#networking

also the topton ones have intel 2.5gbe nic's

Its ok, I fired a laptop at work the other day. Spilled water on it. Dried it off, thought it was ok, then a couple minutes later it just died, sigh.

I have hopes of resurecting it I think it's just the linear regulator that I popped

anyway the one I have has 32GB ram a 1tb msata drive

and has proxmox with pfsense virtualised with pci passthrough (this works great) and a couple of lxc containers

pci passthrough means the host gives the physical memory address of the pci device to the guest which then uses it's drivers for the hardware.

https://www.alibaba.com/product-detail/Firewall-Mini-PC-Ce-leron-N5105_1600464492523.html?spm=a2700.shop_plgr.41413.13.2410165dqDD3nT is way more hardware

(it's got 30% more performance than the protectli) and 2.5 gbe intel nic's

Yeah, am looking at it now. I don't have infrastructure to support the 2.5 gbe network.

futureproofing 😉

also if you get a wifi6 ap you need it to support AX3600 you could just hang it off an interface directly

that does take nvme ssd's not msata

it wasn't out when I ordered mine 😦

so this is my house 'compute' virtualiser.

things like freeswitch, maybe some logging

the current lxc is running the controller for tplink omada (like unifi but cheaper :D)

Wish they let you customize it a little more. I have an NVME drive already, don't really need to get one with another.

?

Do you have a static block?

I have two Ip's available to me, not a block of them.

how do you set those 2 IPs

Because the UDMP won't request 2 DHCP IPs on the same interface.

and it shouldn't.

but if you had static info, you can set your IPs with "additional IPs" https://i.ryois.me/lV2gjmxQcI

and then in each network, you can set the IP it should use via "Internet Source IP"

Right now? I run two different firewalls. Since it is beyond my technical knowledge to configure the json scripts to get a USG-3AP to handle two IPs. I just split the connection coming in, one goes to a PFSENSE box for my weather network and one through the USG for my main network.

the usg has config.gateway.json, new UniFiOS stuff (UDMP included) don't.

Yeah, I don't have the new stuff, that is what I am debating on getting, or just dropping Unifi all together and doing with PFsense

And after my internet speed boost, I can't even get this USG to talk to the Controlelr software, I dunno whats going on. I didn't make any configure changes, but it just shows disconnected

I'm sticking with UDMP at parents house because UniFi and it's easy lol.

It became 'disconnected' right after they boosted my speed to 1Gb

I do like the interface of Unifi stuff

I do like the configure on the pfsense and that I can use whatever hardware I want.

But I do have all the other Unifi stuff already as well

And I just found out you can get Sopho's XG software for free for home use, so I might try that since I use that at work.

idk what this is but.... blob for mod

Kek.

Is there a way to setup a Windows Hosts File for only a specific Interfacce (Or Maybe even Wifi?)

I would like to be able to seemlessly access my local NAS from outside my local Network, so I setup a VPS for Tunneling the connection. The problem now is, that even in the local network, all the traffic is routed through the VPS, which limits the Speed to my local Upload Speed.
The Idea Was to tell my PC to instead of resolving the domain via DNS, it should just use the local (LAN-IP) address to connect to the NAS.

lol

Use routes

Idk how to do it in windows but basically it will tell windows to use the normal interface for 0.0.0.0/0 aka internet

And vpn for 192.168.0.1/24 or whatever your lan is

No, I want to tell windows to only use the VPS routing, when outside the local network

Oh I see

The vps is acting as a reverse proxy?

Use split horizon DNS

Hmm.... Basically I setup my own DNS for my local Network? Which intercept DNS requests for my domain and returns the local IP instead? Doesn't Windows do DNS Caching?

well yes, you set up a dns server. Many routers already have that as an option

caching may be an issue, but you can set a lower TTL

https://www.youtube.com/watch?v=a9_7XI6MRBk

who would have guessed

Its prolly still faster than buying internet, atleast for their local servers...

Mine doesnt, but since I have a server running anyway, I can just setup pihole or something like it on there, and either manually set the dns server on a per netork basis, or maybe I can use arp poisoning to override the default dns (why tf cant I just change it in the router, lol)

Is it not an option in DHCP

you can setup something like coredns

Which part if that? And I thought if I run my own DNS anyways, I could do adblocking at the same time...
That is why I planned on using pihole.

dhcp allows you to tell clients what DNS server to use

I guess yeah, I'm not a fan of DNS level adblock

nor pihole, which I find meh

Its not great, but something...

adguard home is another option

But I cant change that setting in my router for some reason... Thats why I wanted to use ARP poisoning, to replace the routers internal DNS, or Ill just ignore DHCP and configure a static Ip and dns for my main machine....

never really done anything with ARP, so idk.

You can change DNS server while letting IP be set by DHCP

which is what I'd reccomend, I avoid static

Looking for a way to view all traffic that goes threw my network aka visited websites and searches. Not looking to install software on every device. With the push to Https its a pain in the butt to monitor now. any ideas ?

the only way is probably dpi but you can't really see much stuff

I was looking at a possible hardware firewall between the modem and routor that implements SSL Inspection via a Proxy server

because searches would be in tls and you can't break that without ssl inspection

ssl inspection seams the only way to go. any thoughts as to the best way to implement it ? I did find a Sonicwall NSA 240 which looks like it might do what i need.

Sophos XG seems to be able to do it last time I checked

SonicWALL is also a good option

DPI really, at work we use sophos

Besides setting up a basic ass Squid proxy which is going to be a pain in the ass.

yeah proxies with https are a PITA

Yea so going that route i would need to manually install the Proxy Cert on all devices so they dont get a warning.. wonder how much of a pain that might end up being.. I have such a mix of devices. Androids, MS, Iphones.

That's what a MDM or group policies in AD is for.

a big pita without what blob said

Otherwise you are going to have to do that process.

with MDM or policies it's not as bad

MDM ?

mobile device managment

ahh got yea

my head hurts

tempted to hire someone lol

Tbh, buy a SonicWALL or Sophos. Those are pretty easy and will operate in bridge mode.

Throw it between your router and a switch with everything else.

if you have a switch with port mirror, you can mirror a port to a box to do DPI

found this one on craigslist.. seems to be a decent price https://vancouver.craigslist.org/van/sop/d/vancouver-sonicwall-nsa-240/7461335812.html

a SW or Sophos will be able to do blocking if you wanted as well

$100

https://i.ryois.me/Z0c6SR3OB4

my connection is 700 down - 300 up

Then it'll bottleneck

sob

What about something like this then. https://www.ebay.com/itm/234480237365

https://www.sophos.com/en-us/products/free-tools/sophos-xg-firewall-home-edition

yea that would work.. Would that go between the modem and router >

?

Yea

oh they have a free one, didn't know that

lol has a vga port

well kinda

depends on what sort of stats you want, since router would be doing NAT

Well, not modem and router.

so everything would seem to go from one IP

Between router and switch like I said before.

yeah, that'll make more sense

Thought they said something else. ¯_(ツ)_/¯

hmm i do have a windows server soo https://www.sophos.com/en-us/products/free-tools/sophos-xg-firewall-home-edition might be an option

that'll have to run in a VM and you'd need to configure bridging.

network setup with it virtualized may be an issue

how so..

depends on hardware

The appliances out of the box will either be in bridge mode or receive port mirroring.

if you have dedicated NICs for the vm it'll be no issue

You need at least 2 physical NICs and give each NIC to the VM.

yeah, unless you use VLANs

If it were me, I'd spend the $100 to get it preconfigured and a dedicated box.

which with 1gig will bottleneck with router on a stick

Since if this goes down, so will everything else.

yep

Its a AMD A10-7800 With 16GB DDR3 ram... its Lukes old PC from Season 7 scrapyard wars lol

why I don't virtualize any of my network stuff

if it's dedicated to only firewall I guess?

not very efficent tho

nothing i do is efficient

It might route gigabit fine.

