managed switches will be able to do some level of traffic shaping... but if you supply a little more detail about what you're trying to do we can probably help in a more useful way

Anyone got a recommendation for how many Ethernet runs to put in a bedroom, currently planning for 2.

Depends on your needs? Good to plan ahead so you decide which room will have what device which would need a computer, or a AP, etc

The house is a flip so I don't have any needs, AP's will be ceiling mounted and Ethernet will be run to locations for cameras. Rooms with tv's will probably get 4 Ethernet ports.

Exactly, you know your answer then :P

Ethernet dongle to phone? Or does it translate the mounted file system to an SMB share over the network?

Which one is my public DNSSEC key? The upper or lower one?

And i dont even know which setting i should use then

I have no idea as I haven't had to deal with DNSSEC, But Cloudflare does go over it in a rather informative way. I'll be reading this myself at some point.

https://www.cloudflare.com/dns/dnssec/how-dnssec-works/

will a redundant network with 2 switches have 2 ethernet cables running to each switch ?

if you have redundant cores/distro then every edge switch would have two uplinks(whether cooper or fiber). an edge switch should have a connection to each of the two redundant core/distro

ooo ok thanks

guess i should also add that the redundant cores should be doing VPC(Cisco) or MLAG and then the two links on the edge switch would be a portchannel/LACP lag

so there will be 2 cables that go into the pc or no?

im using 2 switches

and a wire would go from one and the other into the pc

so you mean from a switch to endpoint

yeah

thats more than most people would do, but you could do two connections to a desktop if whatever network card or OS it had supported teaming/bonding

will LACP give it 2 IPs ?

with LACP it would act as one NIC so it would have one Mac/IP

oh ok thanks for clarifying

no problem 👍

@clear igloo https://i.ryois.me/BpqbC1yE0y.png

It's still funny that I see other routers/devices on my ISP's side lol

thought it was concerning for a second but i guess it makes sense, they aren't going to block traffic between customers. if a neighbor was hosting a resource you wanted to use,like a game or plex server, that would annoy people pretty quick if they blocked it.

Yeah I also provide some support for a business that's on the same ISP as I am @dry bronze

They are on 100/100, while I'm on 1000/500.

I can max out a connection between them really ez 🤣

Really nice since most of my friends are on the same ISP, so p2p is fast af between them.

for a long time the hotel i work at had a 50Mb connection from the local fiber ISP while residential could get like 100Mbit as the slowest

I may have gotten 300Mb before work finally got gig

Lol

Trying to give my new WiFi adapter on Ubuntu a static address, does it have to be what showed up automatically or can it be whatever? It's the same hostname that it shows for the wired LAN.

It can be whatever IP in the same subnet as long as it's not already used. You'd probably have to delete the lease and then add your reservation.

it's wifi, that's around what I get

Ok, besides on mobile where I don't usually care to check I'm usually wired. Going to be cancelling my service and waiting for Starlink for a while. :/

what's wrong with it rn?

My service?

what are you paying for?

like on ethernet what do you get

My full 400Mbps+, but moving outside the city, new house built, and don't want to make any new holes for now, so sticking to wireless while I wait for Starlink to see how I'm going to setup the house.

ah so starlink in new location

makes sense now

Yeah, switching phone plans to deal with it for a bit, $170 for Viasat internet! No thanks.

Speedy

Depends on which field u want to specialise in, networking kinda broad

I would presume alot of companies need the role you are looking for

So mostly anywhere enterprise level i guess

And i believe the 'networking' in this channel topic refers to computer networking

Someone deleted their messages kek?

wifi is shit and pc shows this even tho ethernet not plugged in can someone help?? (peep halo infinite[ethernet doesn’t work don’t ask me to plug it in])

Is there a such thing as a DNS server validator? Like my router advertises via DHCP that it's the DNS server to use Internally; I'm sure it passes requests upstream in certain case where it doesn't know the answer (or it expired ttl). Though I'm almost certain it fails some DNS requests. For instance if I target an any request at it via dig, it fails most of the time but works sometimes.

The same any request targeted to Google DNS passes every time. I figure some other things may be failing, but figure there must be a test suite or something somewhere to find some more red flags

Funny enough if I go in the router and set the DHCP DNS server to Google DNS, everything seems fine since the router doesn't advertise itself as primary DNS anymore. If I don't set the DNS server and the router advertises itself, certain devices fail to connect (I posted about this several days ago: #networking message). I figure they may do something DNS-wise that the router borks at.

I'm already trying to convince Asus (router mfg) something is up... But getting an actual technical person as opposed to the run-around and phone tag sucks.

apparently the 3DS doesn't like my 10.x.x.x subnet

well i'll use homebrew to force it, i dont care

What is that subnet mask

a normal /24 subnet mask (?)

psh, only 1000/500 😛

what's the specific request

The subnet should be 255.255.255.0

on my desktop 255.255.255.255 works just fine

That's weird. It shouldnt. That is a single host, /32 network

Weird. But a /24 is 255.255.255.0 so try that on your 3ds and see

yeah googling 3ds 10.x.x.x did not give any useful results

so i resorted to here

Is this switch any good? https://www.netgear.com/business/wired/switches/plus/jgs524pe/

It's fine for basics

Could you recommend on a 48/24P PoE switch similar to mikrotik's switchs?

