#networking

i mean the url

who decyrpts it in order to know where to route the request?

the end server

a reverse proxy, load balancer, whatever

who is that end server

yes

wait, let me check on that, but pretty sure like everythin gis

i assumed the payload was encrypted, not the url. so that the request can be properly forwarded

the website

well but to reach the website you must read the url

you don't

to route over the internet?

that's the job of the DNS

how do you reach abc if you can't read www.abc.com

routers route the traffic based on the IP

abc.com is 1.2.3.4

how does it know

if it cant read abc.com

IP is not encrypted

have you read what DNS does

fundamentally

?, all client needs is the IP of abc.com

you need to a) block dns lookups to a certain website

but how do i know the IP of abc.com if i cant read that the request is for abc.com

b) block any alternative way of accessing dns servers

wdym

let me find a diagram

it actually sounds like you need to read how DNS works

c) block any request going to an IP address that is known to correspond to abc.com

dns convers a domain to an address, but the domain has to be read

d) block any other way of tunneling traffic out of the network (vpn, proxy. etc)

if it's all a closed box, nothing could be done with the package

"hey, send this box to its address."
"what address?"
"ha! encrypteeeeeed"

it's transport level encryption

you don't encrypt the IP, so the ha encrypted is incorrect

but how do you know the IP if you dont know the address to translate it

the client decrypts it

but the router can't

but the request starts from the client with a https request to www.abc.com

look into SSL encryption

it cant be immediately encrypted otherwise it couldnt be routed

give me 5 minutes

not really

i need clarifications 🙂

@jovial shard kinda high level connection process

did you just do that?

ye

didn't show https connection process

"what is IP of google.com". so its visible then

well that's normal DNS

with normal DNS yes you can intercept and block/posion

DNS over HTTPS is different

found this https://datatracker.ietf.org/doc/draft-ietf-tls-esni/?include_text=1

dns over tls

wait no, idk what that is

that is to cover up the dns in the original request

Importantly, the service provider does not have access to the plaintext of the connection beyond the unencrypted portions of the handshake.

this is the aim of this rfc

this suggests it is still open

*When a client wants to establish a TLS session with some backend server, it constructs a private ClientHello, referred to as the ClientHelloInner. The client then constructs a public ClientHello, referred to as the ClientHelloOuter. *

making a foo request first

DNS over HTTPS, see it's completly encrypted

can't intercept

ok that's an understandable diagram

understandable, have a great day

you have some problem, @unborn sluice ?

well, @unborn sluice thank you for doing nothing other than being the opposite of help 🙂

@peak cloak thank you for your patience and going the extra mile in being a substantial help 🙂

@sudden kayak thanks for tips

@pseudo blade thanks for the suggestion

DNS over TLS is separate from DNS over HTTPS

and yeah he's just like that

also my tips were more meant to convey that it's not really practically possible unless you have full control over the client and MITM everything with added root certs

it's for my home router and try to block some stuff out for my kids and myself

Could try DNS blocking, but they will learn how to get around it eventually

perhaps, but until then one does what one can

wasnt dns blocking the one that could not be done because the dns was encyrpted within the https request?

well normal dns blocking

as in not encrypted

once they figure out how to use encrypted dns then it won't work

ah i see

well it'll have to be a mix between dns and ip for the time being

are there any sites doing updated ip lists?

(at least for the popular sites, not a "local dns")

dns blocking is enough if you're just trying to keep casual users or kids from getting to stuff they shouldn't

you can use a pi-hole and just add whatever additional sites you want to block to the list

and as a bonus you get network wide ad/tracker/malware domain blocking

with a pi-hole i dont avoid having to use a downstream router

so it would be the same as having one with extended capabilities like the one suggested

a pi hole just replaces the router's built in DNS server

you can set it up with any router

or just change dns settings on their PCs

for younger kids that's probably enough

the sad part is that the "modem" provided by my ISP does not allow me to specify a custom DNS

ahhh yikes

so i only have control by adding hardware downstream

i missed that detail. wow

i did not mention it , sorry

ah gotcha. but yeah you can probably just put it in bridge mode and add your own router anyway

yes, that's what i was thinking. take its wifi down, bridge it to something extra downstream that provides me some more control

yep

i do have a Pi but i might as well add a more capable router downstream

well. what ISP? you may also be able to just replace it completely to simplify the setup compared to bridge mode

the isp provides me with a coax cable

i'm not in the usa

ah gotcha. if it's DOCSIS you will have better results w/ your own modem

but the practice of charging to rent a modem even if it's just in bridge mode is mainly a US thing

probably, i get internet and tv in it

ahhh the TV part may complicate things... bridge mode is probably fine then

best is to have seperate router and modem

yes, that was the original plan 🙂

but the whole encrypted dns kinda screw*d me

so it know requires me to maintain an IP list

Anyone here have any exp with reverse engineering bluetooth protocols?

Ikr

Isp provided modems are crap

@clear igloo

Yeet

Main SSID is 802.1X now

I can't bother with stuff like that

cloud based do1x radius?

yeah

nice

it's connected to Azure AD

LDAP via cloud as well.

$$$$

free

https://jumpcloud.com/pricing

Azure AD though is pretty pricey no?

I pay $5/mo/user

Ah, I was thinking it was more, that's not bad

yeah pretty affordable

What do you think is the best browser for managing multiple local IP web interfaces?

I'm an azure support engineer and I simply hate azure AD, imo there are better options like google or AWS

I mostly hate the inconsistent GUIs between links on a ton of Microsoft online stuff

That's if I had to pick one major gripe of course

I also hate it, if MS was organized I woudln'd have my job

@clear igloo got rid of on site NGINX, also got rid of opening 443/80 to the Internet.

nice!

can someone help me with SSH on windows 11

i've set up OpenSSH and enabled it but i can't connect to it from clients, it says authentication failed on my phone

did you allowed your user to connect?

I wonder for Microsoft's habit of having wildly different UIs, do they have design teams working completely separately with no one guiding an overall design to work towards?

It's MS... they definitely have that.

how can i allow it to connect?

https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_server_configuration

but i tested it here with a vm

and it worked without it

when i do ssh username@ip address then it asks for a password

but my windows has no password on it

did you use your ms account to setup windows?

no its a local

so try it with no password

is there an app you can recommend for iphone for ssh

I don't know any ssh client for Ios sorry

i try it with no password and it says access denied

is there a default password specific to my ssh server

or do i have to enable something on the ssh server?

i just installed OpenSSH and allowed it through firewall and that's it

Thats what i done but I use a ms account

is there any difference?

and the password was my ms account password not the local password

I couldn't find any in the docs

i have a ms account logged in tho

@wide swan what are the public keys or private keys do i have to setup any keys ti gain access

I didn't set up any keys

It worked fine

and what about the passphrase?