But it probably won't SSL decrypt fine.

doesn't that rely heavily on hw acceleration

Plus it'll consume a lot of power compared to that little box too.

yea your right about that

Ok well thanks, I have a few options to look at.. Thanks for the help

can I vote blob for mod, please?

I do not want to be a mod lmao

we need you to kick out the speedtest people xD

@clear igloo @waxen scroll remember how my ISP gives me as many dhcp IPs I ask for? 😂

because of new mac address>

Today they must’ve noticed and asked me to “fix router wiring because we are seeing multiple IPs on a single ONT” 😂

Yeah lol

oof

Idk why they don’t limit it on their end either

Lol i dont make staffing decisions.. Those come from the big man generally

10% to the big man upstairs

well i think hes a man.. Honestly i think they are 50% robot..

i cant work all week like that

Just a dumb question: Is the Di Query Time the "Client Side" time it took to resolve the query, or the Server self reporting?

99.99% sure it's the time difference between when the request was sent and then received

since I can't find anything in the DNS protocol for server time

At a bare minimum they should be limiting it to 2 MACs (tshooting, replacing router, etc). Not limiting at all means they probably have next to no basic SP best practices in place

you have to wonder how they caught it

homie must have made them run out of ranges

😛

my comcast locks to a mac address

the only way to get a new lease with another address is to reboot the modem

is there a way to make QoS limit bandwith for everything EXCEPT specified devices on ASUS routers

when im gaming, if someone uses an apple product to stream anything, it completely destroys my network

even simple things, it will just suck up internet

Probably getting calls from other customers who couldn't get an IP lol
Blob causing small scale outages

hey. when i don't stream, i get about 60ms on a select minecraft server. when i stream, i range 150ms-300ms. i have 20 upload (spectrum for residential. we pay for 400.) and ive streamed in 144fps perfectly in the past. even when i stream in 60fps, it drops even more and makes my ping even worse. i have a rtx 2060, r5 2600, 16gb ddr4 memory 3000mhz if that helps. and yes my PC does have antennas on the back 🤣 if anyone can help that'd be greatly appreciated. again, my ping is perfect and low for me when im not live, but when i go live, it spikes up and stays there.

(im on windows 11)

1: my phone speeds on the wifi

2: my PC speeds on the wifi

Do you mean stream in from yout pc to your phone, or from the pc to a streaming service?

If its the first, id guess your ping includes stream decode time, which might be quite a lot if your phone is not that fast...

ok so, I use streamelements OBS to stream with my PC. im comparing my phone to my PC's speedtest (at the same exact location). would this be a network adapter issue, antennas?

also ive gotten ddossed in the past and I asked my ISP to change my IP (since spectrum residential internet is advertised as a dynamic IP) and they said its against company policy to do it. my friend was on call with them and they kept saying that. pretty horrible customer service so my ISP wont do anything about it

I want to, but do you think a 12900k could do more than 5gbps of networking routing?

with the new w680 chipset, I'd like to take the leap, but the edgerouter is just so efficient as it is.... idk if it even makes sense

but there is no edgerouter with 2.5gbps ports, only the expensive 10g ones, which is why i want to move away from it to a w680 system

can anyone here offer some help with odd network traffic coming in through my network, its been happeneing for a few months now and my ISP is...well.....useless

I don't dabble in software routing but just what Ive read in threads, 5gbps is supposed to simple to achieve for even low end CPUs.
I could never justify the power draw though

If you're talking about traffic making it into your network, that not the responsibility of your provider to troubleshoot

The last time I did software routing was on PFsense with a Intel Celeron Processor N4100 and it could barely crack over 200 mbps. I wasn't using an Intel NIC, tho, idk if that played a part in it

Maybe not that low end of a cpu

oh no, as in they wont provide any information what so ever, for months now iv been seeing logged intrusions and UDP port scan attacks, the intrustions are logged correctly, and are coming from all over the placem byt being stopped as far as i can see

the UDP port scan attacks though, there all going for my IP obviously, but all the logs are from way back in 2010 but there showing up right now, i have no idea about this stuff so im clueless

Thats just internet noise and normal to see. Internet is full of bots.

ah ok, was gonna say kinda odd im getting logs from way back in 2010 xD

Hey can anyone help me setup adguard for my home network on my server. I'm having trouble making it thru the whole network

I have adguard up and running but now is the setup for my router and I'm stuck there

Is it safe to say that in the OSI model the data layer is what's responsible from getting packets from one end to another?

all of the first 3 are

technically 4 as well

Someone in the network area changed out their cubicle name tag with “Layer 8 engineer”.

human layer

Lol. Loved the terminology though.

Ya I realize that, i'm learning about the main difference between the 3 and so far i've understood this: that the physical layer is as the name says the physical connection, the data layer then moves the data in and out of the physical layer, the network layer is what routes the data from point a to b, please feel free to correct me if I got anything wrong

yeah in a way. I think of it in like "domains" L2 domain is a whole network with just switches. You can have communication between devices on just L2. L3 introduces IP addresses

L2 issues are the worst

Which layer handles error detection and retransmits?

Uhh idk actually

It’s been a long time since I’ve dived in to this, but if it’s not layer 2, then the responsibility is shared between the different layers

TCP does that

But there could be also something else underneath, not sure though

Could be some overlap

I think there isn't tbh

Nope there is

oh so l2 is like say my house has fiber cable internet, so through then it communicates to my router?

or a switch

Ethernet aka l2 has error detection, idk about correction tho

Uhh what? I don't really understand

But yea. I like to imagine mailing a package, but it gets smashed along the way and it’s not like the mail can just… re-deliver it. I have to uhh.. re transmit. Therefore, I’m part of the responsibility chain to get the packet intact to the person

Important thing, routers work on l3 and connect together l2 domains. Switches are just l2

I'm asking if layer 2 is just communication between network devices, like you said, with switches

Yeah basically

So like your router to ISP router

That's one l2 domain

Your lan is one l2 domain

sorry for the weird analogy

There could be other clients on the same domain, there could be not, depends on ISP design

what i dont get is, what does the network layer do differently? doesn't it just give the devices in the network ip's?

or L3

DHCP is used to give IPs

At least in v4

Then what does L3 do different in comparison to L2?

Completely different technologies

L2 works with MACs and stuff like that

Ethernet is a protocol itself

Don't need to use ips

I think I know now, thanks 👍

Ethernet is IEEE 802.3

If you want to look at the technical standard of Ethernet

You kind of lost me there, but i'll add it to the list of stuff to look up

Really it's a bunch of standards on top of standards

Present, have you looked in to or heard of Bundle protocol?

Nope

Yeah, I started learning about computer networking a few days ago, and all of these standards on top of standards are kind of crazy, lol

What helped me is looking at how a packet is structured

How inside the Ethernet frame you have the IP data, Port data, etc.

So pretty

And thinking at a packet level

Basically, imagine it sitting around layer 4 with a store-and-forward time of hours/days/weeks/whatever. End-to-end connection is not assumed

Structures 😍

Sounds like something for space use

NASA is experimenting with it for planetary communications networks. Basically at least doubles the throughout

Bingo. Might be good for military use too

I have found a computer networking enjoyer in the wild, hello! 😃

Do you have more info on this

That sounds interesting, will do that as it sounds interesting 👍

NASA has a few public resources. But googling “nasa DTN” will get you in the right direction.

DTN = delay tolerant networking

Found this rfc https://datatracker.ietf.org/doc/html/rfc5050

Yup. RFC 5050 is the latest version of the protocol that I’m aware of

Basically, I see it mostly beneficial for disaster scenarios when public infrastructure might be overwhelmed or offline

Lol rfcs are the only instruction manuals I need

It’s also independent of the underlying protocols, so… Bundle protocol over Bluetooth, ham radio, carrier pidgin… all valid transports

Very useful for IP over avian

Lol. Glad you’re familiar with it.