IDK if this goes in here or #tech-support but I'm trying to setup FTP on my local network, and the directories are listed, but I can't run any commands. Passive mode works, and I do have read/write perms. If there are troubleshooting steps out there, please do tell.

Should've stated I'm using my routers built-in FTP option, on a Linksys EA7200.

Fixed it.

it's the only gigabit plan they offer

current settings

@meager ginkgo TX high 😈

Hello. I am trying to look into getting a new router setup as our old Orbi mesh system is missing some monitoring and QOS features. I would like to stick with a mesh system because we have a little office shed thing that we use as a work office and need a solid connection. Any advice would be great. Would it be better to create my own mesh system? Thank you I’m advance for the help.

i have a PC that i need to have comunicate with 2 different home networks. they both have internet access, but one of them in much faster. Is there a way to set windows 11 to not use one network for internet? one will be wifi, the other will be ethernet

you just want the other one to access NAS?

if so, you can just mess with routes

well, its more like this one will be the NAS

i have a media server that i sometimes run on my main PC

ah, but you are basically connected to both, to just have access to the NAS from both networks?

you could change the metric for default route to be lower for the slower connection or get rid of that route completly

and windows won't use the connection for internet access, aka 0.0.0.0

not quite sure how that works

never messed with routs

in cmd do route print

maybe there is a better way to do it in windows, but from a networking perspective for me, this is the way to do it

is there a better way to have my PC be able to be accesed by both networks?

Something like: dig google.com @192.168.0.1 ANY fails intermittently but if i instead @8.8.8.8 it works fine every time

i was just thinking that was because it doesnt require any new hardware

I mean this would work

it would be more optimal to have ethernet on both, but other than that it's good

but windows isn't great for this stuff, but I guess you can make it work

yeah, its just til i can get a dual wan router

https://www.raymond.cc/blog/choosing-which-connection-to-use-with-windows-routing-table-editor-gui/

so there's a way to change the metric in the GUI

#3

ah cool! ill give that a try

higher lower metric means higher favorability pretty sure

“the network adapter with the lowest metric in the routing table will be used”

Yup, lower is better in this case

well... apparently, the media server i use cannot be accessed across 2 networks without running 2 instances of the server.

messed it up, yep

I couldn't remember 100% so I read your link to be sure 😛

know of a media server that can show on 2 networks?

As long as you have routes in your network it shouldn't be a problem

https://www.universalmediaserver.com/forum/viewtopic.php?t=14431

UMS apparently wont

hmm, you should be able to.

Oh you were trying to give the server 2 interfaces

You just need to have something to route between your two subnets

yeah I proposed that first a while back

Actually @amber hornet you could probably do Plex and your subnet that didn't have the server on it would just reach it from the internet

That might require paying for Plex pass though

not sure that would be too viable in my case. really need to try and keep everythign local. Part of the reason of having 2 networks, was to make sure that 2 of the PCs have un hindered upload for streaming

alternative to plex is jellyfin, I use it myself

jellyfin seemed to work out of the box

thanks

the top image is the one with no wifi

this is the one with wif

i keep gettign undetified network

why?

plus there is no dropdown

for the pc with wifi, the pc without wifi has it. i think thats supposed to be correct tho

Why are you trying to share that connection?

because i have no wifi adapter

on my main pc, but my other pc has wifi

So you're bridging one PC into another via ethernet.

yes

i heard it worked

idk im not good with networking

It's a non-conventional way of doing things

i have no other way

you need to share the wifi connection with the ethernet port (bridge) then plug the ethernet ports of the computers into each other.

ok lemme try

wait i know im dumb but would i have to unplug the main pc ethernet first?

yes

ok

okay you need a switch then if you are already using ethernet.

im not

i have this but i dont think my cables are long enough

ok ill tty thanks

I haven't looked into much, but would be nice to do the opposite; turn the WiFi adapter into an AP with the PC wired up with Ethernet.

still dont see it

think im dumv

that is coax it will not work with out adapters. MoCA.

so i cant do it?

o believe j have two

that is ethernet cables.

ohhh

i see what it is

imma just plsy offline games

thanks for helping

I think I'm going to try this.
http://woshub.com/how-to-create-a-wi-fi-access-point-on-windows-10

yeah that is basically opposite of what they were trying to do.

Just want to ensure it's going to bridge so it's all on the same subnet

ok bye

Looking for networking guys who can help a smart home guy figure some things out on a pretty basic issue I’m dealing with. 😅

@waxen scroll

Shelly's need to be on the same subnet as home assistant otherwise you need to use CoIOT

Cloud admins are not network or onprem smart

That reminds me to follow up about our cloud team trying to shadow IT

Yah, curious how that's going, lol

i ran cat 8 in my house and i want to create 10 gig network

i want it to look like that

server = nas

and i need 10 gig switch and router

switch - i was considering between NETGEAR XS708T and TP-Link TL-SG3428X

tp link is much cheaper and has 24 ports

but i don't know if netgear would be better even with 8 ports

in addition to the switch, what router should I choose?

