#networking

I check that on the cable itself?

CCA (Copper Clad Aluminum) is a way to reduce the cost of cabling by changing the wires from solid core to a aluminum core with a copper outer plating

yep

let me check

and the other as we discussed.. is terminations

the cable is this one - https://www.tekaelectronics.com/pt-pt/pares-cobre/cabos-uutp-futp/cabo-uutp-cat-6-cu

the termination I can't see now

it seems the cable is not CCA

good news on the cable I think

yep which leaves termination and run lengths.

length of the cable?

cable could also be damaged during the run, but that's like worse case

i think in this case is less than 15-20m

I've seen the things electricans do to ethernet

i also saw

running in a bundle of high voltage electrical wires

i have to leave now, later I will try to check the terminations. Thanks for the great support

there were some errors here in this remodelation, that's for sure. maybe this was one of them... oh wel...

currently trying to use caddy, the top domain works as expected, but when trying to access the bottom one's server, nothing works, and the way it fails is different depending on the port i use (80 causes infinite redirects, 8080 gives a 502 with no body, and 443 says "Client sent an HTTP request to an HTTPS server."), any ideas?

i.bottomservices.club {
   reverse_proxy localhost:40115
}

2b2t.bottomservices.club {
   reverse_proxy localhost:8080
}

the server config said it should be running at 8080 so i don't know why this doesn't work

actually nevermind, it's an issue with the server itself

whats the diff between cat 5e and cat 6 in terms of networking speed

https://www.google.com/search?q=difference+cat5e+and+cat6

Long story short I have a programming project at school but the school computers aren’t great and have limitations. I was wondering if it was possible to run Apache Guacamole off my home desktop?

I have no clue when it comes to networking so if anyone is able to help me out I’d really appreciate it

rdp is better

just setup a vpn first, don't expose rdp to internet

you can even use something like zerotier

I need something that doesn’t require me to download an application on the school computer which is why i’m mentioning guacamole as you access through browser

ah

kinda insecure imo to open guacamole directly

what I like using for dev on school computers is github codespaces

or similar things

no gui stuff though, only dev on cli stuff and web

If I needed to use applications such as unity etc or needed to run files which i cant execute on school network😂😂 doesnt seem to be any simple answer🥲

why can't you run unity though

because it people dont want to do their job properly and install programmes

@unborn sluice

Guacamole is fine if you keep it behind a reverse proxy.

That’ll keep it encrypted.

Woops, didn't read the topic first.

So yeah. Symmetrical 3gbps internet.

@warm frigate so you could build something into a portable app but it's not trivial but what do you need to build?

Looking for 10GB nic for server any recommendations?

Hey, Guys I have a L2 switch which I want to make 2 LAN ports as failover mode like, if the 1st LAN port is unplugged the whole data goes through 2nd port is this possible ??

yeah it's called LACP

I must buy some more patch cables I ran out of so I stole one from a LACP connection on my proxmox host 😉

some recommendations on 12-16 port 2,5gig switches, preferably with atleast 1 SFP+/10Gig port?

Spanning Tree Protocol will just do that for you assuming the switch isn't complete garbage

If your switch is garbage/STP is disabled you will instead get a switching loop but usually it's pretty easy to tell if STP is present - one of the port indicators will shut off until the other is disconnected.

QNAP has the qsw-m2116p-2t2s, Netgear has the M4250. If the price doesn't appeal consider used 10gbps switches or if you need multigig on all ports

looked for used 10gig ones already, but the marked for them is a bit fucked here rn, can only find the ballin enterprise stuff for 1k-12k per switch

Not really any other options unfortunately

10gig is interesting in that 10GbaseT skipped the datacentre (they all went fibre sfp because power)

can i replace my isp router with a 10 gigabit router or do i need to replace my modem aswell

and do i need a 10 gigabit ethernet cable to get that speed?

Depends on whether the modem could handle it, usually it's managed by the ISP, so if you get a 10G plan they should send you something that's compatible

Well first you need to pay them for that speed

So I can't buy one by myself and cheat the system

Obviously not, you'd need to buy a plan from them anyway for getting those speeds

No, not how it works

Can't fit 10gig through a 1gig pipe

My router rn is 1 gigabit

It cost like 100 bucks wifi is pretty expensive here

Equipment and service are 2 seperate things

Have to have equipment that is capable of the service

But just having equipment won't do anything

You can have 10gig local, but not 10gig to internet

Even then you won't have 10gig to most destinations

Nvm it's 800$ for 1 gigabit

😂

And it's the max speed

Most places don't have 10gig

I don't even have gig. I can if I wanted but there is no point for me

300/300 works just fine

And I barely use that full pipe

Just in bursts when downloading and uploading files

Which is great to have

Thats basically the normal price for 1gb

Where are you from, just curious, Gig here is also pretty expensive

you mean 10gig right??

https://i.ryois.me/rFgUgQAar2

this is tempting sometimes lol

In the Right places, 10G is very affordable 🤷‍♂️

Funnily enough, this is a rural area.

"Regular" service https://i.ryois.me/88U07TKwS8

business 10 gig https://i.ryois.me/riqHz0EYWV

Ah yes now we are getting in the transit level cost for 10G

Nope 1.

Hey guys, I just got fiber installed and running in my house (1gig) and upload/download is about what I anticipated on wifi (~500 up and down) but on my hardwired PC, I'm getting 900down and about 15 up. I feel like theres something obvious I'm missing here, could it be something to do with my ethernet switch?

Is 300/30 internet good enough for 4 people with occasion torrenting

Or should I get 600/60

I thought that it was a gpu for a second

Should be

Any opnsense users here? How about opnsense + dd-wrt users?

Long story short, Netgear screwed over the Nighthawk 7900 users, I ended up installing DD-WRT on it and it fixed everything for a few months. A few days ago it started acting up. I factory reset it and restored the settings and everything worked again, until yesterday. LAN and WLAN both work, just no internet.