When I was bored at work, I started attempting to write bundle protocol with… Powershell

A stupid endeavor I’m well aware of. But thought it would be fun anyway to see how far I could go

Sounds like a deep rabbit hole to me lol

Believe me, I did not get far at all. Only implemented 2 … parts? Aspects? Out of like 50. And those were the super easy parts

Ugghh do i have to set seperate folders for movies and tv in plex? Ive gotten by just fine having my media in its emalgamation of folders and "downloaded from xyz" files

Itll take me hours to clean all this up

been thinking is it good to know both about tcp/ip and the osi model?

Anyone here know the difference between a Unmanaged and a managed network switch?

One is managed; the other is unmanaged. 😄 Ha-ha. I'm not funny. More seriously, unmanaged switches are like power strips in that you plug one into your router, modem, or other DHCP server to essentially receive more physical ethernet ports. Managed switches can function the same way, but also provide the ability to control how the ethernet ports route packets. Most home users want unmanaged switches.
https://homenetworkgeek.com/managed-vs-unmanaged-network-switches/

Oh thats a great description thanks :D

Soo.... I just set up my local dns (bc my Routers one is trash), and wanted to see if it works. So I used dig a.domain.I.own @lan.ip.of.dns, but that got me a result even after stopping the dns-server, with query time stillat 0 ms. Is that dig ignoring the supplied nameserver, bc jts unreachable?

that being said.. out of the box... a managed switch will work just like an unmanaged switch.

they can just do.. more if you need tend to have bigger memory for mac tables

@gray knoll what was in the result section?

does anyone know of a poe (802.1af) powered ATA? I find references online to a planetvoip unit that used to exist..

but the grandstreams and ciscos in my local market seem to need a wall wart.

If I broadcast n/ac rather than just ac will performance on ac be theoretically worse?

Not 100% sure if you mean Answer section, but that was

my.domain.com.    TTL IN A MyIp

Where TTL always was a number between 60 and 1, so it was propably cahed, but after the minute, it just reset back to 60. my.domain.com and MyIP were obviously changed, dont want ddos attacks on my vps or similar stuff...

not the answer section 😉 the server section 😉

Ohh.... Seems to be my standard DHCP-DNS... Why does this work? Please, dig, dont just silently fallback to a different DNS on connection fail...

That does explain, why it takes ~1 second to run dig, if the first connection has to be refused first...

i want to setup an ssl cert on my server but my i have forwarded ports 80 and 443 to 2280 and 2443 instead. Can i still use an ssl?

how do i go about setting it up? Does it cover everything under the domain name?

an SSL certificate just verifies that you own a particular domain

beyond that you can configure it however you want

https://www.youtube.com/watch?v=a9_7XI6MRBk

🤔

yeah i mean to be fair, it wasn't an issue with the wireless part

yay stupid 10 gig sfp+ to rj45 adapters

Probably the reason for the instability of the speed test. I assume they just went with the 30m SFP+'s

They have replaced it already, and from the way he phrased it, I'd say its still 3G/S up und 1G/s down, even after the "Fix"... But maybe Frimware will fix it... Who tf knows... Or maybe one of the dishes picks up interference, the other doesnt... we will propably find out at some time... Once the ZFS-Pool is repaired...

im trying to login to my generic wifi extender hoping to get root access
however im not very successfull

Trying 192.168.10.1...
Connected to 192.168.10.1.
Escape character is '^]'.
login
HTTP/1.0 501 Not Implemented
Date: Thu, 26 Jun 2014 10:27:41 GMT
Server: Boa/0.94.14rc21
Accept-Ranges: bytes
Connection: close
Content-Type: text/html; charset=ISO-8859-1

<HTML><HEAD><TITLE>501 Not Implemented</TITLE></HEAD>
<BODY><H1>501 Not Implemented</H1>
POST to non-script is not supported in Boa.
</BODY></HTML>
Connection closed by foreign host.
tryzen@femboywerewolves:~```

anything i type

seems to result in this error

Have you tried GET /?

ill try

no permission

this is what would happen in a browser

Have you tried just googling "root on wifi extender xy"? Because stuff like that would prpably be hard if not impossible to just figure out on your own without any real exploitation knowledge...

root is root
password is admin

i figured that out already

https://gathering.tweakers.net/forum/list_messages/1586466
(dutch website)

wait

i can set password to nothing

it will disable protection

Maybe? You can at least try

I recall from listening to the live stream they just ordered the SFP but have no replaced it. Id have to rewatch it. Either way, that should have never been an option for his use case.

just looks like that the wifi extender doesn't accept telnet connections

@gray knoll

Trying 192.168.10.1...
Connected to 192.168.10.1.
Escape character is '^]'.
GET /
<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
<meta http-equiv="Pragma" content="no-cache">
<meta HTTP-equiv="Cache-Control" content="no-cache">
<meta HTTP-EQUIV="Expires" CONTENT="Mon, 01 Jan 1990 00:00:01 GMT">
<meta http-equiv="refresh" content="0; url=index.htm">
<title>Wireless Router </title>
</head>
</html>
Connection closed by foreign host.
tryzen@femboywerewolves:~$ ```

Soo... I just noticed you try to connect to port 80 (the webpage you saw earlier in the browser) but telnet has its own default port (23 I believe) Have you checked that one?

yes

connection refused

theres 2 open ports

PORT STATE SERVICE
80/tcp open http
52881/tcp open unknown

Tried the 52881?

yes.. however nothing seems to happen no matter what i type

theres a file called config.dat which can be pulled from the ip tho

How did you get to the config.dat?

@north bridge

just enter in url bar

or export it in the settings web page

no password
is this one

with password set to "admin"

Yk.... Without much knowledge about it, itll be hard to exploit (especially since I only know a tiny bit about exploitation....)
I would try to connect via Ethernet (if you are on wifi)
Or maybe try to open BusyBox (the shell used) via a URL?

But ill look at the other config...

oki

Also the Webserver (Boa) seems to have an arbitrary file read exploit, maybe that can help you as well...

logs (on built in settings page)
say the following

Jun 26 10:03:34  [peth0] added, mapping to [eth1]...
Jun 26 10:03:34  Realtek FastPath:v1.03
Jun 26 10:03:34  DO 8192E IQK !!!!
Jun 26 10:03:34  Done 8192E IQK !!!!

this thing is using a REALTEK 8192E

found some firmware

reverse engineer it

binwalk shows nothing :/

its a goddamn 16 bit chip

i have no clue what architecture

Black magic with a bit of Necromancy.

Oh and a bag of holding, since the Windows Driver is like 16 times larger than that binary xD

ye

its crazy yknow 2MB busybox based linux

@gray knoll btw once the thing is set up it no longer allows setup

? You cana only set it up once? Ypu cant factory-reset it?

no

youll have to hold a button to reset

but once its setup u cant go back to settings unless u reset

Wut?

You can only change the settings once? Maybe because the IP changes? Or is it actually telling you its not possible?

yep

it quite literally unreachable as it instantly redirects to my own router when going to 192.168.178.1

i havent figured out what IP it would be using honestly

Just throw nmap at it and tell it to only scan port 80 on every ip?

tell me how

idk how to properly use nmap

neither do I... I would just use the ip address of the machine im working on, and nmap 192.168.0.* (or whateer your equivalent ip is...) and port 80 is in default scanning....

found it

192.168.178.108

im scanning ports rn

Starting Nmap 7.80 ( https://nmap.org ) at 2022-03-25 21:30 CET
Nmap scan report for 192.168.178.108
Host is up (0.098s latency).
Not shown: 65532 closed ports
PORT      STATE SERVICE
80/tcp    open  http
52869/tcp open  unknown
52881/tcp open  unknown

Well, its different...
Im gonna go sleep now tho, have fun!

It's 192.168.0.0/24

Maybe that wildcard syntax works as well, never used it

I use it all the time

I'm used to CIDR format

Im not, I dont do THAT much networing... CIDR is Black magic to me...