Can you try and set up a password on you user

or create a diferent one just to test

a password on my windows user?

yes

aight

@wide swan it worked

With the password on you windows user?

the password and login of the new administrator user that i made

but there's something wrong with my main user

why wouldn't it login with my main user?

is it because i enabled access blank password logins through remote client

or maybe wrong username

i guess that there is some policy about blank passwords just like you have to enable logons with blank passwords with rdp

nope, has nothing to do with blank passwords

it's a wrong username for sure

do caps matter?

sure? because I know when you try to enable rdp there is a policy that prevents users with a blank password from logging in

yes that's why i disabled that policy so i can login with no password

but ssh has nothing to do with it

what kind of error are you getting?

access denied

this might be stupid but i'm trying to ssh to my own pc from cmd just for testing

I don't know if this works

there is something wrong with the username, do you think it's spelling or keyboard layout?

did you edit %programdata%\ssh\sshd_config and see if theres a PermitEmptyPasswords

there is a command to get the username

i don't see PermitEmptyPasswords in the file

look near the bottom

right above GSSAPI

does it have to be yes or no?

would have to be a yes for what you want, and remove the # at the beginning.

i assume this is on a home network?

not the best security idea

yes it's only for local use

i don't care about security of it it's fine

@clear igloo Lmao, ISP sells an overpriced ($75) battery backup for the ONT. And it "only works" for the ONT because it's using the power connector from the ONT.

make those changes, save, then theres probably an ssh service to restart

FTTH? is phone service over fiber too?

Yes

i thought battery backup was a requirement for 911

like fiber ISPs had to provide it

apparently not

, to offer subscribers the option to purchase a backup solution capable of 8 hours of standby power,

I had a modem with battery backup as an option, but it's not provided

I don't even know if fios ONT has it

i think my ISP provided one, didnt think to test last time my power went out

my ONT just has this 7 pin block with 12V and comms to the UPS

ah they do, as an option, but it only works for voice

I just have mine on a UPS though with everything else

same

@dry bronze uhhh

I want a new UPS though

you probably have to open your text editor as an admin then go open the file

Just for ONT, router, switches, and APs

my setup is small enough

I have an overkill UPS

1500VA

i dont remember the VA of mine, 330W. smol homelab

I use like 20 - 30 watts

My ONT consumes a max of 15W, new router will consume a max of 10W, switch 1 consumes a max of 56W, switch 2 consumes a max of 12W. APs max consume: 8.5W, 9W, 6.2W

Did you have the Adtran or Calix ONT?

All networking consumes a max of 116.7W.

Adtran 452

You should be good for just straight 12v output. I may have the docs for pinnout.

Juan loves adtran

Well yeah, but I just have a wall wart inside lol

🤔 I wonder if I can get blob an internship.

Oh its not on a UPS? Do you have any POTS lines?

I do

I have my own UPS that my whole rack is on as well

I was curious if the ONT had a 12v UPS installed by the ISP. At least in NY we're required to by law for min 3-4 hour standby for e911 with POTS

nope 😂

i wonder how many 10 gig customers they have

huh

sounds like ISPs only have to "Specifically advise every subscriber...of the circumstances under which E911 service may not be available" at the federal level

verizon ipv6 going

still not available here

my ISP's parent ISP/company says they are deploying dual stack finally

but not mine yet 😐

And apparently they offer dhcp ip reservations for residential

😂

they have one /28

the other ISP here has like no mention of ipv6 online

Twin Lakes provides “Dual-Stack” IPv4 and IPv6 connectivity for all fiber to the home broadband services.

this is all they say on the parent ISP site

absolutely nothing

i wonder what unms connected devices my ISP has lol

I was thinking of maybe one day getting a Juniper SRX300

i was looking at a srx for a while

My juniper friend was pushing for a SRX, fortinet friend was pushing for a fortigate

I eventually went with a fortigate 40f lol

I could maybe get an older fortigate or sophos box for free from internship

i want a pan 440

we have so many old unifi APs

like almost 2 bins of the old ones

i bought my fortigate through avfirewalls.com

lol how much are those

never a good sign

probably $1,000ish

lol yeah

my quote was slightly below this

might buy an old pan 220 at some point

but not really worth it, i prbably would never actually put it at the edge. just as a tap

as much as I like older stuff bc it's cheap, the power usage 😩

the problem im having as i looked at used servers

yeah...

That's why I want a separate UPS for networking and servers lmao

just get a giant 3 phase eaton or toshiba

lmao

Since my company merged with an ILEC like 30 years ago, we inherited their regulations.

i wasnt sure where to ask and ik im not really supposed to ask questions like this here but ive asked in #tech-support before and i just got ignored so, are there any ISPs people can recommend, we've had verizon for like a decade now and theyve been nothing but awful however my mom refuses to switch but im sure she would if there was a better ISP for less money so

trying to download libre office btw

verizon fios?

I assume verizon dsl if it's that bad

because verizon fios is good

i doubt its fios, we've had it in this house for like 6 years and it hasnt been changed at all

get fios

assuming it's dsl, verizon wants to get rid of dsl eqipment anyway

show pic of modem

its like this but even older

can you take a picture of the back of the actual thing

or find a pic that has exactly what yours has on the back

or get the model number

its this one

thats not dsl, hmm

where does the WAN cable go to

@wooden shore actually

what does it say on the front

like this

is there DSL label/light?

if you could get a pic it would be much simplier

thats the best pic i could get

yeah it doesn't seem to be a dsl setup

slow speeds can be the result of wifi, bad wiring, and ISP issues

do you have something like this on the outside

the WAN cable goes to a solar city thing???

idek

verizon fios (at least in older installations) installed the ONT on the side of the house, and used coax cabling to get the router in a good place

if you really don't know anything, I would get a tech to maybe come out and check

but I would first connect PC to router via ethernet to get rid of wifi being the issue

theres this

sorry about the quality

yeah that looks like fiber

...

yeah ill talk to my mom about it, thank you

its fiber, but they are using the tv service also that is why they ran the coax.

verizon fios is generally good, I have it it's great

well older installs too

they used to use coax, since it was easier

ONT -> MOCA -> Router

idk exactly what they do these days if you have like gigabit service and TV

I have only internet

I'm shocked my ISP isn't throttling me

This is over the past week from just 1 device. Residential service

i wish i didn't have to use shitty ass 30mbps lan because wifi

The old actiontec routers that verizon provided with the fios service were horrible. Basically for along time the router would suffer memory leans and become extremely sluggish. That would then result in reduced throughput, and latency issues. It would also cause issues with on-demand service since while the coax and a separate spectrum was used for TV service, on-demand content was streamed over the internet, and Verizon would temporarily increase the WAN speed while viewing on-demand content. but when the router was slowing down, the extra performance wouldn't do much. Thus their router needed to be restarted regularly to maintain performance.