This gave me the kick I needed to finally set up opnsense, and now I have the modem going to opnsense, opnsense going into the wan port of my nighthawk, and both LAN and WLAN work, I can access the router on 192.168.1.1 and I can access the AP on 192.168.1.2.

The issue is everything is very slow.

opnsense is on what hardware?

Let's see if I can find where to get it to give me a printout.

This is the Dashboard

What model?

It's a dual gige Intel NIC I think.

Its a Dell Broadcom one

but like what did you install opnsense on?

BCM957810A

A compact workstation?

On an SSD

And if it's relevant, it's not GPT but MBR because this Silicon Power SSD's firmware does not work with GPT.

Sata 3

that stuff doesn't matter

that's just boot

Then I'm not sure what you're asking

like cpu

Intel(R) Core(TM) i3-4170 CPU @ 3.70GHz (2 cores, 4 threads)

does internet just feel slow? what type of bandwidth do you get on speedtest.net

Should be gigabit, typical comcast I got 418down, 42 up (that's right) at 10ms when connected directly to the router.

I get between 100-200down at 12-15ping connected directly to the AP.

In my room which is hardwired to the DD-WRT router now AP I'm getting 11ms ping and 90mbit down right now. Upload is normal.

honestly no clue, there's lots of hardware optimizations on router OSes so dd-wrt may not be using that. hardware really isn't my strong suite

So it's consistently slow across all devices.

why I mainly don't really flash 3rd party firmware.

Speed wise DD-WRT was fast when it was working.

It was this or throw a perfectly good router into the landfill.

what changed?

what was wrong with original firmware

Netgear pushed a security update that broke Wifi. Wifi literally didn't work, and then they never pushed a patch.

I also discovered after installing DD-WRT that an update they pushed for their Disney parental control BS hurt performance. I went from 250mbits down to 750mbits once I moved to DD-WRT.

I didn't want to revert back to the unsecure firmware, so I moved to DD-WRT.

I don't know why DD-WRT now decided to stop functioning properly. I don't think constantly factory resetting it is a viable long term solution.

opnsense is a more robust router and firewall anyways.

never used opnsense so can't really comment on it

This is clearly a configuration problem.

There is either some conflict/overlap or something needs to be tuned.

idk, maybe, but I honestly doubt

Each piece of equipment on its own works fine, but together there is a bottleneck.

maybe MTU? idk

doubt it would be changed from default

only opnsense is configured as router?

Yes, afaik anyways

could be double-nat if the netgear is also as a router not AP

I followed the DD-WRT wiki article for turning it into an AP

https://wiki.dd-wrt.com/wiki/index.php/Wireless_access_point

any packet loss to opnsense from client device?

Hmm

How do I check that?

one way is to ping opnsense

isn't the most accurate, but it will be good enough for local troubleshooting

Ohhhhhh kay

I decided to try and move the cable from the WAN port to the LAN port. Got 9ms ping, 716mbps down and 41.5mbps up.

So that tells me there is a configuration issue with DD-WRT regarding the WAN port.

So for what it's worth, I discovered that the wiki article is way out of date and "Assign WAN Port to Switch" is deprecated and if you uncheck it, WAN automatically gets bridged to the LAN ports when you disable the WAN functions in the router.

Once I unchecked that, the WAN port is fine. I just got 900mbps down.

That would make sense

Since switch is hardware accelerated

And it was trying in software which was slow

From wan - LAN

Bridging

Try to get a dell force 10 switch set up as simple as possible and am running into some issues with the setup. I am trying to set it up as close as humanly possible to an unmanaged switch. Only reason I got this is because of the 10G ports I put in the SFP slots. Anyone here versed in the black magic that is switch setup?

why are things the way they are, IPv4 uses 4 byte addresses, IPv6 uses 16 byte addresses

can't they be just a lil consistent and call it IPv16?

It will be called IPv16 when the USA measures with mm instead of inches

@mighty crown yeah you should be able to just turn it on with no config if that's all you want.

All ports were down by default and it doesnt accept DHCP offers. Specifcally stated rejected. Looking it up it was missing the image path and config path or something like that in the dhcp request for the server default set up

what's the exact model?

you might need to enable the ports but you shouldn't need to worry about vlans..

@mighty crown did you sort it?

Sorry for the delayed response! I got all the ports live, and could see the 10Gig ports as well. But not one of them is being assigned an ip address.Its a force 10 s60-44t

when you say not being assigned an ip address do you mean from the switch dhcp server? or from your router?

From the switch. The router assigns IP addresses no problem, if I plug an unmanaged switch into the same cable everything works perfectly. Its the managed 10gig switch thats the problem at the moment I think

I assume this is second hand? did you wipe the config?

because it could have anything up to and including 802.1x or similar config on it

can you get a dump of the config? (try show run on the console)

config reference https://downloads.dell.com/manuals/all-products/esuprt_ser_stor_net/esuprt_networking/esuprt_net_fxd_prt_swtchs/force10-s60_reference guide5_en-us.pdf

It was 2nd hand. I have read through the manual and am still stuck unfortunately. The output from show run is this. Its not the entire thing, but every other port is configured the exact same way.

so is your dhcp server at 192.168.9.1 ? 😉

I found out from another discord that ip helper isnt really needed in this context as its designed for cross subnet which isnt applicable

Thats the router/dhcp so yes

because that's where a dhcpdiscover is going to be directed that's recieved on that port

but also.. if it's directly connected you don't want to configure a helper address

Yep so I have to go in and wipe out the helper address, but that still leaves it non functioning dhcp, any thoughts on a possible go from there?

can you telnet to the switch?

what procedures have you tried so far?

do you get link lights?

I do get link lights, all ports are live, and I am currently using a serial cable to connect to it.

did you do a factory setting reset of the switch?

https://www.dell.com/community/Networking-General/Force10-S60-Factory-Reset-Issue/td-p/4556718

It came factory reset but if we want to start from a base I can do that too, not like its working now 😄

Would you like me to factory reset it?