Cloud Admins should be Network Masters

Unless they Single Cloud, Single Point Admins

Don't need 10gig router

If you only have 10gig between local connections, and therefore not routing, there is no need for 10gig router

i know that i need 10 gig router

Why

but i don't know which one would be good

because my isp provides 10 gig connection

Ah

Then yes

i need at least 1 gig on all computers in my house

and ofc 10 gig in local

Miktotik has a 10gig router for 200 bucks

But it only has 1 10gig sfp+ interface which means it requires a router-on-a-stick setup

i know

And configuration is not the easiest for a newbie

i'm a network tech so it's not a problem

and i could do this myself but i have a lot of work to do

so i need a little help with choosing a devices

1u x86_64 server or a router from netgate (for pfsense)?

it may be the server on pfsense

so

i'll have to just build a computer

Pfsense really doesn't have the best performance I heard

what about opnsense?

Same deal, its a purely software router

https://mikrotik.com/product/rb4011igs_rm

It's hard finding things with 2x sfp+ that aren't crazy expensive, this could work with router on a stick setup

Nice its even have poe out

https://blog.kroy.io/2019/11/21/battle-of-the-bare-metal-routers/

it'll be a lot cheaper to buy a router instead of building a computer for pfsense or something like that

Maybe pfsense could work, but idk I just don't like it

Uses more power

I love mikrotik but the firewall GUI isn't great

I mean how I can see the rules

Oh yeah routeros webui kinda sucks

But like vyos doesn't have a webui at all

ONLY WINBOX

ok, i'll consider the RB4011iGS+RM

and what about switch?

i though about poe switch but these i mentioned don't have ones

poe would be for ap ofc

You would need managed switch to setup vlans to do router on a stick. Miktotik has a 10gig switch but it's sfp+ and not really optimal for your setup

CRS354-48P-4S+2Q+RM

Its has 4 SFP+ and 2 what it called for 40G

why it's not optimal?

the router and the switch could be connected with that

Sfp+ vs copper rj45

Can't use too many sfp+ rj45 transceivers, as they use lots of energy and emit heat. Plus they are $$$

cost is not a problem because it's for work for 4 people

So like you can't populate all ports with transceivers usually

ah yes...

so what would be the best router and switch pair?

There is no best really. You can build a router, run vyos/pfsense/opnsense. Buy that mikotík one and run router on a stick. There's that 400 dollar one too, which has 2 sfp+ ports. It really all depends on constraints. Since you are going for copper cabling it would be better to get an rj45 switch.

computer for pfsense would cost me above 500 dollars so i'll choose these mikrotiks

thanks for help, guys!

If I'm powering poe device and one cave give it 15v and the other the same, will the device get a input of 30v?

It might be stupid Q

V? you mean W

No, I meen volt

What devices?

If it iot devices go with home asistent
IP cams goo with zoneminder

heyyooo guys does some of you know a good usb c to ethernet that can make 10gb/s

Doesnt exist. And in settings where you do need 10gbps connection, you probably arent gonna use usbc anyway.

https://www.amazon.com/Ethernet-BYEASY-Thunderbolt-2500Mbps-Compatible/dp/B09JZ7XGY1/ this is 2.5

https://www.amazon.com/Certified-UPTab-Thunderbolt-Ethernet-Adapter/dp/B07S8S9WWV/ for 10gbit

I mean, it exists on Thunderbolt Type-C

TIL

You can also connect 2 Devices Directly with C <> C if its USB 4.0

USB 4 20 Gbps and USB 4 40Gbps Host to Host connections does Host IP Networking over the C Cable

Can it replace my DSL modem?

Anyone had good results with NIC Teaming in Win10 or am I forced to stop being lazy and convert my home media server to Windows Server?

I have not bought the new NIC yet. But I figure Intel would be the way to go

Just use Linux

I'm already too deep in Windows to switch

Pain

Only reason I see for windows is AD and that stuff

You Cannot Nicteam in Win 10

From my searching it seems you can do it via PS and also Intel provides software for it.

Powershell will tell you > Cant be done on Consumer OS'

Well that's rather annoying

Thoughts on Intel NIC teaming in win10 then? They seem to offer it in their driver package

https://puu.sh/IyyFq/3f368ae110.png

IIRC, I think thats LACP Bonding

But thats the Proper way to do it anyways

Looks like this pos asus router supports it too, thunderbirds may be a go

i dont have got a single idea why

ive opened some ports on the device im connecting (firewall settings) and i made a regedit change (according to this: https://windowsreport.com/cannot-connect-l2tp-vpn-windows-10/ )

?

Maybe. But you'll need something with multi network outlets, as you'll need to get some more power in there. This should work #troll

How can I connect it with the DSL to rj45? I have only one DSL soucet

Just need a 5 port Dlink switch I guess?

I will just modem

hi guys, I have a VPS running a wireguard tunnel my minecraft server is connected to, how would I forward minecraft traffic (port 25565) pointed at the VPS through the tunnel to the MC server?