I had this model during that time period. (insanely horrible).
They eventually fixed some of the issues, but by then I had run some CAT 6 , and had them switch from MoCA to to Ethernet on the ONT, and then used the actiontec as a MoCA to Ethernet bridge so that the DVR/STB could get guide data, on-demand and with the proper ports forwarded, the remote DVR service.

Eventually the fios G1100 router that they started giving everyone who was still on the older stuff turned out to be pretty stable, though quite limiting in features, and the WiFi performance was horrible compared to routers that were a fraction of its price.

Though it can still have the MoCA and LAN ports bridged, then disabling WiFi, DHCP and any other extra functions you find, and then just use it to provide internet connectivity to MoCA enabled devices like their STBs which even though they have an Ethernet port, Verizon disabled the Ethernet function so that people would be forced to use their router.

PS, the mi424wr rev F was fairly okay in that it was at least able to not crash, but performance was inconsistent and WiFi performance was horrible as well.

Well that's one antenna so I'm not terribly surprised

One antenna on 2.4ghz too

anybody know of public american iperf3 servers?

https://iperf.fr/iperf-servers.php scroll to the bottom

That is a good site to have in favorites at work.

both are sadly inactive

i just connected to serverius' and it is only sending back 12mbits and 5mbits, when i have 1.2gb up and 40 down. tried it at my server where i have fiber and same result. every iperf3 server i try same results

one stream or multiple

one

slap some more streams on that badboy

im just simply running iperf3 -c ip -p -t 30

slap on a -P 5

to start with

after setting the time?

yeah

tells me the control socket closed

:(

              number of parallel client streams to run```

its only transferring like a mbyte a second lol

usually run like 40 streams or so when doing minor tests at work - but with temporarily hosted iperf server and such..

yea i cant seem to find my max bandwidth

no idea wtf is going on

http://ping.online.net/

try that one - tested from work laptop with 10 streams and seemed fine

ignore my poor choice of color in the iwndows terminal :P

THERE WE GO! 40mbit/sec, lets do the reverse

-R ?

yes

👍 fingers crossed

reverse only gives me 54 😦

I got diddly squat :D

damn haha

yeah i think office firewall might be blocking it

(sshed into my work laptop at the office)

the reason im wondering is because my plex server that has fiber 1gig up and down has been unable to upload media larger than 15mbps

15 MBps? 120 Mbit?

MBps

Yeah so 120 Mbit ish then - wifi or over cable?

ethernet both ends

wifi doesn't properly work either

ethernet over wifi any day of the week

consistent buffering no matter what 🙃

until 7 comes out 😉

Ethernet over wifi any day of the week

haha

work a lot with wifi

But just to see I saw right when I scrolled up, you have 1.2 Gbit ..Upload and 40 Down?

haha typo

my home where i am at has 1.2 gb down, 40 up, PMS where i've been testing the connection using iperf3 has 1gig up and down on a fiber connection

Ah okay then im following

guess PMS is on some VPS host?

family members house LOL

they got fiber so i hauled it over there

yessir

Then it sounds damn strange you are getting such low throughput...

yea i'm very confused

they're not throttling your server over the router are they

i think they are

[SUM] 0.00-10.00 sec 68.1 MBytes 57.1 Mbits/sec 9 sender [SUM] 0.00-10.00 sec 61.8 MBytes 51.8 Mbits/sec receiver

PMS 🙃

linux host?

w10

Like it is what it is - but what do you get from like speedtest.net or fast.com

full

900 / 900

but i wonder if they're not throttling port 8080

or deep packet inspection

got another url for you then - unfortunately hosted only in europe but they have an FTP you can upload (or upload via CURL even) to see how it goes over well. normal ports

http://speedtest.tele2.net/

cant seem to connect

were you able to?

thanks windows dialogue for being useful and showing speeds - oh wait

LOL hold on

man these dialogue windows are useless

yea it just opens my browser lol

gonna give it a try with filezilla

gaaah no i dont want to install it I just want a portable one jesus

haha no worries, i honestly think the whatever the ISP agent did fixed the issue. still not sure why im not getting full bandwidth using iperf3 but PMS seems to be back to normal

🤞

It would be nice if there were more public iperf servers available but..bandwidth costs

ill play with it for the day, i appreciate your help. been trying to figure this out for a week, going over every detail i could and it pains me to come to the conclusion a simple refresh or whatever fixed it haha

bandwidth dont grow on trees!

"come to the conclusion a simple refresh or whatever fixed it haha"

https://tenor.com/view/it-restart-gif-21531929

yea i dont think it was a refresh, something BMT, couldnt understand the dude

fingers crossed it remains stable - ill go back to enjoying morning coffee and WAN show

miss so much being away from home for just some days

enjoy my dude, thanks so much again for your help

lol, that's a pricey battery

It's pricy for 8 hours, especially if it disables everything bar voice

I'd pass on that in favour of a UPS if power was a concern

Yah

They recommended that I just put it on my own ups after they saw my rack lol

Does anyone have any recommendations for high-speed Access Points? not Unifi Ubiquity, I got some of them and they suck.

@clear igloo holy fuck

These are awful lmao

Unifi is generally good, but another relatively budget brand is TP-Link Omada

Aruba is a more pricer option

Aruba, I didn't even think of them. I have one of their switches. Hmm, going to check them, thanks

Yeah, they might be but I have an issue and everyone I talk to doesn't. I have tried adding additional AP to my house, I have optimized the wireless signals and gave channel separation and everything I can think of, yet I still have wireless devices that just lose connection for a while.