I think it's probably worth doing again

Ok stand by for reset

power cycle the switch and then break out of the loader

Its reimaging right now but by default it is in bare metal provisioning. It give me DHCP offer received on Gi 0/0 i rejected

When I looked it up apparently its because its looking for a special dhcp server that has a config file and image or something like that to image it

it's probably rouge dhcp protection

(so offers from 'access' ports are rejected by the switch and not propagated into the network)

Okay, any thoughts on how to turn it off? Looking this error up earlier didnt get me anywhere unfortunately

Apparently it also goes by the name jump-start for dell, and on the wiki page for it it says "Jump-start requires DHCP server, TFTP server and DNS server in the network environment.
"

can you post a full boot log? and can you get to a FTOS # prompt?

I am not sure how to get to the full boot log without posting like 15-20 pictures. As for the FTOS prompt, I can get to FTOS-BMP. I cant get to FTOS without disabling BMP/ jump start which I can gladly do

just pull the text out of your terminal put it in notepad and post the file 🙂

so jumpstart is the ... 'wizard' configurartor

God I feel dumb now :/

I dont think so, without having the DHCP server TFTP and DNS server it doesnt seem to do anything, and its only other option is just disabling jump start I think

yep so to disable it properly you do "reload-type normal-startup" then "copy run start"

Rebooting with that right now

I can post the log file after that hopefully

that should give you a blank switch with a privilaged prompt

it expects it's dhcp offer to contain extensions with config and stuff 😉

here ya go. Its not in an elevated prompt but just running enable will get me there

ok sweet.

wanna jump in a voice chat it might be quicker?

Sure!

problem was missing the switchport directive on the interfaces 😉

https://tenor.com/view/youre-a-wizard-hagrid-afirmation-magic-magical-gif-16533730

https://www.reddit.com/r/networking/comments/u58ugz/why_do_some_aws_ndes_engineers_solicit_resumes/

Hey just wanted to get some recommendations on good wifi adapter please

@hollow marlin I agree with one of the comments, they're probably desperate to find people to fire so others dont

hey guys, any good sim only, unlocked routers that are available in Euroupe? I’m looking for one and my operator, O2 has a bad selection and I really can’t decide
Thank you!

routing gore

looks fine, why would you go the other way to europe

Any recommendations for wifi router and extender or wifi mesh kit? I have very low connectivity on second floor and looking to plug into my ISP router (in the basement) then have the extender/mesh node on the second floor. But so far every single wifi mesh kit on amazon for wifi 6 has 1/5 star review has the most helpful then a 5/5 star review as second most helpful (then another 1/5 then another 5/5)

You have not seen real routing gore kek

Same country, 200ms. Roams EU just to come back

I've had good luck with asus APs, they are easy to put into a mesh and support mismatched models. I ended up finding a deal on a asus rog rapture locally and it works great for me, covering ~2800 sq ft. I'm not sure I'd drop the $400+ it retails for though 🤢

Ubiquity is a common recommendation but I can't speak much on them. I setup a 3 AP 2.4ghz network with them nearly 10 years ago for my father and it still works so that is nice but I have no experience personally with their new offerings.

@rain surge my mate has tplink deco in his 3story weatherboard and loves it. I recently did a omada (ubiquity alternative) deployment and I'm really happy with it.

the omada AP's have a TERRIBLE WAF tho

im actually in the process of redoing my parents wifi and decided to try out the omada system

good to hear you're satisfied (mostly)

WAF?

Wife Acceptance Factor (aesthetics)

ah lol

the wifi 6 ones look nicer

the 620HD I have is still ugly as.. I believe they've tidied it up tho.

seems fine to me

Thanks, i picked up a tplink deco set

thanks for the info, i tried finding a starting point for the ubiquity unifi and just gave up after seeing that the basic "dream machine" was 600+

Don't need dream machine for the APs

Just need a controller

I like omada better tho

What are you looking for, speed/cost/feature-wise? My idea of good likely differs from yours.

I tend to start with an OEM board and stick a pcie modem on it, you might desire something simpler. (Perhaps say why you dislike the existing offerings?)

Speed and range

ooh cool

Speed and range, eh? 4G or 5G? Need ethernet ports?

Can you get OK coverage on your phone?

Or do you mean WiFi range

5G, Don’t need those

WiFi range

Ok so you're metro then

I personally would get something like the Mikrotik Chateau 5G or it's half-the-cost LTE12 variant (Do be aware they're a bit more complicated to set up than your average 4/5g router as it's based on RouterOS, the mobile app is nice though), if you want an internal battery and portability look into the Netgear Nighthawk 5G

I'm sure if neither of those work for the price, someone can advise a lower-cost alternative they have experience with, Huawei has some alright stuff too for all shapes and sizes

By wifi range are you trying to cover a small apartment? A house?

Both of the above will cover an apartment well enough

do u guys like my wireless speed of 0.00 mbps and jitter 2,200??? ik it's great 👍

A cottage, but we need to cover the sauna as well, so I was thinking about a mesh, but idk if it’s possible with sim routers

and the sauna is something around 6 meters from the cottage

Protip: Just say that upfront next time and you'll get the right answer faster

yeah, i forgot about it, sorry for that

You don't need fast bandwidth in a sauna probably so try with one radio first

And if it doesn't cover... get a repeater

A full mesh is likely overkill

we won’t need anything super fast, just music streaming, that’s it

yep

If you buy a domain from something like ens or unstoppable domains, can you use those for mail servers and normal websites? Or is it locked down in some way?
For example, the .x tld

Edit:. I think you need some browser extensions for it to work. So they aren't normal domains - they are heavily limited in what you can do with them.

you aren't limited with what you can do

but limited on how you can access them

Mailservers won't know how to contact your mailserver, because such domains won't resolve via DNS.

So unfortunately, no.

I looked into it just then out of curiosity and they look pretty cumbersome to use, nearly useless.

I'd suggest buying a domain with TLD that will be present in normal DNS servers. Perhaps a .tk if you're very against paying per year and don't mind the risk of your domain getting yanked arbitrarily.

