|
Interesting. What I take from all this is going with the C7 should be just fine for my needs.
|
# ? Nov 7, 2016 22:37 |
|
|
# ? May 17, 2024 16:32 |
|
Golluk posted:Interesting. What I take from all this is going with the C7 should be just fine for my needs. Reading the OP *IS* a difficult and lost art...
|
# ? Nov 8, 2016 22:43 |
|
I'd like a nice router for our small office (anywhere from 4-12 people) that is simple to use and troubleshoot, and won't need to be replaced for at least 5 years. It's one large 20x10 room with two smaller rooms and a small conference room. Suggestions in the form of Amazon links?
|
# ? Nov 9, 2016 19:20 |
|
Check the OP. It's up to date.
|
# ? Nov 9, 2016 19:27 |
|
Internet Explorer posted:Check the OP. It's up to date. I need something a kid can operate. My coworkers just want a router that can have an ethernet cable plugged in, and go. I'd donate an unused nice ASUS router I have at home, but the minute it poops the bed, they'll all panic if I'm not nearby. Red fucked around with this message at 19:35 on Nov 9, 2016 |
# ? Nov 9, 2016 19:33 |
|
Red posted:I need something a kid can operate. My coworkers just want a router that can have an ethernet cable plugged in, and go. Even though consumer/prosumer routers are getting a lot better, it making GBS threads the bed may still happen. A ER-X and a UAP-AC-Lite would probably be a more stable option, but involve slightly more configuration.
|
# ? Nov 9, 2016 20:04 |
|
Red posted:I need something a kid can operate. My coworkers just want a router that can have an ethernet cable plugged in, and go. This doesn't really exist and shouldn't exist. No matter what router you get you should always log in and change the default username/password and setup security on the wireless network it creates. Especially if you're in a workplace.
|
# ? Nov 9, 2016 20:07 |
|
Red posted:won't need to be replaced for at least 5 years. Doesn't exist, won't exist. Most hardware has a targeted 3 year lifespan, and based on the way WiFi's going it's only getting shorter. "Easy"? Apple Airport extreme, Eero, Ubiquiti Amplifi
|
# ? Nov 10, 2016 01:32 |
|
I set up a temporary PiVPN (http://www.pivpn.io/) about two months ago for a security convention and configured my laptop and android system to use the OVPN creds it generated. I configured the custom port for the VPN server to be allowed to accept incoming connections but testing the connection over LTE (which gets around 4MB max download speed) from my phone, I could only get 400KB max. It looked like, after doing several tests, that the speed might have been a hard coded limit since while I was downloading the over the VPN, it was only going to 20% CPU used and sipping on memory. It was in a room connected via gigabit back to the main router over another router-turned-bridge (the main router handles all the DHCP and other nonsense. ). Testing the VPN on my laptop (using the phone as a tether with it's own VPN service turned off) I was still only getting 400KBps. Doing a speed test on my phone (not speedtest to try to avoid telecom preference) still showed I was getting way better speeds than what the VPN was maxxing out at. My ISP is Verizon FIOS and I got 100Mbps/100Mbps service. I would have been happy with at least 1 or 2 MBps
|
# ? Nov 11, 2016 02:12 |
|
The Pi uses a shared internal USB bus to connect the ethernet adapter to the rest of the system. This can be a serious bottleneck in certain situations. The Pi is a great little computer with many strengths, but performance, networking performance especially, isn't one of them. 400KBps is 3.2Mbps, which is about what the original Pi Model B is capable of. (https://www.hackviking.com/single-board-computers/openvpn-performance-on-the-pi/) The B flavors of the Pi2 and Pi3 are a bit more powerful, but not by much. OpenVPN itself is capable of whatever speed the hardware you throw at it can handle. A multi-gigahertz quad core CPU with AES-NI, PCIe gigabit ethermet adapters (preferably Intel server grade), and DDR3 memory will happily do gigabit speeds with OpenVPN (if you use AES, which is not the default). But a machine like that is a far cry from the $35 Pi. Crypto is just a very system intensive task, if you want more VPN speed you are going to need something more powerful. Antillie fucked around with this message at 21:00 on Nov 11, 2016 |
# ? Nov 11, 2016 20:37 |
|
Antillie posted:The Pi uses a shared internal USB bus to connect the ethernet adapter to the rest of the system. This can be a serious bottleneck in certain situations. The Pi is a great little computer with many strengths, but performance, networking performance especially, isn't one of them. Thanks for this entire post. Put my mind at severe ease. After reading more into OpenVPN, the system is still, at it's core a single-core process and hates multithreading. They tried just creating more processes but Facebook found out that when you have multiple processes fighting over the same port, it's bad times. That explains why the Pi would not go above 25 or whatever since they are quad core systems. Though I do have to admit, it was SUPER easy to setup compared to my last attempt about 3 years ago to set up my own VPN. Just a bunch of yes and no answers and some DNS info with some seeding and it was easy.