Now I just have to figure out which one to get, lol

lol, I've been looking at new APs but UniFi still continues to work for me

;-; y u do dis?!?

not me

but why you not censor that pain

lmao

me when first making cables

thats how i terminated cables when i was an intern with my middle school IT department at like 12

actually idk i think i did marginally better than that

how to you get the windows 7 copying background

Good question

sat here like... does dedup on windows server even work

from how i gather, you have a chunkstore, and files are inside the chunkstore after it scrubs the volume etc...

but when you literally have a multiple of the same file and you can see the allocation size of the file it present on a copy, you can tell quite clearly it hasn't dedup'd

so you do a little powershell, or run the scheduled task, de-dup now pls... it runs, finishes instantly, and no change.

wish there was an option on the file properties. Dedup this now pls and this time do it?!

nvm, me being me. the file was younger than the policy 😄 Rage averted

@dense fulcrum I kinda like the tplink omada stuff

Ubnt works for all of my network needs

https://techxplore.com/news/2022-05-teleport-quantum-rudimentary-network.html

👍

what doesn't work for me is there routing solutions. I tried the edgerouter xg and it was too loud for my use case. if they could make a 4 port 10g or 25gbps router, thatd work so much better for me

i don't feel like using ubiquiti for routing anymore

er-x is awful, usg is slow at management, and my udmp drops packets like crazy on wan

on top of not having many features

i pulled out my udmp and using a temporary router until i get my new router lol

Meraki?

fortinet

@rocky badge New extended battery module for UPS installed. For some reason, after you configure the main module to reconfigure itself for a second battery module you're not supposed to wait when the screen says "Please Wait" otherwise the remote management card doesn't come up, just keeps rebooting itself (but thankfully not the UPS)

lmao

Added 90 minutes of runtime though so I'm at 2 hours 😄

nice

Is this bell fiber optic?

That's a tree

Might be fiber on the pole, hard to say for sure

Yeah I wonder what that box is

Hello, I am thinking of building my own nas and doing so using truenas. I have a couple of questions i hope some of you might be able to help me with:

1. Can you use microsoft authenticator as a 2factor authentication?
2. Are there more security functions for online acces i should know about(i dont want to become a proxy for some illigal shit)
   3 can i set it up with multable users and each give them a set of storage while still having controll as owner?
   4 can i set it as a network drive on my windows ans mac computers?

kind of twisted for fiber.

I see

Phone?

1. yes, although not the Microsoft way with push notifications I think. The standard is TOTP which I bet both support
2. VPN
3. Pretty sure yes
4. Yes

This is the place to ask about Wi-Fi stuff right?

Depends. If it's basic troubleshooting perhaps #tech-support. Otherwise yes

I think this applies then. What’s the likelihood that coax ports on the same plate as a telephone jack carry internet?

Hard to say

Depends on where it is

Where you are

The presence of a terrestrial antenna if it is a likely location for a television

Alright

I plugged a modem in to see if it’s getting signal. The upstream downstream status life just keeps flashing.

I'd say it's not unlikely

But plugging in a modem is definitely an easy way to test if the service is connected to it (but won't tell you if the cable goes anywhere if not)

Are you paying for a connection?

Yeah

Incidentally this isn't really a WiFi question

Apologies

What’s the appropriate channel

#tech-support

Thank you

guys is someone kind enough to help me in a vc to setup a windows file network windows is fucking with me

Hi everyone I have some POE ethernet questions, I have a Hikvison HVR with one ethernet port connected to a switch witch is connected to all of my 6 cameras and to my router. And I want to have a POE switch instead (the cameras are POE capable) . So my question is will I fry the HVR port and my router port if I connect them to a POE switch?

get a POE switch. trying to run off the 1 port wont be enough power for your cameras you can if you wont but you would need a power plug for each of the cameras and for a home or biasness security it would be easy for some one to come a long turn them off

Provided you get an active PoE switch and not a passive PoE switch then yes you're fine because PoE is auto sensing and will only apply power if it negotiates it

Is a active switch the same as a managed one?

active/passive are poe types

Okey I was thinking of getting this one then but what do the two ports at the left do?

It says 8 x POE+ and 2 x uplink but what do I plug into the uplink?

Active poe doesn't have to be managed, but it can and most often is. Same with passive poe, those switches are usually managed

Those are sfp ports

But really you can just router plug into any Ethernet port

Given this

I solved my IPv6 woes issue!

https://www.intel.com/content/www/us/en/download/19174/disabling-tcp-ipv6-checksum-offload-capability-with-intel-1-10-gbe-controllers.html

In some situations where a client machine is connected via some specific Optical Network Terminals 
(ONTs), and data is appended after the packet checksum, the network adapter can drop receive packets 
when using TCP-IPv6 Checksum Offload for receive traffic.```

1. Before proceeding with any changes, create a restore point or otherwise ensure that all relevant 
files are backed up.
2. To disable all Intel-branded network adapters in the system, download and run the PowerShell 
script DisableChecksumOffload.ps1, included in the package with this document.
3. Alternately you can disable TCP-IPv6 Checksum Offload using Windows Device Manager. For each 
Intel 1 GbE and 10 GbE adapter:
a. Go to the Properties page and select the Advanced tab. 
b. In the Advanced tab, scroll until you find TCP Checksum Offload (IPv6) and click on that. 
c. The Value field should show Rx & Tx Enabled. Use the selection box and change the Value to 
be Disabled. 
d. Click on OK to save and apply the change.
Following is the content of the DisableChecksumOffload.ps1 PowerShell script:
Disable-NetAdapterChecksumOffload -InterfaceDescription "*Intel*" -TcpIPv6```

Basically went to my Network Card Properties, Advanced tab, and disabled TCP Checksum Offload (IPv6). Selected OK and eveverything now works as intended.

Hello its my first time here. I have a question. My friend has a brick house and they have a air bnb that is 50 ft from the house should I run a ethernet from the house router to the air bnb router or should I put an access point in the air bnb and run etherenet from the house to it. I was also thinking about doing a mesh system but I was thinking that might not work.

grats - what a weird and random thing to of run into.

I think it's a very specific network card issue that wasn't even solved by the latest drivers.

It reminds me of that Pitcarin GPU issue I had with Pop_OS and Vulkan. It's a super-duper specific hardware issue.