I use a linksys velop mesh system I find its pretty good I'm not sure if they do wifi 6 but I have been using it for about a month and I find its good, if you want a link to the one that I have just dm me

I am not sure where to ask this so...
how do I stop these? it's downloading Windows 11 and I don't want it

I could use some help with my old Apple AirPort Express. If someone’s available?

https://lawrence.technology/pfsense/

Found some handy guides for setting up pfsense. Looking forwards to converting one of my laptops into a pfsense router;

Hi I might be able to help, what’s up?

@atomic warren I got it to work I think. But it was slow as fuuudge. So I gotta get something else as a Wi-Fi extender. Any recommendations?

Gigabit LAN and 5ghz

https://www.tp-link.com/no/home-networking/range-extender/re450/ maybe?

I have LAN-ports around my house. But my router is on the first floor, so the Wi-Fi barely makes it to the 3rd.

get an access point

wifi extenders suck

@peak cloak Perfect! Cheers 🍻

with an AP you just hook it up to ethernet, so it's much better than trying to boost an already weak and inferior wifi signal

Range extenders just boosts the same signal, while an access point “creates a new one”?

well it's another base station, yes

it can be the same wifi name though

and the client will choose which station to connection to

Awesome! Yeah I want it to share the same SSID as my current Wi-Fi

it can cause issues with some client devices, and may require tuning of TX power

Perfect, that’s exactly what I need

omada APs are good @echo tulip

@peak cloak Not sure if those are sold here in Norway

hmm

@peak cloak Anything from tp link, dlink, zyxel etc?

well omada is from tp link

and they have consumer APs but idk how good those are

@peak cloak I pretty much just need 5 meter extra range

what's a electronics store in norway?

I can try to find something descent on there

@peak cloak check komplett.no

https://www.komplett.no/category/10281/datautstyr/nettverk/aksesspunkt?nlevel=10000§10273§10281&sort=PriceAsc%3AASCENDING

Speeds above 300mbps are preferred, so not the cheapest ones.

https://www.komplett.no/product/903983/datautstyr/nettverk/aksesspunkt/tp-link-eap225-aksesspunkt# ?

if the picture is correct that's the v2 one

I have the v3 one, it came with a poe injector as well to power it

I’ve been looking at that one.

unifi is good aswell, problem is that it requires a controller, or using the phone app, which can be annoying

https://www.dustinhome.no/group/hardware/nettverk/tradlost-nettverk/aksesspunkter

the omada stuff just has a webui like normal

Gotta do some research. Thanks a lot @peak cloak

Been eyeballing the ones from Google as well. But 150 euro for one, seems a bit steep.

Anyone here work for an ISP and can maybe get me a manual for something?

I've been using this bad boy as a dumb gigabits witch for the last 11 years. A few weeks ago it stopped powering on. I would love to try and use it to it's full potential but I needed a user manual for that, and now I need a repair guide.

Quick googling has yielded nothing. Chances of finding either are slim I'd guess, considering this is designed for ISPs.

I can confirm both PSUs work, and that the main board gets power (there are power LEDs inside), and I don't smell or see anything burnt.

The internal Power LEDs come on, but the main power LED on the front does not.

I don't know where to even start with this.

nothing on serial?

You mean connecting to the console port?

I haven't tried. I never did it before. I use it as a dumb switch, never tried to get into it.

I assumed if there is no power LED and no fan spin, there won't be anything else. I suppose I can plug my laptop into it.

That said, I don't know the first thing about that, so I'll have to wait until my father gets home.

The storage could have corrupted. The console might tell you

Can I use any regular RJ-45 or do I need a special patch cable?

Actually I don't even know how I'm supposed to access it

yeah you either need a computer with a serial port and an rj45 to serial, or rj45 to usb serial adapter

iirc

I have a serial to USB adaptor but I don't know about serial to rj-45

I almost certainly do have it, just don't know where

not sure if it's rj45 exactly or something similar

Conveniently my new Router/Firewall has a serial port

I'll look for those adapters later

you need a rollover cable almost certainly (it's wired differently to a ethernet cable (it's NOT 568A/B

@verbal ridge

That's what I thought

But is it still an RJ-45? Can I terminate my own?

the connector on ethernet cables isn't technically RJ-45 (it's 8p8c)

but yes it's 'just' a 8p8c connector like your usual crimp tool does

Anyone familiar with Fritz!Box'es?

I dont really loke the way it handles DHCP(i believe thats the right term), and i want it to respect some rules i would like.

(please ping when answering

rules like what?

Okay, so, i had a plan, that plan involved cleaning up/sorting my ips

oh I see it in #linux

Yes

so you want network segregation

Probably?

that's not done within a subnet

you want multiple subnets

Quite possible

so it would be like 192.168.10.x for VMs

192.168.20.x for LAN

etc.

Oh, yes, that works too

thing with that, is that you need hardware that supports that

Hm

what you described in #linux , no one does since it honestly has no benifit except for cleaness

I have an Fritz!Box Fon WLAN 7590 HM..

the best you could do is manually assign each IP via DCHP reservation

Yeah, i would just like cleanness tbh

but for actual network segregation you need hardware that supports VLANs

and multiple subnets ofc

that's what I have

then you can create firewall rules between these subnets

I hate that my stuff gets some random ip and that it has no real system under it.. kinda sucks to remember ips that way

run a DNS server

Well.. fair

it may be an option in the box

Im assuming my box cant do vlans?

prob not, let me check

Oki

yeah no

Usually speaking, i want my Proxmox Web GUI to be accessable via WiFi and LAN, but not via the VM's..
I want my WiFi and LAN Devices to be able to talk to each other

for DNS an common option is to use DHCP hostname for the name

yeah, I consider wifi and lan the same thing

both are lan in my book

I usually just call it WLAN

(W for Wireless obviously)

like I have all of this...

I should really get rid of the ones I don't use

Hm..

A bunch-

Probably stupid question..