I imagine it has to do with setting up iptables on the VPS, but I also don't know how to tell the MC server to send return packets on the wireguard interface (or would it do that automatically?)

iptables -t nat -A PREROUTING -p tcp --dport 25565 -j DNAT --to-destination <MCIP>:25565
iptables -t nat -A POSTROUTING -s <MCIP> -j MASQUERADE

I found an article that had a different way of doing the second command:
iptables -t nat -A POSTROUTING -p tcp -d <EXAMPLE> -–dport 25565 -j MASQUERADE

specifies a couple different things and uses -d instead of -s, not sure why, I feel like if I knew anything about iptables I'd be less helpless at this

that just defines -p TCP (TCP Packets) and Port.

mine just masquerades all traffic to the MC Server

hmm, still doesn't want to work

the MC server is set to listen on all interfaces

just confirmed it doesn't seem to be an interface problem, spun up nginx on the MC server and the VPS is able to reach it using the wireguard vpn, but by adding the iptables command for forwarding port 80, I can't hit it using the public IP of the VPS

I think I need to start over, how do I clear any changes to iptables?

is there a such thing as a SFP+ keystone patch panel
where u can just connect a sfp+ module into it and it's just a female to female connector

I keep searching on the internet for how to get this working, and the iptables commands go through without errors, but nothing gets it working

I've resorted to troubleshooting with a vm lab and nginx standing in for minecraft, no matter what i do on the "public" machine, it wont forward through to my server

optical distribution frame?

Not for modules

For optical interfaces yes

No, the above mentions are correct
SFP* requires power (among other parts)

     rule 10 {
         description "forward minecraft to 10.10.30.60"
         destination {
             port 25565
         }
         inbound-interface eth0
         protocol tcp_udp
         translation {
             address 10.10.30.60
         }
     }
}
source {
     rule 10 {
         outbound-interface eth0
         translation {
             address masquerade
         }
     }
 }```
This is what the rules should look like

in iptable form ofc

I had issues as well

so I just switched to vyos

make sure ip forward is enabled

new router 😎

i bought a mikrotik cuz you guys here said its good

very confusing ui tho

my previous router had 100 mbps switch so i was capped at 95

Yo what wifi card should I consider buying since my motherboard doesn’t come included with wifi

routeros takes a while getting used to

I got myself a HEX S and learning routeros coming from EdgeOS

lmao

im trying to get port forwarding to work but its dummy might be my isp again doe

you need to make a destination nat rule. What are the first 2 octets of your WAN IP

ISP could be doing cgnat

in cli you can do ip address print

87.72

yeah you should be fine

didnt work on my previous router since recently so thats why

they could block some ports

ohhhh

im using the wrong mac address

that makes sense since my ip switched back

81.161

still no work

what's the rule you are doing

you also need to add a firewall rule pretty sure

cuz NAT is one thing, firewall is another

ah

here?

ye

https://help.mikrotik.com/docs/display/ROS/Basic+Concepts

still no work

what else i need to do?

looking things up rn. I'm learning routeros myself as well

this is firewall rule?

lmfao does anyone know this os fully

yes

yep its in filter rules

@tender hazel

apprently when you scroll down to action you need it to be dst-nat "To address" is the address you are forwarding too, and ports is self explanitory. You need to get rid of dst address

cuz when a connection is made from WAN, it will have router's IP in dst header

if you filter with destination which is a local ip, ofc it won't work

and I think with NAT rule it adds firewall rule from what I read? I'm not 100% sure

ok so add dst nat to filter and nat?

for now get rid of filter rule

yeah you need to specify to-address and to-ports

no work

if you use the default mikrotik firewall, all DSTNAT is automatically allowed without having to create separate filter rules

don't set the "Dst. Address" for the DSTNAT rule

well its default yes

this in nat?

yes, remove that

still no work

did you click the up triangle to remove it or did you just delete the address

up triangle

ok good

those settings are correct for a port forward

how do you know it isn't working?

canyouseeme

this good?

yes

hmmm

chain=dstnat

is correct

scroll down to action

it looks like at one point you changed chain=dstnat to chain=forward by mistake

yeah that's all correct.. are you on a pppoe connection or something?

my fault, since I thought you needed to add a firewall rule

pppoe?

if you are asking that question you aren't

make sure chain is set to dstnat

i have vpn but disabled for chrome rn

is the server running

no

yeah I would make sure at this point that it is actually running on your system on that port

lemme try 8096 then

well then there is your answer

yeah that's why it doesn't show as up

the server you are port forwarding to needs to be up to respond to requests

^^^

8096 still no show

and that one is up

windows firewall?

do you see the rule counter for the rule going up?

in the firewall list?

the bytes / packets columns on the right in the NAT list

probs, the packet count go up when i enter on canyouseeme

on nat yes

yes, so as long as you are using the factory default firewall the device came with, that means your rule is configured correctly and your computer is blocking the connection

windows firewall or whatever

you are better off using winbox to manage the mikrotik because you can customize the columns and it is snappier than using the web interface

and winbox also organizes things into tabs better in the settings, while in webfig all the tabs are stacked vertically into one long list

I'm sure eventually they will improve the look and feel of webfig

you would if it were not the default mikrotik firewall, but the default one has the final forward chain block rule set to "drop all other forward chain traffic that isn't dst-nat"

ahh makes sense

all of this is new coming from vyos/edgeos, trying to learn it

mikrotik does it that way so that you just make a dstnat rule and port forwarding will work, and also to make it so that if you want upnp, the upnp doesn't have to create filter rules, only nat rules

there's no operational/configuration mode which I am soo used to

yeah in mikrotik it is all in one.. which has some disadvantages.. the biggest being that the config exports in a way that assumes a blank config to begin with

so if you import on a router that already has config you can get errors because it will try adding a new bridge called bridge when there is already a bridge called bridge

if there was a separate config and operational mode, that wouldn't happen

@tender hazel also I don't get this. Trying to add a new network, netmask 255.255.255.0 which turns into 24. But what's the /32 for in address. That's the IP network for router I guess?