There's a chance that a mesh system would work.
I'd be of the mind to run an ethernet cable and install a wifi router, keeping in mind to separate the "home" network from the "airbnb" network on the other wide of the cable in whatever way works best. using a system that has an app that can manage the wifi remotely could be nice for them, so they can easily change the wifi password after guests leave, or check on internet status when they aren't home.

a mesh system would be unlikely to get decent performance over that distance. your best bet is to run an ethernet cable and put a separate AP in the airbnb with a guest SSID

or potentially if running a cable outdoors is impractical you could maybe hang a directional high power AP out a window or on the roof of the main house pointing towards the airbnb

What's the best raid config for 4 by 2tb

https://nz.pcpartpicker.com/list/dJX2k9

10

rq if i host a vpn on my home internet, the max theoretical download speed would be the max upload speed correct?

Yes. You are capped in download speed by your home upload speeds, and upload by home download speeds.

There's other limiting factors also, like VPN type and overhead, CPU performance on both server and client.

Thinking about wireguard so don't think cpu overhead would be too much of an issue

https://www.youtube.com/watch?v=JI9fvAcNpdk Interesting video delving into 60GHz WiFi hardware.

anyone around familiar with truenas?

https://dontasktoask.com

What network switch do you guys recommend that has a decent amount of ports and isn't too expensive but can spend a decent bit

Need at least 10 ports

I'm not too too familiar but I've been trying out Core

on the truenas topic though -- my server has 6 GB of ram and I know I need to upgrade it -- would 16 GB be sufficient or should I spring for 32? My server is an older system (dell precision t5400 -- found it in e-waste lmao) and it's ddr2 fb-dimm is really hard to find/expensive

not sure how i feel about spending nearly $100 on ram for a system i literally found in the garbage and i think has dying caps

@clear igloo naughty naughty

What did you break?

I am viewing scripts inside of a nexus 9k. "# this is a hack remove it" comment located

lel

/bin/check-fpga.sh

I'll poke at mine later 😄

I would honestly recommend upgrading at that point.

That's a fairly old system. Even a basic modern system could outpace it

Yeah maybe but I’m going to be probably just using it for storage and a few jails — I’m mainly just worried about ram since I’ve heard zfs pools can get corrupted if you have less than 8 gb of ram and a few jails

I don't think it can get corrupted

it's just won't be super fast

from a former zfs dev

I don't understand honestly where this myth got started. Probably on reddit or on some other "half intelligent" forum of the blind leading the blind. ZFS is a filesystem. It can work on almost any memory amount, down to 1GB for a 100TB pool, although it would probably work pretty poorly there. It isn't a magical, mystical pixie that does stuff that somehow is entirely novel. The 1GB-per-1TB is just a very rough scaling rule-of-thumb that can be quickly used to get a coarse beat on the size of a deployment, but nothing more.
In fact, in terms of how it would run, try running LVM + Ext4 on a 100TB filesystem on a 1GB machine and see how it goes. It would most likely perform just as poorly, if not worse.

@clear igloo my fortigate arrives tomorrow

I can't decide on what to do with my old udmp @clear igloo

Thought about selling it or holding onto it for something else?

Ohh that makes sense
Yeah I figured that having lower amounts of ram wouldn’t damage volumes but everyone in forums kept saying that
Could you send the source to this post if possible?

it's a discord server I'm in

Idk tbh

i'll take it free

No

@clear igloo do i really need to upgrade FPGA if the installed version is newer than my code?

nope

My cisco guy is like YOU SHOULD and i'm like I already upgraded 50 switches without doing it

yah, probably a "best practice" but meh

also thanks for not telling me about that command in the one month of emails we've been talking about this with

Hi guys! I'm looking for some nice, easy-to-hack (i.e. openwrt/ddwrt and open firmwares like that), and cheap router to experiment with. Anything worth noticing in the 25-50USD range?

I've got an old TL-WR841ND lying around, but its 4MB FLASH/32MB RAM doesn't cut it in 2022

Or maybe some not "hackable" router, but one with many of the "bleeding edge" of networking to experiment with (wireguard, and that kind of stuff). Anything except mikrotik

computer hardware laying around - opnsense or pfsense

why not mikrotik?

Because I'm using mikrotik on daily basis, and want to experiment with something else

fair

like wifi needed? or just the router part needed?

I don't really need wifi that much tbh

Apparently I've not been keeping switches updated. 😕

Rude

It's time for nexus 9k

those went away a year ago

Gl.inet opal?

I haven't tried it but the specs seem alright at least https://www.gl-inet.com/products/gl-sft1200/

VPN speeds promised are oddly low for the hardware, I'd expect more (65mbps wireguard on a dual-core 1gbps arm CPU?)

It's so cute!

Friends, any alternatives to a Ubiquiti Dream Machine Pro?

kinda? depends on your needs

needs to be unifi?

No, what I enjoy about it:

• Rack mounted
• 2 Wans
• Router/DHCP
• Is also an NVR

the nvr part is tricky, there isn't much out there thats router and nvr

imo, better off getting a seperate nvr

I could spin all of these in VMs and container, but you guys were against it, I was thinking of doing it, did partly, until I lost power and the server didnt come up and family was puzzled on why there was no internet

Excluding the NVR thing, any good router with a good amount of ports that you recommend?

a good router only needs one port in one port out to a switch 😛

That is true!

I'm getting a FortiGate 40F tomorrow to replace my UDMP lol.

there's always mikrotik which I love/hate. On the higher end could look at fortinet, juniper, stuff like that.

Damn I am so burned by fortigate, I hate their VPN solution 😦

I like FortiClient/SSL VPN lol

I personally just have an er-x, does it's job good enough

My UDMP

What made you change?