If i take one port of my server, and tell the box to route everything to it.. and the server is maybe able to do some magic.. and routes back some vlans via its second lan port... Is that possible?

for it to be a router, technically yes. Would I recommend it, no

but it would be kinda useless without a vlan capable switch

well not really tbh if you just want LAN to be output

and just want LAN <-> VM segregation

if you really just want VMs to be seperated you could NAT them behind proxmox

https://pve.proxmox.com/wiki/Network_Configuration

Hm.. i dont really understand much of this...

I have a rough idea of what you mean

But i have no background knowledge

Or not really much

so basically with NAT, it basically acts like your normal router, and puts everything behind 1 IP

vs the current config, where it bridges, so everything is on the same network

That sounds good to me

But also kinda odd..

the problem with it is that you cannot directly access VMs

Why so?

since everything is on one IP, you need to port forward on proxmox

Well, yes.

tbh I don't like doing NAT, it's an ugly solution

Ugly, but leaves me with more configuration

I dont have access to "my" router

Its my fathers router, who agreed on this all, but i dont have the password.. probably could just ask for it but oh well

like if your goal is to clean up ips it kinda doesn't really help as everything is on one IP and it gets messy with ports and stuff

Fair..

Could I take a normal patch cable, and a normal serial cable, and cut them in the middle, and then solder the cables together to make a Frankenstein's monster 8p8c -> serial cable?

Well, main goals are Clean up ips, make an ip order system, and set up my server, so its console can be accessed by local devices, but not the VM's

For 1-10, i can just have the ips constantly set up

if fritzbox supports static routes I have an idea

would require router access though

or this would only work on PC that would require changes to routing table

Aka
.1 router
.2 wifi repeater
.3 powerline
.4 powerline
.5 powerline
.6 (possibly powerline)
.7-10 open for more

static routes, not IPs

Why not just assign static IPs to all your devices? Then shrink the DHCP range to start above for random devices.

That's what I do.

(well, i have access to the router, just shouldnt like, bother him with ip stuff everytime we plug something in

could do that, but they want a firewall as well

DHCP starts at 101, .3-.100 are reserved for static IPs.

https://en.avm.de/service/knowledge-base/dok/FRITZ-Box-3490/581_Configuring-a-static-IP-route-in-the-FRITZ-Box/ so it seems like it does

Good idea actually

But..

How would i go about getting the vms ip set up?

@crystal shale I have an idea that would work

I know DD-WRT could do vlans, I think the Nighthawk routers could do it stock too.

Do i just tell the vm to use like.. .69?

Im all ear

That's purely for looking clean and ease of access, it won't take them off your network.

Yes. Thats already one step close to completing all goals

But you can configure VMware to not show on LAN

*qemu

I don't know what you use, that's what I know. It is likely you can do the same on other hypervisors.

Yup

This isn't the "proper" solution, but it is a patchwork that would work until you have a proper firewall/managed switch.

Aka when i move out

Which will be probably still 2-4 years or something

so basically you would run a router VM (a software like vyos), and that would be directly connected to your LAN, like the VMs are right now. Now you would create a new bridge in proxmox and all your VMs would be connected to it. With some configuration I can help you (just not rn) create this type of setup.

Lets say you have LAN of 192.168.1.0/24
You can have like VMs on: 192.168.10.0/24

The router VM would have the IPs of 192.168.1.2 and 192.168.10.1 lets say.

Now with some super simple config on fritzbox, you will be able to access the VMs on 192.168.10.1 - 192.168.10.254 and on the router VM configure firewall policies

@crystal shale

perhaps a diagram would explain better

Sounds fancy

Does my base network still work if my server shuts off?

yes

Excellent

since it's only routing the VMs

Delicate

And i assume the vms wouldn't be able to access nor see my local devices?

if you configure it like that, yes

But i Could still ssh into them? (Probs not)

yes

You could configure that

you can configure it so they don't allow any NEW connections to your LAN

So basically the only gateway between your physical network and your VMs would be your software based router VM

but still allow NEW connections from LAN,

*mind blown*

and ofc still allow ESTABLISHED and RELATED connections

That sounds amazing

the only config needed on the fritzbox is a static entry to basically say:

To access 192.168.10.0/24, forward traffic to 192.168.1.2

Would you be willing to hele set that up?

yeah, just not at this current moment

Yeah

Its.. 2am for me

Not really in the place to do anything rn either

I would wake up at like 8, and need to get some stuff done.. so id be free from.. lets say 14 (12h from now)

Till basically the end of this day (22h from now)..

Is there any chance?

Would be nice to have it done "today", as school starts after, and that could mean a bit of a stress hell for me, so could be that i wont get to do stuff

But if its not possible, ill try to get some free time somehow

mmm

@crystal shale you still about? or crashed

I'm helping him

Does a network switch cut speeds?

a switch is basically just a splitter for what ever speed its rated at. so if its a 100mb/s switch - all ports would be capable of 100mb/s speed.

So basically if my speed was 1000mbps it would split them to 500?

no each port would be 1000mb/s

Oh alright

That makes sense ty!

is 300 mbps broadband good for 250$ per year?

Per Year? Yes

That’s a pretty good deal

the cost for 250/100 is $200ish/month here.

Can I ask for help about port forwarding here

Sure

it's pretty heavily router dependant tho so what are you using?

Secrum

Eouter

Some routers don't support it right?

most do. but with CGNAT things have gotten.. squirrely

secrum eouter?

Secrum router

model?

I'll see

S3 ac2100

secrum or spectrum?

Secrum

Sercomm s3 ac2100 Etisalat?

No

It's from xiami I think

Hey any Idea about this, I'm trying to login to my router.

means ERR_SSL_VERSION_OR_CIPHER_MISMATCH

aaa.... yes. can you help me fix that ?

what's the router and what's the browser?

Router:
https://www.amazon.in/Digisol-Gepon-300mbps-Router-Gigabit/dp/B079C1WJY1/ref=sr_1_4?crid=2YIMWIODVJ1YN&keywords=digisol+router%2Bmodem&qid=1650363465&sprefix=digisol+router%2Bmodem%2Caps%2C323&sr=8-4
Browser: Brave

hrm...

hrm...