Since with wildcard syntax you aren't able to a specify specific networks

Like anything that isn't a /24, /16, /8

Hi, I have this Sky wifi booster that they gave me before I moved ISP to Virgin Media, and I was trying to get it working with ethernet but it hasn't been working. It seems it might be software 'locked' for use with only its's own ISP's router. Is there anyway to get it to work?

Can someone help

Need to troubleshoot router

what's wrong with it?

yeah I'm pretty sure those are only gonna work with a sky gateway

not sure what the hardware is off the top of my head but ours are an almost identical design and need the matching gateway to be able to pick up the configuration

what would be my best option for getting wireless connection outside of a brick house? would putting a router near a window work? It would basically just be for a wireless security camera nothing crazy.

Hey all, been having trouble with my Plex server that's running on TrueNAS. I can't seem to update it. It spits back this error code "Error: Cmd('git') failed due to: exit code(128) cmdline: git clone -v https://github.com/freenas/iocage-plugin-plexmediaserver.git /mnt/Epsilon/iocage/jails/Plex/plugin stderr: 'Cloning into '/mnt/Epsilon/iocage/jails/Plex/plugin'... fatal: unable to access 'https://github.com/freenas/iocage-plugin-plexmediaserver.git/': SSL certificate problem: certificate is not yet valid '"

@charred sundial sorry i kinda slept after asking for help..

Basically I have a 50Mbps internet subscription

With wired I get full 50Mbps

Before this I used to have 25Mbps subscription

And I used to get full 25Mbps over 2.4Ghz band and 5Ghz band and over Ethernet

Now on 2.4Ghz band, I am not getting more than 30-35Mbps and on 5G band im not getting more than 40-45Mbps.. on wired I'm getting 50Mbps±2Mbps no issues

I have tried resetting my router back to factory settings.. didn't help

I have kept my 2.4G band to work in only 802.11n mode only and 5G band to work only in 802.11ac mode

And it's not even a question of signal strength i think.. I don't get more than 33-35Mbps on 2.4G band, even when I'm sitting right next to the router

so i'm getting fiber so i'm looking a building out a new home wireless network using pfsense

i was wondering about hardware you would recommend i would like to add cameras in the future

my budget is less than 1000$ usd of pfsense hardware, switch, and two ap's

my house is wired with CAT5e

my internet speed will be 1 Gbps

my uses are plex streaming, twitch streaming, and gaming

Seperate router and nvr

unfortunately that's pretty much working as expected. that means the ceiling that your router's built in wifi can handle is around 30-35 mbps and a little faster with 5ghz. you'll probably want to upgrade to a standalone AP or use ethernet when speed matters

how old/what model is your router?

It's a Cisco Linksys EA1700 or something

Used to be top of the line when it come out

1.7Gbps router

Yes I know 1.7Gbps is not single band speed

But the 2.4G band should be doing okay till 150Mbps right?

I bought it like 4-4½ years ago

that's the theoretical max speed but unfortunately with all-in-one router+wifi units you probably won't reach that

depends a lot on the actual transmit power, MIMO, antenna configuration and tuning done by the manufacturer

Yeah and I'm having just a 50 Meg line

It's ⅓the theoretical max speed I'm talking about

yeah that's unusually low for 802.11n but still possible

So any other reason other than that's how it is?

you could try putting the whole router high up on a wall

that can help a lot

Because switching to 5G band for me means automatically I can't go outside the room If i want good signal

This is not one of those thiojoe ways right?

yeah 5ghz has a lot more attenuation from walls/floors

i don't know what that means but that's pretty standard for wifi deployments

that's why you see APs in offices or commercial buildings on the walls or ceilings

Bro u don't know thiojoe ?

i can't say i do

U livin under the rock or what

Hold on

https://youtu.be/tqbnjgbtDl0

@sudden kayak watch the beginning of this video you will understand what I meant

lol gotcha

nope thats totally legit, you wanna make sure all the radio signals are bouncing off the materials in the wall and spreading out in the right directions

placing APs is kinda black magic and there's no one rule to it but

getting the antennas high up and against the wall or ceiling definitely helps

So 30-35Mbps is practically the limit of 2.4G band then? Damn that's too slow

it's not necessarily the limit but you'll rarely see the full 150 or 300mbps theoretical rating

i use a ubiquiti AP AC lite which i think is rated for 300 in the 2.4ghz band and i get like 80-100 through a wall

I had a D-Link router before this, which used to max out at 6-7Mbps, and back then I had a 10Mbps subscription

but generally manufacturers of combo router/wifi boxes aren't able to do quite the same level of tuning and antenna design as in a device like a ubiquiti AP

Okay so what do u suggest if I have to buy new equipment?

Like I have a new house that's gon get Reddy in like 2 months

I haven't gotten ethernet wired

Thinking good wifi router will do the job

Nah

Always get Ethernet

You'll never beat it

i mean yeah ethernet is the only way to be sure

but yeah a good separate AP like ubiquiti will also help a lot

Ethernet and a couple good APs

if you can find them in stock

Omadas good too

Damn it cost so much more now to rewire the whole building

The buildings paintjob is 95% done

@sudden kayak okay so I have a house that's 2 floors(ground and first floor), each floor spanning around 1500ft²

Let's say I keep an AP in one of the corner(i know it should be in the centre, not in the corner)

Which AP should I buy and which router should I buy? AP coverage should be at least 50 feet radius

i would say the easiest is probably one AP AC pro on each floor, or maybe one long range on the top floor

but the best thing would be to use their room planning tool

it'll do a decent job of figuring out a layout for your specific rooms

I'm actually about to log off and go sleep but there are other people who hang around this channel who can help you with that planner

sorry it's called "design center" i think

if you're two stories and 1500sqft then I'd be looking at unifi or tplink omada

I love my omada setup

@plucky wraith multiple ap's for whole house 😉

@frigid sphinx I'm planning to give wired internet to all the 7 rooms, but I'm not able to find a good router for that

I found a workaround for not being able to rewire the house again

at 1500 sqft and 2 stories you should be considering a wired backhaul sdn wireless (unifi, omada) or a mesh option (google nest, tp-link deco, maxwell)

Well I'm relly not familiar with networking equipment types and where they are used

It's 1500sqft per floor

I just looked at the tp link omada

It says that it's a gigabit vpn router

Looks like it has only 4 ports, sed story

I'm looking for something that has at least 8

Wait a minute it's not

I saw something else

So omada looks like an outdoor ap

omada is a product suite..

it includes routers, switches and access points

try looking at the unifi stuff and come back to omada.. it'll make more sense then 😉

@plucky wraith

I only use 2 ports on my router

One goes to switch

Other to ISP

You would want a switch either way for POE

Then the bandwidth from that 1 port gets distributed..

Across all devices connected to the switch

I mean yeah

It's not like you need more than gig?

It's the same with a router, most consumer have an internal switch

You can even run a router on a stick

With only 1 port

But that limits speed

so router (manages internet connection) switch (provides power to ap's and distributes wired networking) (access points) and (managment node/controller)

unify/omada have these components ^^

yeah you don't want to be bringing multiple ports on a router just to use as a switch

my router only has 2 physical interfaces (but has 4 or so vlans on one of them)

I'm with virgin and get 1gbps on ethernet but on wifi i only get around 400mbps. I'm looking for an AP where i can get 1gbps on wifi. and I'll use my virgin router on modem mode. I'm guessing the AP that i get will have to be WiFi 6. Any suggestions?

I really really like the EAP-620 I'm using from tp-link

has a built in web interface and can be upgraded to be centrally managed if you need additional ap's

the model is a Arris’s Touchstone TG3492, model: TG3492LG-VMB

does it have enough gigabit ethernet ports?

yes

do you get 1gb through wifi?

I can push a gigabit over wifi.. australia's still in the slow lane for internet 😦

my connection is only 100/40

but to local wired services sure

Yeah

The part that I dislike about unifi is lack of web ui

you must run a controller.. I like that the omada stuff will let you use it without a controller but if you want to go there eventually it'll do it.

if you do you can get stuff like this:

sorry i meant i need a main router

you said you needed a wifi6 access point 🙂

and were going to use your existing router

this modem manual is a blast 🙂 Note: To connect more than four computers to the TG3492LG-LIB through the Ethernetports, you need an Ethernet hub (available at computer retailers).

a hub you say grandpa modem vendor...