More features

and reliability, while the UDMP is reliable, I want more lol

More reporting on the FortiGate too

I would love an updated edgerouter line...

honestly i feel like the best general purpose answer if you don't want to be tied to a specific company's software/licensing is just a cheapish 1u server w/ a multi port Intel nic and opnsense or vyos

And I like how FortiGate handles firewall rules better than UDMP

and you can easily stick a few drives in for a basic nvr too

Plus, Fortinet is an actual enterprise company.

whats the best way to back up a steam libray to a nas

I'll get actual support from them.

until you need a support contract

FortiCare is dirt cheap

True,I am checking them, their stuff is multiples times my monthly wage lol

personally i hate the idea of paying extra for software features that i could get for free from a general purpose operating system

but if i was actually running a business it would be very different

What is up with these mikroTik, they are cheaper than I expected

they are pretty cheap, but I am not a fan of the OS

divide by 5 to get the dolarino price

you'll probably get what you pay for

very versatile OS, but it's ehh, not very polished

http://demo2.mt.lv/webfig/
if you want a taste

I want new switches and APs too but $$$$

Is this it? This 80's/North Korea looking thing?

well that's winbox, which is their desktop GUI configuration and the preferred way to manage it

the UI is yeah...

webfig is basically the same gui as winbox just in the web browser with some features missing

i mean if your top priority is slick modern saas startup web design you're probably not gonna get a particularly good router

😩

I mean

this is fortigate lol

The least it can do is not look like ass lol

i mean that's basically the same design wise but with a dark theme

my issue with routerOS isn't the UI per say, but the actual way the config works

personal preference

i love how fortigate's works, which is one major reason for switching lol

you don't get much other than basic routing/firewall without a license right?

licenses add stuff like ips, antispam, malware protection, ssl decrypt related features

You get stateless/stateful, VPN, management, reporting, etc included

i mean, that's not stuff that i actually need for my home network (except maaaybe ips) but on principle i hate how they charge full price for hardware and then more for features

fine for enterprise stuff

welcome to enterprise networking

but I'm not using that in my house

@clear igloo I am now looking at the Cisco C9200L-24P-4X since it has 24 GigE PoE+ and 4x SFP+ with 370W PoE budget while using like less than 60W on all port load.

aren't you going to college

I stopped buying anything new really

lol

Cheers guys, you are always very helpful 🙂

Love this community

For the FortiGate, my parents paid for 2/3 of it and I paid 1/3.

So it only "cost" me $161.87.

are you planning to bring a rack and put all this in your dorm? 😆

leaving the FortiGate at home

ofc he is

Seems the TCP/IP Checksum Offload for IPv6 problem was far more prominent than I expected.

but going to look into stuff to run an IPsec VPN in dorm.

i think the school IT people would love you if you bring a little 15u rack

and stick it in your dorm closet

I saw it on dslreports looking at verizon v6 updates

they wouldn't care lol

Although....UDMP can run a IPSec VPN.

I'm just gonna bring a HEX and little server

tunnel home as well

Apparently it’s not just Intel NICs that are affected.

https://ipv6-ops.cluenet.narkive.com/9vMMqscA/windows-nic-driver-issues-with-ipv6-tcp-checksum-offloading

And even if the UDMP switch is "bottlenecked" by a 1Gbps uplink to the SOC, my Internet in the dorm is only going to be 100Mbps.

And device <-> device will stay on the switch chip

I don't even really "need" my own router...as every student is on their own VLAN.

The router is only there so I don’t have to have a vpn connection from each device

yeah but I have the same onboard nic and do not have the problem. ¯_(ツ)_/¯

a really exciting thing with the fortigate....less than 10W operating usage

meh you are in a dorm use all the watts 😛

at home

5gbps fw, 1gbps ips, 800mbps ngfw

4.4gbps ipsec, 490mbps ssl vpn

the ssl vpn should be able to saturate my home uplink

Has something to do with specific ISP carriers and their corresponding Optical Network Terminals.

https://www.intel.com/content/www/us/en/download/19174/disabling-tcp-ipv6-checksum-offload-capability-with-intel-1-10-gbe-controllers.html

It just seems weird that Intel couldn’t solve this issue with a driver update.

yeah I agree

Could also be just an IPv6 standardization implementation issue. I’ve read several things about the IPv6 standard got ammended over time, and more of these inconsistencies are being highlighted as more ISPs implement IPv6 on home clients.

Can I interest you in our lord and savior the Nexus 9300? 😄
That's some crazy uptime though

lol, why?!?

We had a pair of 9396s that got replaced last year. 5600s are just for an old flexpod until Cisco gets us a new chassis

Ah, the old 9396, those were "fun" when it came to TCAM especially
Nice, 9504?

I still keep some 9396s in the lab at work for fanout to save traffic ports and other odds and ends
Everything now is 9336/93240 FX2 or 93180/93108 FX3 for the most part in the testbed

We switched over to Aruba. And yea tcam was a problem when we started writing acls before we got an internal firewall pair

Ah, never messed with aruba. what are they like? I've used some dell stuff before that was a bit different by comparison

We're pretty happy with them. CX os is pretty Cisco-ish and we don't have to pay TAC just to keep our switches updated

I've been using Ubiquiti networking gear for at least 10 years, both supplying to and installing it for clients and using it in my own business and home. A few weeks ago I had my first cause to use their support/RMA service, and it didn't go well.

I bought a G4 doorbell in 2020 and installed it at my parents house (which is also equipped with a UniFi network and other UniFi Protect cameras). They loved it, and because there were already UniFi cameras at the property, they were already familiar with the app. About 3 months ago the device started doing funny things. Random WiFi dropouts and power cycling became more and more frequent. One day it powered off and never came back on. Anyone who is familiar with this device might know this is an extremely common problem; their own forums and every Ubiquiti related online community is littered with posts from others claiming the same thing happened to their G4 Doorbell. Some were failing within 12 months, some a little later, but there is obviously a serious defect with a large number of units of this product.

This is already quite long, so I'll cut to the chase. I opened a ticket to return it and get a replacement, which I'm entitled to since it falls under the 24 month warranty they offer on devices purchased from them directly. This was a total fluke for me, because usually I purchase UniFi gear through resellers and am stuck with a 12 month warranty, but the G4 Doorbell was so new when I was buying it that no reseller had any, and I had to get from them directly.

They immediately refused and cancelled the warranty claim, and have now been ignoring my responses in the original support ticket (which is still open) for over 2 weeks.

I am thinking about writing to the WAN show team about this as I would like to hear Linus' thoughts on it, but has anyone else experienced this failure with the UI doorbell and the abysmal customer service that followed?

Ah, so no contract needed for firmware updates, that's nice

Best part is no "switchport trunk allowed vlan ADD"

I should also note that adding the Doorbell to my parents setup at the time involved changing from UniFi Video hosted on a local Windows based server to a UDM Pro, as UniFi Video had been phased out and the Doorbell is only compatible with hardware UniFi controllers. So adding it to their network came at a significant cost, but was totally worth it.

Yeah but here's the thing... You would need one anyway while it's in prod so firmware is a non issue

We're paying support for one of our core switches and that's it

I need 4hr replacement on all my stuff

real time replacement, teleport the equipment in before something happens 😄

We keep a shelf spare or two

For switching at least

Our spares cost more than maintenance as far as I recall

8818 chassis with 18 36x400g linecard spares?