@naive spruce have you tried reaching the router over http isntead of https though

yes tried that

Tried restarting multiple times no luck

it works fine

other plex server on other IP works as expected

just the GUI or the page for the router login is not accessible

https://www.digisol.com/products/ftth-solutions/gepon/digisol-gepon-onu-dg-gr1310-300mbps-wi-fi-router-with-1-pon-and-1-giga-port/ says it's EOL 😦

😭

it's probabbly built on some horrid. soc that only supports some subset of crypto that the soc can accelerate and sorry outta luck

@clear igloo I wonder if Extreme has any tunneling for the APs back to the WLC

They did when I worked with them

I don't see why they wouldn't now

For each network they can run in tunnel or local mode. Guest network can tunnel for security

@naive spruce there might be a option for your browser to enable unsafe ciphers

Use Firefox and in settings change the tls version to like 1

Ok that's what I thought

i need a bit of help with cloudflare DNS and http
I have a nginx running and a dynamic update client for cloudflare, as well as a minecraft server on the same machine

the minecraft server is accessible externally via cloudflare but for some reason nginx isnt.

when loading the page from outside of my LAN it says "timed out"
any ideas?

what's the nginx config like

port 80 and/or 443 is forwarded?

i dont have SSL enabled now for simplisity

the nginx config is the default one,

on firewalld port 80 is open
on the router 80 is forwarded and addressed to the host machine

in cloudflare SSL is disabled a swell

can you access it locally?

yes

from my other laptop it shows the default page for nginx

try using mobile data and go to your IP

and it's port forwarded correctly right?

i think so

its loading...

i think it timed out

:/

so yeah

ive checked logs
ngnix hasnt recieved any requests outside of the LAN

could be ISP blocking port 80, your port forwarding not being correct

hm

i really hope its not the former

ive forwarded 80 the same way i did for 25565 and ik 25565 works on the WAN

oh cool
cockpit can be accessed externally

In my case, my ISP does block 80, 443, 8080, and I think SMTP stuff but rest are opened to my knowledge, so you got to confirm that

that sucks

but its possible.

yeah cockpit on 9090 works externally

I wouldn't port forward cockpit

insecure imo

put everything behind a vpn

verizon doesn't block anything from my knowledge, I haven't tested SMTP in, but SMTP out works

I was suprised

kek imagine email RIGHT out of your laptop

yeah its very powerful
i only forwarded as a test

For the longest time I had my cockpit open on the standard port too 🥴

I was checking spam, and I saw proxmox mail

But yeah I'd guess it makes more sense to "local networks"

wow haha

oh wow
i think my ISP blocks 22 as well

rude

understandable. would actually assume anything <1024 is blocked

idk if it was spam cuz I had DKIM and spf setup for no mail, or because of my IP

22 and 3389 works in my case (SSH, RDP,)

Probably not IP, i mean how often do you see mail servers like from an ISP's IP used for residential stuff 🥴

all routers have 22 blocked by default, that's enough security
and besides if ISPs actually cared about security they'd make the login to the web panel not admin admin.
anyway

web panel is not accessible to the wan

true ig

users that care about security should change admin admin at the first (setup) time

well lots of mail servers blacklist residential ips

it just seems a bit much to disable 22 and 80 with no way to open them

it's not much

I don't understand it either

i'll call my ISP
see if its negotiable

SMTP I can understand

probs negotiable if you have static/business ip

for normal customer, they might just tell you no

it didnt occur to me that the ISP blocking was a possibility
thanks, this has saved me a lot of time

i'll switch ISPs then lol

my current one is pretty garbage anyway

If you even have other ISPs sure

hmm?

wait, you dont have other ISPs??

how is there competition, price regulation,

depends

sometimes in an area there's only 1

my whole damn country: only one

Simple. There isn't

what country

over here we have...

TPG, Vodafone, Telstra, Belong, IINet, SuperLoop, DoDo, Optus, AB, and a few more i cant remember
if you go way out in a rural area its pretty much just telstra, but its government controlled and generally pretty ok

UAE, don't let it fool you that we have two different ISPs here, the prices and stuff are basically the same, and availability of home fiber is great on one of them. Other one is only good for telecom

huh

Fiber available in my zipcode... not at my house.

The local fiber company just finished installing all the conduit on our street. I'm stoked.

Anyone know something about Proxmox and how to setup certai IPs in VMs, because i can't get it work.

if you wnat to setup the IP of the VM you can do it in the OS of the VM

Thats nothing that should be configured in Proxmox as far as i know

Yea already tried that, but anything i setup there, it just don't work.

elaborate don't work

which OS does the VM have?

For testing the network Im using Ubuntu desktop

If you want to setup your IP and its using DHCP you can do it thorugh your Router to

IPv4 i want

Yes

IPV4 you would get

What Router do you have?

Im also using addresses that host gave me, but i think i should use some addresses from proxmox right?

no

🤷 ?

Your VMs do have different IP adresses. For what do you need the IP Adress?

I just want have VM with separated IP from proxmox

Thats something you already have

Yea probably, but when i setup the IPs in the VM still the VM aren't able to get on websites

If you check under Network the IPv4 adress you will see that it's a different one than your hosts

The VM doesn't have Internet Acess?

Did you set Static IP?

can you verify that the IP in the VMs are one used in the subnet

I did

have you set the dns Server and Gateway?

Explain

what static ip did you used

proxmox by default is in bridge config

no

so it's on the same network as the rest

the second i have from host

it will get IPs from your router

Just make dhcp

I setup it manully so it won't

yea just make it dhcp

And it will make it all themself

No

why do you even need static

then what's the issue

Because its server!

Whats the matter?

its server

my server is DHCP too

dhcp reservation ftw

Well basically its not when its all on proxmox

the what

I don't understand

vlan maybe?

If you want it to set Static then you have to fill in the Gateway and the DNS Server

with your Routers IP adress

Have you tried to ping the vm from your computer?