|
# ? Nov 12, 2016 02:26 |
|
Is the OP fairly up to date as far as its router recommendations?
|
# ? Nov 13, 2016 03:04 |
|
Yes.
|
# ? Nov 13, 2016 03:06 |
|
EVIL Gibson posted:I set up a temporary PiVPN (http://www.pivpn.io/) about two months ago for a security convention and configured my laptop and android system to use the OVPN creds it generated. Something with hardware crypto is likely your best bet. The WISP I work for uses Mikrotik* and the VPN performance is great. *They're Cloud Core Routers but there's other options for hardware acceleration: RB1000 RB1100AHx2 All CloudCoureRouter series boards RB850Gx2 Hex v3 from Here
|
# ? Nov 13, 2016 07:33 |
|
I find so many adverts on the internet really annoying, so on my computers I block them using the hosts file. I have an Android phone, but don't want to root it so I wondered if there was a convenient way of implementing a similar solution via my home network so that the DNS requests for adverts would return invalid results?
|
# ? Nov 13, 2016 12:49 |
Check out pi hole. I've been using it on my home network and it's great. Includes in app ads as well. Granted once you leave your network you're back to what you were but it's nice at home.
|
|
# ? Nov 13, 2016 16:27 |
|
It's also possible to use an ad blocking VPN and block ads no matter what network you're on.
|
# ? Nov 13, 2016 16:37 |
|
I think there are DNS RPZ's for just ads as well. So if you're running your own resolver you can just set that and all the other malware RPZs up.
|
# ? Nov 13, 2016 16:51 |
|
calandryll posted:Check out pi hole. I've been using it on my home network and it's great. Includes in app ads as well. Granted once you leave your network you're back to what you were but it's nice at home. This is exactly the sort of thing I'm after, thanks.
|
# ? Nov 13, 2016 17:05 |
|
calandryll posted:Check out pi hole. I've been using it on my home network and it's great. Includes in app ads as well. Granted once you leave your network you're back to what you were but it's nice at home. is it possible to incorporate this service to a beefier home router box or server?
|
# ? Nov 13, 2016 18:55 |
|
caberham posted:is it possible to incorporate this service to a beefier home router box or server? Easy way is to use a third party dns that blocks ad domains. Google for "ad blocking with dns" to see some options. Problem with that is you can't modifying or allow false positives through. You could worked a script to download the same lists as pi hole and apply the blocks to your own dns service. But that would be an effort.
|
# ? Nov 13, 2016 20:16 |
|
I've got pihole running inside of docker on my server. Works great. I have my router hand out the docker box's IP as initial DNS, with 8.8.8.8 and 8.8.4.4 as secondary and tertiary in case my docker box is offline for some reason.