Yeahhhhh

20k per card or whatever

Yea we're not that size. Support on the 8400 core that's expensive but then at the edge just some spares

Yah, 1g or even 10g edge stuff is usually cheap regardless

I work like 90% data center lan/wan. Not a ton of campus

Yea. 3-6k for a switch depending on the model

@clear igloo i got more bad news

ACI will throw an error if I don't make the fpga match

It will work and it's cosmetic but it's going to alert

that's dumb

Yeah, so I have to go get 50 switches racked so I can run one command

👺

💩

That kind of looks like Mikrotik mAP Lite which I'm also thinking of buying

But the usb C power on the gl-sft1200 looks better than a barrel plug

Than a microusb*, mAP (not lite) has a barrel plug, I mixed them up

@clear igloo found another N9k easter egg

oh?

in BIOS:

Power Debug Register 1: 0xbaadbeef
Power Debug Register 2: 0xbaadbeef

lol

its a 9504

@hollow marlin juniper easter eggs are crashes

I thought Cisco Easter eggs were the bugs

undocumented surprise features*

The router didn't reboot, it saw nothing was going on so did some memory management real quick, you just happened to care that your traffic dropped afterwards

Job security for the network team

I have had multiple "solar flare" RFOs from cisco

bit flip due to solar flare

lol, I know someone who worked in TAC about 15-20 years ago. You could reboot a router and it would come up before most people even noticed it was down to begin with

not anymore

haha, yah

my damn home router takes minutes to boot

nah, the real easter eggs are what you find after sudden power loss and how well it handles it

School IT easter eggs are when the network admin doesn't save the running config to startup config and lock themselves out of the switch remotely

not really an easter egg 🤪

i want a 24 gig poe+ switch with 10 gig uplinks that's not stupid expensive and doesn't use a shit load of power

That's fair then

Juniper EX2300-24P are excellent if you can get your hands on them used. Can even drop-in Noctua fans to quiet them down a tad bit

I don't care about noise at all

As long as i can't hear it from the basement

oh dang it's like $1500

Yeah their extremely quiet after boot

that's less than the cisco

I don't have much experience with Juniper tho but I can always learn

You'll never get one new for the next year. Our orders are now over 12 months out.

dang

Used I think you can get them for ~$500 or so

doesn't look too bad

Junos is the king of CLI

Max. System Power Consumption (Input Power without PoE)
80W not bad

Let me see what mine is running at power wise in my office

better than the old Cisco I had LOL, 90W just booted with one port

I mean, our power is cheap but high capacity UPSes aren't.

Anything in the states is above $1k

guys

I wanna learn about programming How to learn by myself anyone can you guys tell me how to learn programming pls?

@hollow marlin is Juniper picky about sfps

or any recommandtion pls?

Mine is running at 26w with 10 active connections, 1 being PoE

danggg

I'd have like 3 PoE and 12 non PoE connections

Not really. In my lab I tossed tons of different vendor programmed SFPs at it and cannot remember it not liking it

okay that's nice

most of my SFPs are cisco or generic from fs/10gtek

Idk if I want to replace UniFi APs or not but I'd kinda like to move away from UniFi switching.

go mist with Jarvis 😄

The problem with APs.

UniFi has really good price/perf

💰

Although, tbh I don't see any issue with my UniFi wireless.

Yah, provided everything does LLDP which it should you're fine in almost every case

it can do WPA2 Enterprise, delivers 400Mbps perf (good enough), and managed in a central location

Real world you won't get much of an improvement

my current SSID is just Skynet with WPA2 Enterprise, doing RADIUS assigned VLANs

Yeah

I just checked and our best quotes for the smallest AP12s are still ~$700 w/3-year license

@ my desk

That's not terrible I don't think

which is PLENTY for what you do on WiFi

Not really. The AP 43s I think are around $3000ish without licenses

if it demands anything more or stable it's wired.

This is all I have left with UniFi

that's a pretty big jump, does the performance scale at least or add improved stuff from the 12 to the 43

More radios and BT/IOT features are pretty much it

2.5GbE Eth0, 1GbE Eth1

Wanna know the DUMBEST thing about the APs at school?

Oh, the new AP45 and 34 is out....hmmmm

(Extreme)

Amber ethernet means it's Gigabit and green ethernet means its 100Mbps

lel, that's pretty much the opposite of everything else

Just checked and rough price for a MR57 + 3 year license/support is $2000
Not 100% sure on the 9136 though but I think it's pretty comparable to that, don't have that off hand to confirm

I was like is this why WiFi is so shitty, the APs only have 100FDX link?

school budget needs to go somewhere else, duh

But no WiFi is just shitty

Mist is really the only Ent. WIFI solution I delved into because we deploy it. Are the licenses support or are they "you need this to worky"

I opened wire shark on my laptop

Over 50% of the traffic was useless broadcast

For the meraki stuff it's support + make it work

the catalyst aps though are just licenses for DNA Center if you want to go down that rabbit hole of "fun" 😄

Yeah thats the biggest problem I have with Mist. Its decent, but the moment the grace period on your licenses expire, you just have a brick

The catalyst APs that my uni has looks interesting lol

Probably 9130s or 9120s if they are rounded boxes

They are

Do you need a controller for catalyst APs?

Yes but it can be physical or virtual (either VM or on an AP)

ok, so you could buy a couple to use at home if you wanted

yup

Provided one supports autonomous mode you're good

@clear igloo

Paint it black

"When I see a Fortinet I want to paint it black"

Can someone recommend a good Wi-Fi 6 router (in EU). I have 1000 mbps broadband and still using the ips Provided router.

Passed Network+ and immediately ordered the full cisco official CCNA book set

haha yeahh i'm playing around with it on an old IBM X3650 I picked up.. I'm also in the same boat with the ram, this thing came with 4gb ram and it's also ECC DDR2 and it's soo expensive haha

Yeah lol, like idk how I feel about putting >$100 into parts for a system I found in an e waste bin
I share this server with my roommates and we have about 700 GB on it right now out of 6.3 TB — also running UniFi controlller and haven’t had any issues yet

haha yeah absolutely.. I'm tryna figure out why my SATA drives show in the serveRAID 8k-l interface but i am unable to initialize them for an array

all my research has led me to updating the SAS controller firmware and bios but when i go to the download page for one it says that it is no longer supported and I cannot download it.. then there is another download link and it says it includes the bios & firmware update but I don't really wanna risk bricking the whole system

so i'm not quite sure what my best course of action is now lol

there's a raid controller in there

yeahh

some allow IT or HBA mode I think it's called

have to do research for the specific one installed

well from what I've read the raid controller supports SAS & SATA as they run the same architecture.. and i have SAS & SATA enabled in the bios and as i said it shows in the serveRAID 8K-l interface and registers but I am simply unable to initialize it for an array

HDD size?