that's not correct

where are you adding that

DHCP Server -> Networks

ohh it would be 192.168.1.0

yep

you don't need to add a dhcp network that way

delete that

it is easier to use the wizard

first you go add the IP address to the router on that network under IP->Addresses

then you go into the IP->DHCP server tab and hit the DHCP setup button

the DHCP setup button will walk you through a wizard that creates the DHCP server, DHCP network, and IP pool, all three of which are needed for DHCP operation

I use the wizard all the time myself so I don't forget to create one of those three things

ah ok

it says it's invalid. is there a way to see what the issue is

it says the DHCP server is invalid?

usually the reason for an invalid DHCP server is if you are trying to set up a DHCP server on an interface that is a slave interface to another interface

in the case of slave interfaces you have to set up DHCP server on the master interface

I removed it from the default bridge I think

it says only ether3 is in the bridge

trying to set it up as my current ER-X is

and you went into ip->addresses and gave ether3 an IP address?

ether2, yes

or sorry yes ether2

under interfaces->interface list, what letters do you see next to ether2

show your ip address that you added to ether2

it's not there

oops

sorry I mean under interfaces->interface

the window in winbox says interface list at the top

# ADDRESS          NETWORK       INTERFACE

;;; defconf

0 192.168.88.1/24  192.168.88.0  bridge   

1 192.168.1.1/24   192.168.1.0   ether2```

ok yes so what you have on ether2 is correct

and show what is in interface

with /interface print

Columns: NAME, TYPE, ACTUAL-MTU, L2MTU, MAX-L2MTU, MAC-ADDRESS

#    NAME    TYPE    ACTUAL-MTU  L2MTU  MAX-L2MTU  MAC-ADDRESS      

0    ether1  ether         1500   1596       2026  08:55:31:FC:7B:8A

1    ether2  ether         1500   1596       2026  08:55:31:FC:7B:8B

2 RS ether3  ether         1500   1596       2026  08:55:31:FC:7B:8C

3    ether4  ether         1500   1596       2026  08:55:31:FC:7B:8D

4    ether5  ether         1500   1596       2026  08:55:31:FC:7B:8E

5    sfp1    ether         1500   1596       2026  08:55:31:FC:7B:8F

;;; defconf

6 R  bridge  bridge        1500   1596             08:55:31:FC:7B:8B

ether2 shows not running

yeah nothings connected

that's probably why the dhcp server is invalid

ah ok

I thought you had something plugged into it already

invalid is weird naming

like as if something was configured wrong

gonna plug into it and see

you might get more information if you run /ip dhcp-server print or /ip dhcp-server export

sometimes it shows in the command line why something is invalid but not the gui

yeah no it's fine. How can I enabled access to webui through ether2. It seems to get IP. I added ether2 to LAN interface list

yeah as long as ether2 is in the LAN interface list you should get access to the webui through ether2 automatically

unless you changed any settings in that regard

ex. firewall or some subnet limitation under ip->services

nope haven't changed anything there

guys is this subnetting calculation correct?

it works

as for this let me look

Why the calculator always show the network address 192.168.100.0

an example

your subnet calculation is not correct, no

it needs to be "even"

idk how to explain it

maybe with a diagram

you can't have a /26 subnet that starts at .8 and goes to .71

if you have a /26 it has to start at .0 or .64 or .128 or .192

not somewhere in between

oh even then network address have to follow the bits rule

yes

if you have a /25 it has to start at either .0 or .128, nothing else

what you could do to simplify things would be to have four /24 subnets, from 96 to 99 or 100 to 103

you could summarize them with 192.168.96.0/22 or 192.168.100.0/22

Largest # of hosts to smallest, always

u mean the network size?

Subnet the /25 first and then work down to the /29 last

I assume the only reason you are using these smaller network sizes is to try to put everything inside 192.168.100.0/24 to simplify firewall rules and such

School assignment most likely

school assignment?

if that's the case then yeah what I suggest may not meet the requirements

yeah it is, the most confusing part "subnetting"

school assigments usually have not practical old things

VLSM rules are to start with the subnet needing the most hosts and then work down basically

so if you have a /25 and two /26 networks, that takes up an entire /24 by itself

and the /29 would have to come from another /24

^ Correct

It's probably from 192.168.100.0/23 which would work

yes

is this correct? but i dont think i have enaf IP to use

Your /29 would be 192.168.101.0/29

the PNG LAN would have a network address of 192.168.100.192

You will be given one class C block of IP addresses that you must subnet and provide the IP addressing plan for the network. You are given the 192.168.100.0 address space to use in your network design.