I still clearly don't underestand

no

What have you configured in Ubuntu?

what are you trying to solve

that's why use DHCP

No

For server you don"t use DHCP, thats dumb

he can't connect to the internet

many actually do

static IP managment is hell

we are all dumb now

But me not

You can just set the IP in your Router

that is true

You stop writing if you not helping

because it's not dumb. But anyway this a a cloud hosted proxmox instance?

have you put in a gateway and dns server?

what's the exact info your host gave you

you can censor ips if you want

because I feel I am missing information

Thats not much informations for me 😄

Have you control of your Router?

from what I understand it's a cloud hosted instance

Do you know your router

ofc you won't have access to the router

ah ok

No i don't

It is Cloud hosted?

Or do you have it at home?

Datacenter somewhere, so its bare metal proxmox

might you send a photo of your ip config in Ubuntu

then we might can help you better

Its just IPs that i have from the host, etc.. gateway and netmask

so you can't use other IPs, since it isnt yours

How are you controlling it?

If i can't why the proxmox website is working via IPv4?

Proxmox have ip baremetal from router from the datacenter somewhere

I just have the IPs available that i can use them, but i can control them in the dedicated server

so use those IPs

how it available? it same subnet with proxmox or you nat?

what's the issue

No i mean. Do you use VPN

Or Trough a website

Bro are you actually dumb? I writed so many times that i use them 🤦

No i dont

asks for help
calls people dumb
💯

how do you acess it

?

and what's the issue you are running into

I'm trying to understand you

Writed it many times, but from you i don't want help.

you said it doesn't work

He's dumb you guys not 😄

He can't connect to the internet as far as i understood

what doesn't work

assigning?

on a ubuntu vm in his Proxmox he set static ip with the configuration he got from his server provider

@viscid mural Can you ping the VM?

No

But how i can ping it when the IP there won't work

did you set a default gateway

To figure out the Problem i wanted to check what works

The providers

Should the second IP work if its opened for my Dedicated Server?

Did you get private or publice IP Adresses?

All public

Have you tried to ping your ip?

The server ip or my IP from server?

the public ip of your ubuntu vm

100% loss

Well if the IP is for the bare metal server should it work to ping?

When i dont have the vm

Yes

Can you ping your proxmox?

Yes

@viscid mural

what are the gateway settings for proxmox

that gateway i got from host

and you set it in the VM, right?

Of course

if you do ip route show it shows the gateway

hmm

@viscid mural https://pve.proxmox.com/wiki/Network_Configuration

what does your /etc/network/interfaces look like

In that is everythink as good

If i would need wikies i won't come up here

I think what you will need is a routing configuration

because of this

Most hosting providers do not support the above setup. For security reasons, they disable networking as soon as they detect multiple MAC addresses on a single interface

"above" references the bridged configuration

I would talk to their support because obviously I don't how how it looks

They have it allowed cuz they also have tutorial FAQ how to setup multiple IPs on proxmox

hmm

I assume you followed that

Yes

I added the additional ips tha i've got there

I would contact them, I can't help much without specfics

i agree

@jaunty talon happy bday

@clear igloo hallo

@waxen scroll thanks :D

Happy b-day!

thanks! :)

My internet is 40 mbps help

How I can got Subnet? From Adress and gateway?

kinda

you can makeup a subnet that the gateway is in

but you won't know 100% unless it's explicitly stated

common one is /24

When i have /32?

Im trying to install Ubuntu server now... but its keep telling me that ip address is not contained in the subnet ..../32

a /32 is a single IP

it's a weird one, since it's kinda not a subnet

so it's not really possible for that to be your subnet, unless for like networking stuff where's weird

So what if i set up subnet/32 same as IPv4 for that OS?

wdym

oh

I guess you could try

Well now its not throwing errors

yeah it won't, since it's part of that subnet

Money is the answer

Then how will it reach the gateway?

Yeah that's what I was thinking

I forget which version of Ubuntu I tested this with, but I was testing /32 with a default to the gateway in which the host was within and it did work. I only attempted it because I was looking at L3 down to access layer/host designs and ran across a post about it

Interesting, I guess I can see how that might work

I have a suspicion that it was not 100% intended to work that way lol

Haha, I'm sure 🙂

An undocumented feature 😄

Meanwhile many vendors still struggle with /31

I'll take a /31 or /30 over a /126 any day of the week 😄

/127 I can deal with just fine but 126s are such a pain

We have /127 only for transport links, do not think I have run into any monster requesting to use /126

with OSPF duh

Anyone know why this started showing up today?

And more importantly, how I get it to stop? I don't remember setting up network credentials.

Nevermind, figured it out.

Had to do the things the tutorial said, and then restart.

hey guys

a friend has been having a aporblem with his wifi where it disconnects out of nowhere then it doesnt show up on the networks menu anymore

for like 5 minutes then it comes back

do you guys think its a drivers issue or shitty mb wifi

I was gonna suggest for him to buy a wifi 5 pcie card

but idk if thats gonna solve the issue as i dont even know the reason

can anyone help me with SMB it used to work fine then it stopped (truenas). works fine on my laptop. someone said smth with smb1 and idrk so any help would be appreciated

Have you tried Diagnose? Its rarely helpful, but sometimes it is...

says cant resolve the issue

Hmmm.... No Idea... But if it is SMBv1, you can enable/disable SMBv1 In the "Windows Features"

Have you tried wireshark? It tells you exactly whats wrong. Just gotta know how to read packets!