Old servers got a 2tb limit and they need to be the same capacity

SAS & SATA are just the interfaces

you need to change the controller mode, if it supports it

what raid board is it?

errrr

honestly not sure i only picked it up about a week ago, let me shutdown the server and check

serveRAID 8kl card

then in the raid controller port there is this card: IBM ROHS RD MOD ATB-205/32MB but i thought that was a RAM cache?

model number?

from what I read it should start with like M or X or some other letter with some numbers after it

or whats the server model?

IBM X3650 M7979 - 31M

@clear igloo I had my friend setup an IPSec site to site on his pfSense to my FortiGate....and it works! So I'm probably going to bring a pfSense box to college lol.

The only "issue" i could see happening is NAT traversal but pfSense & FortiGate both support it.

Be careful because I know some colleges ban the use of routers and switches

they allow it as long as it doesn’t emit WiFi

So AWS has a couple of free tiers with Lightsail. You can then spin up some instances but when end when you close the window. How would I avoid this from happening?

I got a little curious on why they do it

Usually because people think routers = WiFi routers

So they say it like that so ppl don’t misinterpret

I mean why they ban WIFI

Because WiFi interference

Really that's only because that?

Really hard to believe that they do that

When I was in college they Didn't do that so I had my own wifi setup

Each their own

But 2.4 is very very crowded

wifi spectrum can get crowded

So, my wifi adapter is dead on my pc. Can I use a laptop as a wifi adapter by plugging in a ethernet cable in the laptop and my pc in the meantime before I get ethernet installed in my room ?

cursed

Well it's what I got rn

Till tomorrow

just wait for a new wifi adapter

Well, I don't have a car or bestbuy near me and I have things to do. Now I really don't trust usb wifi adapters. And getting a pcie wificard will take even longer.

And my gpu doesn't really leave an room for one anyway

use your phone as a wifi adapter in the mean time (usb tethering)

instead of a laptoop

Boi

My pc doesn't have a wifi adapter.

The old one is dead, I can't use my phone

The only option is to use a laptop and connect it to my pc with ethernet

why can't you use your phone

Because my desktop, doesn't have a way right now to connect to it

is it possible? yes

Also I have an Iphone, windows last time I check doesn't like recognizing it

I will give it a shot

It doesn't work if your computer doesn't have a wifi adapter connected to it

Got to work over bluetooth, but my bluetooth adapter is outdated like my wifi adapter from bestbuy. So it's super freaking slow.

??

^

in theory you just bridge the wifi adapter and ethernet on the laptop

No, Im talking about the phone

Also how do I do that if that works ?

Found a jank solution that will work for now

was just reading this. 10W idle w/o devices, fanless. https://www.servethehome.com/hpe-aruba-instant-on-1960-24g-2xgt-2sfp-switch-review-jl806a/4/

i don't really like instant on sw tho

alright, i dont really know anything about their cli. just saw it and remembered you were looking at something similar

@clear igloo

does anyone know well about ndi

please help me

Anyone with cisco experience? My 3560 switch firmware has decided to do the unalive, now for some reason even after flashing a new binary, it isn't loading it at all and just errors out or just freezes the loading
https://jud.has-no-bra.in/5y8G10zyZ

Can you run verify against that bin to check the md5 hash? Maybe it got corrupted?

Shouldn't have, I deleted and reuploaded it several times

Has anyone done something that dumb: What happens when you connect 2 modems with phone cable?

not much

A/V/DSL modems? Nothing. Other hardware and software is required. Dialup modems can work the way you describe.

There are a few exceptions... https://store.duxtel.com/Proscend-VDSL2-SFP-Modem-(LRE-CO-RT-Pair)

This pair of modems are configured to permit it.

this link is dead?

ah no discord just lost the close paren

Discord has kindly stripped the right parenthesis

Could you create "virtual" dsl network in any way?

Sigh Any good recommendations for a wifi card or good usb adapter with Wifi 6E ?

you would need a dslam device

basically what's on the other end of a copper line

If you're wanting a new ONT, you probably can't.

They are using Calix OLTs and most likely locked to the 803G's MAC and Calix has some proprietary stuff on top as well.

Plus, the 803G is a nice little ONT anyways. No reason to switch it.

99% won't get it around it because of the way GPON works.

so i am using an old machine as a home server with my network router and for some reason my sharing speed is limited to 5MB/s is it due to the router being a bottleneck or do i need to change some settings?

Does anyone know how to enable bridging on a century link c4000xg router because I have it lying around and I want to use it to make virtual desktop better can anyone help I got the router to show up on my PC just by it's self no internet I just need help configuring it then wiring it to my main router

That C4000XG does not appear to be a router - instead, it appears to be a CenturyLink Wireless Gateway (modem / router potato combo unit) that's most likely running custom firmware. We don't have CenturyLink up here in Canada, so I couldn't begin to imagine what the admin interface looks like, but if they support it you're looking for a "bridge mode" setting. That being said, looks like CenturyLink uses PPP authentication, so you may need to contact them if you don't know your PPP username & password.
https://robotpoweredhome.com/google-nest-wifi-centurylink/

https://www.metageek.com/training/resources/use-router-with-dsl/

1. Before you get started, obtain your PPPoE username and password from CenturyLink.

Note: You may be able to log into your current router and copy it out into a text file, but if the password is hidden, you might need to give CenturyLink a call. Just say, "I need my PPPoE username and password" and they should know what you are talking about.

Anyone else have a Wi-Fi bill of 6k a year and 2,214 in Wi-Fi tech

internet

USD? Are you paying for like dedicated fiber?

@dry bronze I could get a switch that doesn't have 10 gig uplinks ...

And tbh...I'm not really even using 10 gig rn

If there's no 10gig, then what's the point 😛

😂 I'm not even using it lol

plus, its a free switch

I mainly want this switch to replace my access layer switch

Oh well then. Acceptable

What is it