Switch

I'll be using my existing router as a modem but need another to give out the wifi so yeah i think that's what an ap is. so would a EAP-620 work and put out wifi to my whole home

so it's a ap.. not a router.

yeah sorry i got confused for a second

perhaps... this will help : https://youtu.be/am7xT-zU1Q0?t=17

watch the next minute of that 😉

A dedicated wifi6 access point.. is going to perform better than the builtin.. "2.4 GHz radio and 5 GHz radio for wireless 802.11a/b/g/n/ac connectivity" the EAP-620 is ax1800 which is wifi6 ac was imo a bit of a mess and rather confusing. that said.. deploying wifi is not as simple as bigger better.. where it's placed and the geometry of the building etc will have a huge impact on where and how wifi propagates through a space.

@charred sundial

sorry i was watching that video

did that help?

yes a lot

so for example my home network.. has a pfsense router, a switch, and 2 access points

but the access points have the same 'wireless network' and allow devices to roam between them. without re-authenticating.

oh so you set the ssid and password the same on all of them?

no

I manage them from a central controller.

which does something much smarter

the ap's (and the switches) are 'adopted' by the controller which then gives a single management interface for all the seperate devices

so from a web ui pov it looks kinda like an all in one router.. but it's way more powerful and let's you add access points for more coverage

oh so it's like my unifi protect system kinda

yep

unifi is the other big player in this market

but it's annoying because you have to get a controller to manage the aps and can't without it

if you have unifi protect does that need a cloud key?

no I've got a unvr connected which has the protect application controller baked in

how big is the house? can you realistically get wifi everywhere required from a single access point?

it's a 3 story terraced home (3 story including the ground) and I'll be putting the ap on the ground floor. ig if i need to I'll just put another ap in the loft (4th bedroom)

or the 2nd floor

3 stories is asking a lot of one ap

I'd suggest middle of the house second story initially

the downside to the omada ap's much as I like them is that they are rather.... ugly beasties

the ubiquiti nano's are way prettier.

which one functions better though

jury's out... some say the ubiquiti stuff is better than omada some say the other way around

honestly I think either is a good choice..tplink is definitely cheaper.

but are the specifications alike?

so the EAP-620 is huge (it's nearly 40cm across) something like a nano-6 from ubiquiti is far less in every dimension pretty much way easier to hide and much better WAF

WAF: (Wife Acceptance Factor)

😂 not me trying to figure out what that means

https://store.ui.com/products/unifi-ap-6-lite

so for a single ap you could run the controller software on a pc.. configure it.. and turn it off.

or if you have somewhere to run vm's make a tiny vm/container and run the controller on it.

right okay

lol

Lol I was testing my ubiquity dishes before I hang them up

Kek

I was thinking about getting a fiber setup the next town over

I'm still amazed that I can't find a 802.1af PD voip fxs ATA

my best option seems to be a poe -> mini_usb + ethernet dongle + a fxs that's powered by miniusb

which just seems nuts.

I wonder if these dishes can push 10 miles

isn't curvature a problem at something like that distance

You can narrow the wavelength

Ill settle with 100 ish mbps up

I think you end up with enough earth inside the Fresnel zone that it interferes

Texas is flat as heck

It why so many flat earthers live here

I don’t think land interference is a problem

it depends a bit how high you can get the dishes 😉

but at 10' the dirt is a problem 😉

Not when you got concrete

Any antenna needs to be ground mounted with concrete

They literally have 5 gig available in the next town over

Maybe one day when im rich ill go with the cat 10 gig dish

so you need to get up 30m and you'll be fine

but that's a fair whack of up

There is a cell tower next to my house

telco's tend to take a dim view of unauthorised equipment on their towers 😉

You can pay them to use their towers

i'm surprised they're even their towers. Usually companies like outsourcing instead of owning anything real estate these days

hey guys, i have a question about RAID stuff that has left me confused af...

Question: In your speed critical disk system you have to increase both the reliability and the capacity. Which RAID technology will you prefer? why?

My thoughts: i wanted to say RAID 5, since it's reliable, speedy, and we only lose 1 disk to parity.

but some people argued that RAID 10 is better... it is reliable, but half of the data in raid 10 is mirrored, right...? then how does it have better capacity than raid 5?

It doesn't

R10 basically takes 50% away

@low pond lets say cost (number of total drives) wasn't a deciding factor.. then RAID 10 ? or RAID 01?

Kind of the same meaning NGL

I don't even know if there is a difference 😂

yup, one is a stripe of mirrors and the other is a mirror of stripes or something but basically the same

Oh wow :P I mean in all cases I've ever seen I only see 10 being deployed, never ever darn 01

Godddd.... i hate my professor xD

he didnt explain this shit in the class and expects us to answer this on the exam xD

There are just... endless amount of resources explaining stuff like this online. Which can be way less tedious or stressful than textbooks

lol for the last hour, i've been doing that. every other source has conflicting info

They just have different ways of explanation really...

@clear igloo looking at cisco live sessions. So much 5G. What is this, a telco conference?

5G all the private networks!!!

cellular anything seems like a terrible primary solution

Compared to things like T1 it can be much cheaper though

i was trying to buy one of them but they are either way over msrp or out of stock. I'm interested in this: https://store.netgear.co.uk/product/wax204-100eus?utm_source=Google Shopping&utm_campaign=Netgear PLA Feed&utm_medium=cpc&utm_term=4178&cid=uk-orbi-srch-cpc&utm_source=shopping&utm_medium=cpc&utm_campaign=uk-orbi-shopping-cpc&gclid=Cj0KCQjw8_qRBhCXARIsAE2AtRbGVdlr2K-k8HyeXxtLGCV-T7R6ugFZi7BmAqBXyEyvj_WuxzOmyMwaAmtYEALw_wcB . is it anygood?

if all you do is go to "the cloud" for HTTP, it might be fine

anything sensitive? naaaah

latency be like 📈

when it's things like ATMs, branches, etc. that don't use much bandwidth it's not a big issue. Private 4G/5G networks also have QoS too for some traffic, it's not that bad

wow finally a good use for that graphic. As someone who trades it annoys me that the going up version is red

And then there are banks in the US moving a bunch of workloads to the cloud from what I hear 😄

it's like magic right? dump it into someone else's computer, super secure

Only hybrid w/ on prem

yah, it's more hybrid but I've heard people say 30% to 50% of workloads in the cloud

The really important loads are staying on site. The cloud is doing client facing stuff like HTTP

Fair

Honestly if I was C-level I would not permit my money making loads anywhere near a 3rd party company

we've seen cloud providers violate their contracts and shut people off with little warning

100% going cloud 😄
cloud all the things!!

and you think "hybrid" dont you? but need I remind you there are also cases when they seemingly collude and shut someone off around the same time

I think NASDAQ is going AWS Outposts for some and AWS for most.

you NEED on prem to reduce the risk

Mainly so "on prem" can be managed and deployed like AWS.

yah, need to make sure a competitor doesn't crop up as the owner of what you're doing

yep

regarding aws outposts, since they're managed with amazon.com (I think anyway) its the same risk

they kill your account, bye bye

I dont recall there being a local admin option

I never said they were independent of AWS lol.

It's probably for performance, etc.

Still not going to be any cheaper I doubt.

Oh, almost never, especially if you do something like go dual cloud vendor

Yeah, I think my place is sticking with onprem + hybrid cloud cause we're discussing brand new cable plants for 400G support in the future

At least when most places talk about that they want to replicate everything to both providers which is $$$$

Outposts are cool tho.

I honestly wonder how the hardware looks like

local connectivity to AWS service

@low pond

its the closest you're going to see AWS hardware (in the public) lol

Dang, whole rack from AWS?

they have rack or server option. A rack only comes in a 42U.