Im given only 1 block of c address 😦

If they only gave you a /24 to work with though then it's not possible to fit it into a single /24

if you were told that you need to fit a /25, two /26's and a /29 into the same class C block, that is impossible

there is no way to answer that question

so did the question tell you that you needed a /25, two /26's and a /29, or did you decide that you needed that?

yeah even the usable address gone more than 255

what are the exact requirements to put into that one /24

it give this to me, and also a physical design
the WLAN is connected to the LAN of the same location

I'm guessing that the question didn't tell you that you needed a /25, two /26's and a /29

yeah so that's number of hosts, that's not telling you what subnet size to use

Don't assume they can be combined (wireless and wired)

yeah if wireless and wired are the same subnet they wouldn't split up the number of hosts in that way

here's the physical design for the conenctions, yeah the wlan r connected to the router

the only reason they would give you a table like that is if the wired and wireless LANs in each place were separate

Yup, they need to be separate, that's the challenge for you to realize. Just because they're in the same location doesn't mean they need to or should be on the same subnet

having two networks connected to the same router in the same place does not make them the same network

so it means im going to setup two vlan on one interface

are they even the same interface?

if you have two different interfaces on a router, they are not connected, they are two different networks

it is only connected if it is a switch and not a router

yeah should be, since only one fiber connection r shown on the question paper

Sub-interfaces

yes it could be vlan subinterfaces

but definitely those networks are separate

okay, lemme try again

or there would be zero reason to give you the number of LAN hosts and the WLAN hosts as two separate things

except to confuse you on purpose

||3x /28, 2x /27, and 2x /26 if my math is right based on the above||

that seems right to me, the question is whether they also want him to allocate /30 or /31 PTP subnets between the routers themselves

Probably /30s later on or use a different subnet

probably not but

yeah

I don't remember /31s being taught in the early classes but that could have changed since my days 🙂

we had a new network team member who joined our team earlier this year

she had her CCNA

but she didn't know how to configure an IP address in windows, and she thought that since 10.0.0.0/8 is class A that you could only use it as a single /8 and not subnet it

yikes!

isnt CCNA hard now?

and she spent most of her time at work studying cisco things thinking that that would let her get a higher paying job, because she was convinced that she should make lots of money after getting CCNA

It's like all the things I think (wireless/routing/switching/data center/etc)

so we let her go

kek

Haha, certs =/= money 😄

Maybe after you land the job if you're work tells you to then maybe

the school I went to for networking was similar.... "I'm an ex-HVAC tech and made no money, now im here for networking because $$$$$"

yup, she was convinced that she would suddenly get a big salary and an important position somewhere just with CCNA, even though she didn't know how to set IP address in windows

networking is waaaaay harder than CCNA / school level unfortunately ;/ . I was kinda mad when I learned that my schooling really was not enough to network on my own

such paper CCNAs are useless, we get lots of applicants like that who were not into computers or IT at all and then went for their CCNA and got that, even though they didn't really know anything else

The stories I could tell about people with certs who think the same way 🙂

the job that really taught me networking didnt care about my CCNA

I let my ccna expire I didn't see any value in it

I was the only student in my class that went for it

the stupid thing was that she was in a position where she could have learned a lot more varied things aside from just cisco, things that would have helped her get a better job

Had people with certs all over their resume, on a VIDEO interview, try to google questions we asked them

but instead she had a one track mind that if she ignored everything else about computers and just learned cisco, cisco, cisco and absolutely nothing else, that it would be great

Certs don't make you smart, I've tossed a few resumes with CCIE on them and zero work experience (fresh out of college) because of that

"oh, I don't have to know how to use windows, I'll just learn cisco and cisco only and nothing else and everything will be great"

it shows how out of touch such people are

I'd rather learn networking concepts that can apply to everything

Even if you're in a pretty much only Cisco shop you still need more experience than just that

exactly

she didn't know that

i think it looks correct now 🙂

but sometimes the marketing people or trainers make these lofty and unrealistic promises that you can just get a CCNA and start making a fortune, omitting the fact that that assumes you already know a bunch of things about computers and not just how to send email and use a web browser

negative

You need to change those to /28s, there are only 6 usable addresses but 8 hosts in the last two subnets

But pretty good otherwise

not sure what new CCNA teaches but old one did no BGP. You pretty much couldn't work most jobs that hired for network engineer

(Note: Remember that the interfaces of routers also require IP addresses and are included in the addressing scheme.)
I think the addresses r included 🙂 finally get it right

Still, the network and broadcast aren't usable on the interfaces as is

wait what

Unless you do /31s you cannot use a broadcast or network address on interfaces/hosts/etc.

in most cases*

I once complained to a sysadmin who stole a .0 address from me in a /23 . That's premium space. I WANTED it for my VM 😦

Yah, when you move up to /23s and start having .0 hosts that was a whole ball of fun for me starting out, lol

think of broadcast and network addresses as reserved/unusable in most contexts

what he means is the number of usable addresses is 6 for the last two subnets

you can't fit 8 hosts with only 6 usable addresses

number of usable addresses has to be >= the number of hosts you will have

Yah, he (BryanC12) was saying the network and broadcast could be used on the router interfaces which isn't the case

ive yet to meet a CCIE resume in which I was able to successfully validate it on the cisco website

when that happens I toss it

so it mean when host+interfaces=8, i still need another extra two for thr reserve

yes, convert them to /28s and you're good 🙂

(Note: Remember that the interfaces of routers also require IP addresses and are included in the addressing scheme.)
^^^ I assume that is saying that the router IP is included in the "hosts" count

Yup, that's how I read that

if the router IP wasn't included in the hosts count you would need yet another IP for the router