My SMB just randomly decided, that I wasnt allowed to access my server...

i did with a registry edit should i do it with that then?

well it works fine on my iscsi share

I think its a good idea, and you might need to restart, before it actually takes effect.

ofc you say that lmfao but alright

right after connecting it says this

the blue stuff looks like its just iscsi and after a while it come again

thicc boi

I thought the issue was SMB. thats not over port 80

SMB uses Port 445 and 139... Maybe try those?

it is, idk why it says that

filter by those?

how do

Dunno, I havent used wireshark in ages....

i saw this idk if it matters

tcp.port == 445

what about 139?

same thing

🤔

works with 80

https://cdn.discordapp.com/attachments/387022787480387605/966393236753121390/unknown.png

you got that message when running the wireshark?

oh wait

i connected and it asked for credentials but i opened wireshark

ok trying again

takes a while to get that message

hoh

when entering my password it just pops up again

then it says this

wireshark:

😵

aaaaaaaaaaaaa

Soo.... Entirely different Samba-Problem: I cant access my share via Samba, because apparently I lack permissions to access it, but I can touch files with that user in that share without problems (via ssh) and the share has me as Valid User in its config section.

Ah yes, solved it. It was just Windows doing Windows things...

anyone got an idea?

I had this happen to our production kace SMA appliance where credentials are right but it refuses to go and mount it. windows randomly decides when it should work and I really hate that behavior

do yk fix?

unfortunately no, it still happens here =/

we don't use the smb share at all, I had to use it to do upgrades

ic

thankfully it's not for anything else in our case

i just clean installed my pc i dont wanna do it again ruijghnberuiyjsdfbn auoyzhi<jkb

ughh ik, I hate setting everything up again

networking has been plaguing me like BIG ass time last time i couldnt get port forwarding and local ipv6 smth to work and now it doesnt wanna use smb liuke uhrgfnesdijgokhbneasyiu<ojgb

what is "insanity"?

I thought v6 didnt have port forwarding like v4 does...

it was for parsec

and like only within the pc

But Parsec uses UDP-Holepunching, right?
You dont need to forward anything,right?

idk one of their mods said it

I fixed it tho

by clean installing

This basically says your PC needs ipv6 support, even if you dont have ipv6 internet. no port forwarding there anyways...

yeah like i said lmfao

oh well, ignore my stupidity plz

Hi,
should I get Netgear GS308-300PES or Tenda TEG1008D switch for my home? Just need more ports for NAS, Raspberry Pi (Pi-hole, Wireguard...), set-top box...
Thanks

Either would work

Tenda is EoL and I couldnt find out if it is unmanaged switch.

If you have VLANs or anything advanced going on you're going to want a managed switch. Otherwise unmanaged is fine

...do I even need managed switch? First of all I should optimize my routing, cuz I have a lot of hoping on and from switch.

For most users unmanaged is fine

Do Docker containers count?It shows multiple network interfaces in GUI.

No, that should work fine with an unmanaged switch.

Great. Thanks.
BTW - Now that I have Synology...it has 2 LAN ports. Does it have something to do with Link Aggregation option in my router settings?

not sure on that

I would think the synology would do it automatically

Probably. I'll get all info and probably come back in half a day back for info on optimizing my setup. Like console, DNS recursive server, NAS, TV and Shield on one switch...not a great idea I think.

I really need to re-do my network closet haha

I want to get a 24 port UniFi PoE switch, and a Dream Machine Pro Router

switches don't do any routing

doesn't really matter

But...all that traffic through single cable...

and?

I mean yeah it's going to be limited to gigabit

Couldnt I optimize it so PC and NAS is on the switch, so it can route it on itself and not through router?

if it's on the same subnet it already does that

oh...

router or L3 switch is only needed when going between subnets

Yeah, they are 255.255.255.0

that's the subnet mask yes

everyone these days uses CIDR format, so the subnet would be something 192.168.1.0/24

Should I split my network on subnets? Everything is on that subnet.

if you want

I do

Yeah. 192.168.0.1xx

seperate WAN servers from my LAN

since traffic will need to go to router to go between subnets, you can add firewall rules

Like I dont have IP cams or aother iot devices, so...its not too much for the user's eyes

Gotta educate myself on this more...

Does anyone know to get around vpn blocking? I have an OpenVPN server on my router that I connect to from school, however my school seems to be blocking the connection. I used to solve this by changing the port number for the vpn but that doesn't seem to work anymore. Any ideas?

They can block it by "DPI"

Long story short use a different alternative, Try Wireguard for example

My router only supports pptp and OpenVPN so idk how i would use a different service

Run a server on a seperate device and port forward to it

You could also try something like tail scale or zerotier which doesn't require forwarding

My school blocked UDP completely, maybe switching to TCP works... Afaik OpenVPN supports this.
Its generally not recommended, but worth a try.

Seems stupid

Blocking udp that is

Blocking UPD? Yes, it was, I never understood why...

I'm on TCP and it doesn't work

They seem to have blocked everything

I've tried other free VPNs as well

Even ssh? xD

Nope not ssh

I could do that ig

tcp over https

found this https://github.com/jpillora/chisel

Its pretty Fast: 100MB in 36s!

Faster than I expected tbh

Proxmox & networking, somebody?

I have 2 IPs, 1 for proxmox ve.
And the 2. I want to have it on VM, where i don't know what Subnet put there.

Is it an internet facing IP or is it a private IP?

all public

Did /32 work?

I assume not

if it's public you'll need to get it from whoever provided the IP.

cuz it'll need to match their networking config

Subnet Mask and Subnet are different things right?

yes

What's the first octet of your IP?

Kinda

They are different, but you can derive subnet mask from the subnet

uhhh 37? what IP the first or the VMs ip?

First set of numbers.
192.168.1.124
First.Second.Third.Fourth Octets

with a 37 subnet, you'll need the IP Provider to give you the subnet mask, and potentially the gateway as well.

Gateway is what's really needed

Again as I've been telling @viscid mural your provider has to give you the details

You could potentially check the proxmox host network settings and find what it uses

But proxmox could be on a different network

oh then 32

No

/32 won't work since there's no route to gateway

I have gateway

usually when you are given IPs, you're given 3 things:

IP, Subnet Mask, Gateway

So it could be (Entirely made up numbers):
23.147.159.48
255.255.128.0
23.147.128.1

I have all yes

you have all 3? Then why are you asking about the subnet mask

Problem is /32 is not a valid subnet mask

Well it is

But not for more than one IP