How the hell did you get that.

green is the server BMC and orange is Nitro card.

google?

I like how its a rack in the middle of nowhere with all these connections in it, but theres no under floor or tray with cable in it... lol.

Oh.

must just be marketing pics

Haha, yes, it's wifi

wireless to the rack is the new trend 😄

If you don't want an Outpost, you can do Direct Connect

we do

many of them

don't they settlement free peer too?

idk, im not on that side of the fence. I just enable the peering and links

They have a 100 prefix limit too

you send 101 and they kill the link. so dumb

netgear 🤢

Wow

yeah 100 is a little difficult if your network is large and across multiple cities

Like City A should be preferred to enter/exit AWS near City A, but you also have to advertise City B out that same link with poor metrics so it can be a backup path

you basically have to try to summarize as much as you can

sending just a default route is not an option

so..... it's a no?

@clear igloo Upgrading this site's networking is going to be out of their budget

yeah I have to tell my bosses about [BIG NUMBER] that was not budgeted for and we need it now

they're gonna cry

ok

speaking of budget, how much do you guys think I should charge for wordpress site design update/cleanup, like to make website look nice

like 30 an hour?

+$20 for wordpress fee

charge what the market charges unless you're offering something unique

otherwise customers will find cheaper

clean up is one thing, art from scratch is another

yeah

@clear igloo https://i.ryois.me/esN9Pb59iG

The PTZ camera is plugged into this switch and it can see the switch.

@charred sundial it's... probably ok.. but.. it depends where you are aiming to get to.

Use a pulse Doppler dish to remove ground clutter

Shit I came here from a DCS video sorry

would it at least give off 1gbps if I'm right next to it

@charred sundial what's the goal a gigabit of wireless 1 foot away.. sure pretty much anything will do that. 😉

well my current topps off at 400mbps

currently it's a: Arris’s Touchstone TG3492, model: TG3492LG-VMB

I know I pulled the manual down last night and read it.

can you send me that manual I can't seem to find it

@clear igloo this sg300 switch is pissing me off

lol

@clear igloo seeing a lot more neteng jobs listed as "on-site" now lol.... looking at one that says you can be located near one of three locations. bruhhhh

lol

might as well be remote?

YoU nEeD tO cOmMuNiCaTe!!

need to be in the office for your webex

yup

Noob question, pic for attention
If I put a switch between the modem and the wifi router, and then connect a MoCA to that switch for running internet to the other side of the house and another connection to the switch for a pc in the same room as the modem and router, do I just put the wifi router in AP mode, or do I need to have the wifi router before the switch and leave it set as it is now?

Unless modem badly configured by ISP that won't work

Since you get one public ipv4 IP, and you only want one router

So you want modem - > router -> whatever (AP, switch, devices)

@clear igloo https://dlidirect.com/products/new-pro-switch 😩 out of stock

psh, get a robot to power things off instead 😄

lol

That thing would be so helpful though

nope

soon as I saw 10/100 I knew the company doesn't know what they're doing

thats going to get phased out

Spend the extra $1 and get the gig chipset

@clear igloo maybe I should apply to that caterpillar IoT job so I can 🤌

Safe rebooting by just cutting power to the Device? Better hope nothing important is still in RAM...

Meant for routers and such.

or a modem

I mainly want it for AV power control

It looked too "industrial" for home use to me... I expected to find this in a Serverrack, as a replacement for those LAN management ports (forgot what they are called)

this isn't for home

IPMI, iLO, iDRAC

It doesn't replace those at all since those do so much more than power control

Like blob said it's more for simple stuff like AV equipment

Yeah... I know... I meant like cheap mans IPMI, you can reset it, if your server doesnt respond. I know thse Mangement systems do more than power cicle...

Yeah, I've been looking at pikvm for my "dumb" computers

I have idrac servers at work at it's so useful

I have a ticket system at work that summons a human with a brain that does more than iLOs

🤩

What's it called, remote hands..

I heard they are expensive

yes. I am not required to do any physical work at all. I open tickets

no, its internal people. its the datacenter department

My "KVM" rn, is a raspberry pi 2, that has internet access, serial access to the system its controlling, and restart is just shorting VCC with GROUND, which in the case of this server force-restartes it xD

they do all rack, cables, shipping, etc. the people who arent them configure the gear remote

I try to find jobs with that setup because not having it sucks too much

Although for home power control I have a script that just calls Redfish API on my servers. Lol

So my UPS management can shutdown servers and boot them back up.

https://www.manualslib.com/manual/1740538/Arris-Touchstone-Tg3492lg-Lib.html it's a different submodel tho...

you need remote power cutoff for some types of clustering (particularly STONITH) but it's dum friends don't let friends deploy STONITH clusters

What's a better choice buying mesh wifi nodes or buy asus routers and use aimesh?

I know someone who's super happy with their tp-link deco's

I went the sdn route (wifi with wired backhaul)

@twilit garnet it depends what your uplink is and how much you want to manage it

Hello there I am trying to allow OpenVPN to access a hetzner VLAN that I created on ip 192.168.100.[1-5]. I am not able to access any external server only being able to access 192.168.100.5 which is the vlan ip of the machine the vpn is hosted on

That's not sdn

The lineup is called omada

I know that's what I have 😉

or ubiquity..

That said.. the deco stuff still does managed wifi with 802.1k/r aiui between units

so it does 5gig backhaul mesh with a 5/2.4 frontend for clients then does similar central auth things but I havn't looked closely at the detail

tplink is kinda crazy in their offerings to be honest because they have 3 Different and incompatible mesh solutions. (onemesh, deco and omada)

Omada is the business lineup

yeah

I love the omada stuff I'm going to install it at church as well

Can anyone here help me troubleshoot my wireguard connection? I think its an issue with DuckDns but i dont know enough about all this. Wireguard in unraid using a docker container of DuckDns. Got it up and running using an online guide and it worked for about 3 days

I tried to manually update my IP in the duckdns web ui but it said it didnt need to

While in home i have full access to the unraid server as normal, its specifically a tunnel issue of some kind AFAIK

I manually turned it on in my unraid vpn settings and now it works. Autostart seems to have been off. Idk if i missed enabling it or what, but seems to me like something that should be on by default

I'm using a VPN on my android, some apps on my phone won't let me use them properly if I'm on a VPN Connection cause it detects that I am on a VPN (some apps prompts: you are using a Datacenter IP or a VPN and cannot connect)

Is there any way to not let these apps know that I'm on a VPN and think I'm using a normal home network while on a VPN connection? I mean that's the whole reason I'm using a VPN only to some apps not letting me connect using a VPN

generally speaking no there's no definite way around that if the app is detecting your IP and blocking known VPNs

but you can definitely try different locations/VPN servers and try to find one that isn't blocked

also you can run your own vpn and then it probably won't detect that

the only way the apps can detect that you're on a vpn is by looking for addresses that have already been associated with a VPN or have previously been the source of suspicious/malicious traffic

yeah if the source IP is from a datacenter, etc.

oh

is setting up my own vpn easy on android?

you don't do it on client device

you need to setup your own service on a VPS somewhere, and even that may not work

Check your vpn app settings. You can do something called "split tunneling" meaning the service or app will bypass the vpn, while everything else on your device uses it as normal

More of a local networking question but I'm going to be setting up a nas soon. I'd like to set specific folders to only be access by certain people on my home network. How would anyone recommend going about this

Hi ! ..
Can i use wd purple for a starter small home NAS server ... I looked for wd red and didn't find it in my country a and i don't know how to get it ... My main goal for NAS is network storage across devices and reid 1 mirror to secure my data ... I don't imagine a huge read write on it .. Thanks for reading ✨

Hi,
I'm looking for a good vpn to do random things (mainly bypass my school's wifi restrictions) but since I wouldn't use it much I don't want something expensive. Are there any good ones where I can pay by how much I use it instead of monthly?

host your own

any tutorials?

https://www.pivpn.io/

ty

@supple hare you can also try eblocker, has build in openvpn/dnscrypt/tor etc https://eblocker.org/

that website looks really suspecious

the way it looks

PiHole and PiVPN can be used together and are well vetted.

eBlocker was a Kickstarter

THey were originally a commercial product

but went into insolvency

now its an open source project

huh

wherever there's a bunch of like "certified", and popups it's a red flag

It was basically an attempt to make a plug and play commercial pihole

Well, that pihole is shut for good..

is there any ethernet load balancing free software for Windows 10? trying to get more speed from my router but I'm thinking now it's my old SATA ssd bottlenecking the whole thing

Ethernet load balancing??
Speed from router??