Cisco's Website for Validation is Hit/Miss/Miss/Miss/Miss many times for some stupid reason.

yeah, like its case sensitive

And there are a few times where they do like ALL CAPS for some peoples names

@nova igloo the router is considered to be another host on the subnet, so is in the count of hosts

I had one where there was 2.... yes TWO spaces between the names

when you do a usable addresses calculation it tells you how many usable addresses you have for hosts

I have let a few misses through but they usually fail the interview or I tell HR they need to check with cisco if/when an offer is made

which means hosts, including the router, can only use those addresses

so if you have 8 hosts (which includes the router) and 6 usable addresses for hosts, that will not work

i see, so now i only have 5 usable address

i work in banking so they do those crazy background checks anyway

as I said the router counts as a host, so 6 (5 other hosts + 1 router host)

if you are excluding the router itself there would only be 5 usable addresses yes

Ever since Cisco went CompTIA Trash Tier on their testing and whatnot ... ive started asking for other types of certs as primary req

have they? I feel like its harder content these days

that's why it is important that the question specifies whether it is including the router in the host count or not.. and in this case the note clarifies that the router is included in the count of hosts

CCNP got easier I think, but CCNA harder

yeah CCNA harder... but CCIE was dumbed down pretty hard

So, will my ip works now? since the NOTES mention that it is included in the HOSTS count

not with the /29

that's what we were trying to say

and CCDE .... ugh a joke

No, you need to convert the /29s to /28s
You're requirements are 8 usable/host addresses

oh yeah forgot about the question is 8 hosts not 6 hosts 😄

yes

honestly if you're a real CCIE who did their time, I dont know why you'd apply at my job

I wonder if CCDA is relevant anymore too

it looks sexy now haha

real CCIE needs to be designing new stuff constantly, not adding onto existing

It doesn't exist, it's all CCNA for entry level now

Just use the 10.X.X.X Class

i cant, its an assignment

10.SITE/LOCATION.SUBNET/VLAN.HOST/CLIENT

a big issue is that cisco is still pushing classful addressing these days

emphasizing it too much

they don't push ipv6 as hard

unfortunately

meanwhile it is only something of historical interest for the most part

It helps ease you into subnetting which can be tricky but at least they aren't doing classful subnetting still XD

Class a/b/c needs to be dropped though, I agree

kinda like the old rule that when you subnet something, say a /24 into a bunch of /29's, the first and last subnet are not usable.. that hasn't applied in many years and is still taught sometimes in the modern day

yeah well, most companies arent letting you put v6 in anyway

IPv6 is the devil!!!!
hiss

Which is asking for trouble.

IPv6 is literally easier than IPv4 to handle.

i might try to get [large finance company] to put v6 PoC in this year cause we got more team members and I might have time

it's gotten so bad that our college network administrator isn't even allowed to use the commit or save commands on the switches. they def will push back so hard if he suggests ipv6

Well they might not have a choice

With IPv4 Ran out.... newer services on the internet are using IPv6 Only

one big driver towards IPv6 is cellular providers going to IPv6 only and providing IPv4 only over 464XLAT and other solutions

I can tell them we can PoC with the public wifi and use that as an excuse to get it deep into our cores

T-Mobile is set to start de-commissioning IPv4 on their Cell networks

which breaks IPv4 VPNs

so then you have to tell your employees sorry, you can't use the VPN anymore because your cell provider only supports IPv6 and we don't

orange did it last year

Newer Residental ISP's only have IPv6 too

464XLAT.... lol that sounds like a crazy acronym

@plain siren i worked for [Major US retailer everyone knows] and started ipv6. I found someone already turned it on in the internet edge.... I noticed no ACL on the interface... I went to an SSH website like "no... no they didnt..." ssh worked. LOL

it is essentially like a proxy server to let you get to IPv4 only websites with only IPv6

it works fine for websites but not for VPNs

Oh god

ssh was exposed for about 2 years

the other thing that will happen is meraki is adding IPv6 into their MX line, currently the support is in public beta

when that is generally released, suddenly all these merakis that upgrade are going to begin to request IPv6 by default

and many companies who did not have IPv6 before will suddenly get it because the meraki is doing it on its own

Department of Defense had AT&T wire up one of their "DoD Towns" (A City with a bunch of DoD Employees) with Fiber... and they did CGNAT + No IPv6

@plain siren we use 3rd party ddos filtering. i'm praying they dont charge extra to turn on ipv6, otherwise this project is dead before it began

DOD Called up AT&T and got on their ass so damn hard

They had to send one of their Datacenter Babysitters down to go reconfigure the entire thing to IPV6 Native

there aren't really any IPv6 DDoS attacks yet.. though they will likely increase over time

yeah, compliance / risk dept dont care. needs filters

If they charge extra for IPv6, Id be so pissed off.

it is really nice that on routeros v7 IPv6 is enabled by default

Like come on people, IPv4 is technically OFFICIALY DEPRECATED by the Number Authorities....

i cant threaten them with cloudflare cause they're a crap service that breaks half the internet a few times a year 😐

it is now built in instead of a separate package

Cloudflare doesnt even like this themselves

there is a "disable IPv6" checkbox only because many users demanded it

They know they have too many people relying on them but no competition to push

but the IPv6 menu and firewall rules are still there

Im that crazy bastard that does IPv6 Only internally and NAT64 + DNS64 at the edge for IPv4