SATA?

what

what speed are you paying for lol. That's a crap ton of speed, not sure what you're doing that requires more

For what service level are you paying for? What are the interfaces on the devices, link speeds, etc.

5gigabit but my modem has
1x 2,5gbit Lan port
2x 1gbit Lan port
WiFi 2,4/5ghz

Your ISP really out here trolling you. Find out if you can bring your own modem and do 5gbit. That’s BS that they don’t allow a port for it.

With that said, I believe it’s designed as a way of not saturating the network from a single device.

You might be able to bond the connection, although you’d only get the connection speed of one of the connections on a single thread.

This is just my 10 cents though. Someone is likely smarter than I.

exactly. hate that. but no, it's not connection limit because I can speedtest at the same time or start a download from different computers and I get like 4,2 4,4gigabit combined

just realized my bottleneck is sata SSD write speed of 450mb/s.. exactly those 3600megabit

so I need a new pc or... raid of data SSD to increase write speed?

nothing special, chose this connection because it's cheap

Is there a good reason, why Samba would work on one Interface, but not on the other?
No, samba is not limited to one interface, yes, I can access both ip addresses.
Google throws out a firewall problem on the Serverside (I donnt have a Serverside firewall)...

Huh... SOMETHING on the way out of my LAN, is filtering port 445... I cant access anything via that port... Strange... That seems to be the solution for all my problems with only one interface working, that Interface was vpn-like, and didn't connect to 445 directly...
Is there ANY reason for outgoing port 445 requests to get blocked on a residetial connection?

Do other ports work?

Would 1gb networking be enough for recording to a NAS and editing off of it. 1080p 60fps?

yes

1080p 60fps is like at most 8Mbps

wait

raw footage or compressed?

Raw? whatever is the output of OBS lol

only 1 user if that means anything

it also depends on color space, depth and other stuff lol

but yea if you're not using red cameras 69-bit stuff you're finee

Also. Is there a way to limit who can access folders on a nas? would i have to set up a active directory? or is there something I could do before that

hm im not sure i've never had to do that before, but i assume it depends on what you're using for your nas

I havent tested all yet, but my ssh port works (its not the default ssh port tho)

that has nothing to do with it. speedtest.net is checking your network speed, that's not really related to your disk speed

it will affect a sufficiently large file download but your disk can't bottleneck your actual connection

but anyway yeah to get the full 5gb/s speeds you're paying for, you'll need to upgrade to a 10gbe router

Yes sometimes

SMB is a massive vuln if someone is using SMB v1 or insecure authentication and can result in some catastrophic situations

Some Residential ISPs block it

But it worked a week ago? And I use SMBv3... Also why dont they just refuse the connection instead of not sending a TCP acknowledgement?

to prevent bot scanners from even knowing that its an active service

If you respond with a Refuse, you know something is on the port

OHH... No, the Server is not at home, its in a Datacenter... I cant have a Client at home accessing a SMB share in a Datacenter... And it works over my Phones Data plan, just not through the wifi.

Ohhh.

Check with your Host Provider, they may have some form of filtering to block residential connections potentially

Although, I have seen residential ISPs block SMB both ways too

Well, it actually is at home, but its tunneled out through a VPN, so I can access it from outside my LAN (cant open ports on my router) but connection out of my LAN works...

And My hosting provider explicitly warned me the wouldn't block anything without me telling them to.

just be it laziness in the rule or CYZ (Cover your ass)

I still dont get why it worked last week tho lol

Well then hold up

its prob due to the fact it may not like you exiting then coming back in to connect

you would instead expose the SMB directly to LAN

But connecting directly to LAN is boring... Besides the main point was that I wanted to try access from outside, but it never worked...

Also Noone in the Chain, besides my VPS should know that the SMB is just tunneled back...

Now, how to do this cleanly? You would need an Internal and External DNS setup. Internal DNS points smb.blah.tld to Internal LAN IP and External DNS points smb.blah.tld to external endpoint

Well, it does, but I was deliberately avoiding DNS by entering the IP to test the outside access. I already set up the DNS setup, because LAN is way faster, why not use free speed, right?

did anyone have an encounter with Huawei EG8247H5?

i have been trying to attach a storage device to the ONT but its of no use. i have referenced to the manual and whatnot but it simply wont work

Hey, so I have been using OpenVPN recently routed to my home to bypass restrictions at school. I am wondering if there's a way to have the OpenVPN client travel to my server first then to another VPN, if that makes sense. Basically I want to do the following: OpenVPN Client -> My OpenVPN server -> ProtonVPN. Reason I want to do this is that ProtonVPN is blocked natively on the network.

it's possible

Do you have any clue on how I would set this up? I've tried googling it, but I can't seem to get my words right lol

routing

just set next-hop to the vpn

in theory

How exactly would I go about doing that though?

iptables

or nftables

I'm not telling it's madness but looks like madness to me. in order to test speeds you have to download and/or upload sample data.. can you explain why it is not related to disk speed? does it use system ram?

It doesn't need to use disk

if you think speedtest.net is downloading hundreds of gigabytes of data to your hard drive i don't know what to tell you

if any random website could do that it would be a security nightmare

it's just putting a bunch of meaningless data through your internet connection, it's not saving it anywhere

if you don't know how a piece of technology works, don't assume the explanation is madness 😆

If you think you need hundreds of gigs to measure a speedtest I don't know what to tell you

drive by downloads are a thing that 100% exist

i mean if you're doing a 30 second test on a 5 gigabit connection, that's already tens of GB

hundreds is an example but it's not implausible

also yes i realize drive by file downloads exist but it's a security issue, and you would notice

random websites are not writing 10s or hundreds of GB to your disk to test speed

It generates a few chunks of data and uses those over and over, it doesn't make new data constantly

that's my point

I'm trying to explain this to someone who thinks that the website is actually downloading data to disk and so a slow disk would change the speed test result

looks like you have to download something so disk is used at internet speed

how can write at lower speed without caching?

random data or not the file needs to be big enough to test during those seconds

that ~3600 limit just at drive write speed is suspicious

you're not writing anything

you're downloading a stream of garbage data which is stored in memory and then immediately deleted

the only place that data is going is through the internet connection, none of it ever hits the disk

maybe it's a language thing, but "downloading" doesn't necessarily mean "writing to disk" - it's just data coming into the computer to saturate the connection

"garbage data stored in memory" looks like something in the disk drive, so it has to be written

unless you are talking about ram

yes, memory means ram

ok so my bottleneck is ram, thanks

nope that is also not the bottleneck

https://help.speedtest.net/hc/en-us/articles/360038679354-How-does-Speedtest-measure-my-network-speeds-

your RAM bandwidth is like 20-40 GB/s even on an older computer

i think that's the page he was already looking at, but the confusion is about the terminology

the bandwidth bottleneck is the actual router's capacity and/or its ethernet ports

i wanna be clear here that you totally should still upgrade your disk from a SATA SSD to something faster because that will totally impact the speed of downloading a large file in the real world

imagine
https://stackoverflow.com/questions/3749231/download-file-using-javascript-jquery

but disk speed has no impact on the speed measured in a network speed test because they're designed with avoiding bottlenecks in mind, so they can actually measure the network speed

yes, we already had this conversation. the point is that random file downloads are undesirable and a security issue, and you would notice if speedtest.net was putting 10s or hundreds of GB in your downloads folder

I mean cookies exist

local storage

also not the same thing

ik, but it can download to PC

local storage is also limited to 5MB

Not always

yes there are workarounds and sketchy things you can do. i have no idea why you are so dedicated to picking out minor exceptions to a side statement i made like 10 minutes ago when I'm trying to actually help someone with a legitimate question about how speedtests work in the real world

you are telling me when speedtesting drive usage is slower than the actual speedtest? I feel really discombobulated

Hey Yall,
I am looking for a piece of software (FOSS preferred) to connect several REST-Based endpoints with contact information (Name, Email etc.) to a central point where those can be syncronized and pushed back. Either I have yet to find something like that or I am completely missing the search terms for that. (Alsoalso, not really sure if this even fits this channel..)

yeah just to be clear - when you're downloading an actual file that you want saved to your disk, you're still gonna be limited to your disk write speed. but websites like speedtest.net are designed to avoid all those bottlenecks and just test the maximum speed that can make it through the internet connection

probably what you're describing would be easiest if you just write a short python or nodejs script honestly. but you could also look for something like a "no-code" tool to set that up without actually writing a script

There is also the really interesting way, MEGA does its downloads. It seems as though they also cache it someplace and only upon completing the download, the file actually touches disk. (At least that is how it seems to me, since no temp file is created in the usual spots..)

almost 0% disk activity during speedtest. I feel robbed of my brain cells

no, it uses https://developer.mozilla.org/en-US/docs/Web/API/FileSystem apparently

Welp, I was hoping for something that utilizes CardDAV and already has a few connectors ready. How is this not a solved problem...

https://webapps.stackexchange.com/questions/41068/how-exactly-does-megas-download-work

That ready as though its a "file system object" so its a file system in memory?

ah hmm. yeah that might be something else very specific but I'm not aware of any particular names or pieces of software for that

so where is the real bottleneck? I can test 4,4 gigabit combined with multiple computers at the same time, only 3.6 on one connecting 3 ethernet cards and a wireless dongle

my guess is that it's either QoS somehow recognizing that it's a single client and limiting your speeds, or some overhead involved in bonding multiple connections, or perhaps just that speedtest.net doesn't handle multiple connections well

I mean what I would do is do a local test first

iperf3 between local PCs

bonding overhead is a good guess but can't find anyone testing something similar to compare results

looks oddly specific and a little out of my knowledge, what that iperf3 is testing between local pcs?

yeah that will narrow down the problem

It reality, yeah, disk should have no involvement on speed test. BUT, there are actually writes going on when running a speed test. This is usage during a run on speedtest.net. 1gbps test with 105MB/s writes during the test. Even I was not aware of this going on during a test

it basically allows you to test between 2 PCs on your local network. This way you are mostly eliminating the router, and eliminating your internet connection as potential issues. This is how you troubleshoot, narrowing down the scope

we've been through this, but all i can say is that it's probably unrelated because the speedtest.net docs do actually say that it's not putting anything on your disk

Im not disagreeing. But there is caching of some sort going on during these test. What level of impact this has on results, I don't know as its not documented nor any post I can find of others questioning it

with a single 2.5 ethernet card I get little less than 2400mbps and almost 90MB/s of disk usage. too low to be the bottleneck. maybe the result is worse when combining all those cables together

yeah there probably is some caching in the browser but it's definitely not going to make your disk the bottleneck

Im not saying its the bottleneck, Im suggesting its just skewing the results

Similar to fast.com using caching to skew things where you get over 1Gbps on a gigabit link

Yeah don't they attempt to account for overhead?

Something like that, yah

I will say I did have a similar issue where one direction was great and the other was crap, turned out to be a bad SFP in the mix, I doubt that's the issue here but it could be somewhere there is a bad optic

hard to try because only one pc at time can have all those connections. I mean I only have 1gigabit port computers around and the main one is equipped with on board 1+ PCI 2.5 + usb 2.5 + wifi

wait are you trying to aggregate all your interfaces?

well no wonder

Yah, it's probably mucking with crap trying to aggregate like that with so many things

Although it SHOULD pin to a single faster path I wouldn't be surprised if Windows did something stupid

maybe I can set a pc with WiFi+gigabit+usb2.5 and the other with the same but I don't think the result with overhead can't surpass 3600mbps

what do even need this much bandwidth for

like I stopped messing with speedtests a while back

exactly! there is nothing epon to buy with a simple 5gbit ethernet port at the moment

aggregation like that doesn't work well

maybe speedtest marginally works, since it uses multiple connections

esp with wifi

mostly big speedtest, 90% of the internet is not sharing files at those speeds, steam is a decompressing hell for my i7 4770k 4,4ghz (4c8t). only direct downloads, torrents and FTPs work well enough

Yeah there are too many mediums in play to even bother putting time into tshooting. WIFI should not be part of the equation either. Aggregation at the host is already a mess on it's own

I know it looks silly but I like tech in general

and getting that 5gigabit speedtest is something I want to get if it's cheap enough :D

just like rich people like big expensive cars

https://tenor.com/view/look-pose-cool-smooth-butt-gif-3829427

Iliad(called "free" in France) is indeed trolling us with slow ethernet ports

Just get a vps, there you go

that's cheating 😁

If it works it works

do i need to call my isp to have my ipv4 stay the same after i reboot my router or can i do it myself?

depends on ISP

my IP doesn't change after 5 min downtime with current ISP, but it used to change with every restart with older ISP

for static IP, it usually costs more

not going to lie, if i hit the lotto, I would'nt buy a sports car (well I'm tall af and wouldn't fit in any of them anyway) but you damn well better believe I'd have 10gb fiber internet in my house

id proly just buy a house

well I'd buy a new one, not mansion huge, but a bit of land and some out buildings

yea

probably a remote house near nature or som

here in Italy max speed is 10/2 for 45usd or cheapest 5/0,7 for 15usd (all before tax) but a house isn't cheap at all

and I thought 75usd/mo for my 200/10 was rough

I pay $75/mo for 940/940 😂

both not cheap but I assume you get more money from your jobs

that's lower than the average price here for internet actually

that's why Ryan Reynolds is spamming so much about mint

Used to pay 165 for 300/30, tv, and phone

Now just for fiber 300/300 it's like 50 or something

We just canceled our TV

We were using Hulu Live

165 a month is a real benchmark

we pay 85 for 400 down but 11 up

lol

that's not fttc for sure so you get ftth download speed but super lazy upload?

you can get 400 download over dociss

a lot is not fiber or cable, but just the tech the telco is using and the design of the network

yea its dociss

its an xfinity bundle so im guessing its super cheap (for my area) because of lazy upload speeds

most ISPs provision more download than upload on dociss

ya

and that's better for copyright holders

what

less p2p

less piracy

it's simily a technical limitation

less seeding

you only have a certain amount of bandwidth on dociss

do you mean like mobile internet? data cap?

no

bandwidth

that's the maximum ofc

which most don't utilize

because of other factors

https://en.wikipedia.org/wiki/DOCSIS

nice to know

Moar piracy

I'm looking to get a new network switch for my room as well as a WiFi access point as there's a lot of interference between the router downstairs and my room that makes the higher not worth using currently. Was wondering if there was perhaps a combined switch and access point out there somewhere? Would need at least five ports with an access point capable of WiFi 6 if possible.

UniFi 6 In Wall

Keep in mind it's in early access meaning there's limited quantity of them and you have to become an early access member

Thx will look that up. Wouldn't have thought such a product would be uncommon. Seems like an obvious combo device.

or omada wall mount

no need for controller like unifi, which I find annoying for a single device

for a whole deployment unifi is great

a single device, not so much

@icy bone https://www.tp-link.com/us/business-networking/omada-sdn-access-point/eap615-wall/v1/
https://www.tp-link.com/us/business-networking/omada-sdn-access-point/eap235-wall/v1/

these have webui's like your router to control them