OK next year im telling architect we're doing v6!

lets gooooooo

its pretty damn easy tbh

we can at least try on public wifi and test VPN appliance

Give router Prefix and IPv6 Assignment.... it screams at all the clients "HEY... We got XYZ/## Assignment... Pick your own fucking IP"

so idk about that part

Router Advertisement.

we have load balancers that need to know IPs... not sure how annoying that gets over time

The generated IPv6 is generated based on the MAC Addr for the Host Side of the IP

its De-Facto Static.

right but if VMs are dynamically built and such thats gonna be annoying

they cant just slap known IPs in, it'll keep changing

Thats why you use local DNS with automated Client Entries

true

In reality, you shouldnt be using IP #'s at all in Application Configurations and such

i think right now they use IPs for node records

we have to revise our naming scheme, it is too long

we used to have a much shorter naming scheme but the naming scheme was extended to include lots of extra information about the device

things like the manufacturer, the deployment type, the company that owns the site, etc.

@clear igloo is your customer using dynamics in the server subnets?

host1.vm.application.domain.tld
host2.vm.application.domain.tld
host3.vm.application.domain.tld
host4.vm.application.domain.tld

vm.application.domain.tld = Load Balance the host1-4

it made the names so long that people started using the IPs and is now a barrier preventing us from people using the IPv6

Not sure, I think so, haven't asked in a long time, I just inject routes to test scale based on their network profiles 😛
If you mean dynamic DNS, I think so

so I'm trying to push for a new naming scheme that is short enough that people wnat to use the names

does cisco have a CVD for ipv6?

I'm sure they do, I'd be surprised if they didn't, lol

the naming scheme is not the place to document lots of information about the device

if it about making a short name to uniquely identify that device so that you don't have to connect with the IP

im curious what cisco came up with vs what I come up with

They have one from 2008 as the first link on google XD

https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/Aug2013/CVD-IPv6AddressingWhitePaper-AUG13.pdf

2008 so long ago

nope, only learn how it works

42 pages? not bad. I might read it all

CVD is cisco validated design, basically a best practice guide of sorts

yeah, but there r zero marks related to IPV6

@plain siren our IPAM better support it free too, i'd also rage if not

Whats your IPAM Solution

bluecat

hope human can fully migrate to ipv6 soon, less complex 😄

yes it does

@plain siren when opening that it gives a warning that it is an outdated version and there is a much newer one available

https://www.ciscopress.com/store/ipv6-for-enterprise-networks-9781587142277 I bet they mean this

huh do I have that book?

brb *checks

no it says to go to cisco.com/go/cvd for the latest version

Yeah but it aint there sadly

I did have the book but it belonged to someone else. heh. oh well

Prob because they started adding IPv6 to their normal CVD's anyways

Like https://www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/SDWAN/SD-WAN-End-to-End-Deployment-Guide.pdf

You can also still deploy IPv6 Statefully with DHCPv6 to ease into it

so I did this exercise years ago and ended up choosing DHCP and I dont recall why

i looked at a feature matrix and went "hell no" to other options

Its an easy way to Keep Track of Assignments

Although, an IPAM + DNS Solution should do just as well if not better anyways

how does DHCP flags work for eui-64?

i will do you networking folk proud and use ipv6 for my network whenever I move

like doing pxe

Oh, Linklocal

its part of the RA or something?

notice how the last half of the IPV6 matches the Link Local IPv6 after fe80::

yes, the RA says in it whether the device should get Other information from DHCP with the o flag

if the o flag is provided the device should make a dhcpv6 request to get those additional options that you want to set like PXE

cool

ok next question... /127 on PTPs why wouldnt you?

lurick does /64

/127 on PTPs is fine

DHCPV6(config)#interface FastEthernet 0/1
DHCPV6(config-if)#ipv6 address 2001:2222:2222:2222::2/64
DHCPV6(config-if)#ipv6 dhcp server STATELESS
DHCPV6(config-if)#ipv6 nd other-config-flag

And bang, RA is setup and done.

it can be done as a safety thing to prevent the neighbor discovery table from filling up

however even if you are using /127's, you should still treat them like /64's and only use one /127 per /64

instead of trying to shove all your /127's into one /64

I can see /64 on PTP to ISP cause you can advertise it and people can reach for traces/pings

yes, it is mostly for internal use at an ISP that you would use a /127

because as I said you can prevent a neighbor table from filling up

but in all honesty in many cases you don't even need to use /127's internally because OSPFv3 can establish neighbor between two routers over link local

so you don't even need PTP subnets everywhere like in IPv4

Ipv6 actually has a "Standardized Block Size Intention Layout" too

we don't use PTP subnets at all in IPv6

we use link local for that, most routers only have their IPv6 loopback and that's it

so how does a traceroute work with only linklocal on the link

it works, but it returns the global ipv6 loopback of that router instead of the closest interface like it would with IPv4

for us that wasn't a big deal

oh? ill need to lab that

the nice thing too is that it keeps the routing table size a lot smaller

our IPv6 routing table is half the size of our IPv4 routing table because no PTP subnets

lucky for us we're our own private provider so ATT cant be like 5k prefix only

And god bless the death of NAT