|
# ? Nov 13, 2016 20:22 |
|
If you want to be the coolest of the cool, you'll do something like this: https://www.digitalocean.com/community/tutorials/3-ways-to-securely-browse-the-internet-with-openvpn-on-debian-8 I've got something similar mostly set up now. It's pretty neat.
|
# ? Nov 13, 2016 20:26 |
|
I have my home router set up for OpenDNS. I've recently noticed that pretty much everything runs OK EXCEPT for sites like Google News (news.google.com) and YouTube.com. My cable modem (Cox) signal levels are great and my speed test is like 60/10 with maybe 25ms ping. Google News and YouTube do load, but it's like they need "coaxing" like hitting refresh a few times. I need to experiment a little bit I really think something is squirreley with how OpenDNS works with Googles sites? Three-Phase fucked around with this message at 15:35 on Nov 14, 2016 |
# ? Nov 14, 2016 15:14 |
|
EVIL Gibson posted:Thanks for this entire post. Put my mind at severe ease. Yeah OpenVPN itself isn't a very good use case for multiple CPU cores by default. The default cipher, Blowfish, is a block cipher running in CBC mode which can't be parallelized to use more than one CPU core for encryption, although it can use multiple CPU cores for decryption. Thankfully the AES-GCM algorithm is highly parallelizable for both encryption and decryption and is very good at taking advantage of multiple CPU cores in both cases. I am not sure if the AES-GCM implementation in OpenSSL (or PolarSSL) is mutli threaded but in theory an OpenVPN tunnel using AES-GCM should be able to use multiple CPU cores for the encryption/decryption process if the backend crypto library is optimized properly (ie: multi threaded). Also the Blowfish cipher is not secure unless you rekey the tunnel frequently (every 64 megabytes of data transferred). So everyone should really be using AES anyway, in GCM mode if possible. Antillie fucked around with this message at 16:04 on Nov 14, 2016 |
# ? Nov 14, 2016 15:56 |
|
T-Mobile has the ASUS TM-AC1900 Wireless-AC1900 Dual-Band Gigabit Router (rebanded ASUS RT-AC68U) on sale for $59.99: https://slickdeals.net/f/9330575-asus-tm-ac1900-wireless-ac1900-dual-band-gigabit-router-59-free-shipping https://www.t-mobile.com/accessories/t-mobile-wi-fi-cellspot-router.html You can flash the firmware to whatever you prefer instead of the t-mobile wifi calling QoS if you want. You'll see a shipping cost as you check out but it goes to 0 through checkout (there's tax in a lot of states, though). edit: this isn't the link for the current deal but the slickdeals thread fromt he last time it was on sale has some instructions for flashing. https://slickdeals.net/f/7193262-t-mobile-personal-cellspot-ac-router-by-asus-free-for-postpaid-25-deposit?p=70386382#post70386382 quote:OUTLINE OF PROCESS Rexxed fucked around with this message at 21:28 on Nov 14, 2016 |
# ? Nov 14, 2016 20:15 |
|
Antillie posted:Yeah OpenVPN itself isn't a very good use case for multiple CPU cores by default. The default cipher, Blowfish, is a block cipher running in CBC mode which can't be parallelized to use more than one CPU core for encryption, although it can use multiple CPU cores for decryption. Thankfully the AES-GCM algorithm is highly parallelizable for both encryption and decryption and is very good at taking advantage of multiple CPU cores in both cases. I am not sure if the AES-GCM implementation in OpenSSL (or PolarSSL) is mutli threaded but in theory an OpenVPN tunnel using AES-GCM should be able to use multiple CPU cores for the encryption/decryption process if the backend crypto library is optimized properly (ie: multi threaded). But mainly what I am trying to say I was not using blowfish.
|
# ? Nov 14, 2016 23:33 |
I recently setup a VPN connected to my router, then I installed a script to only route a single specific port (TCP 52751) on one machine through the VPN and to direct all other traffic as normal. I *think* it's working correctly but I'm networking retarded so frankly the fact that I've gotten this far is miraculous. Checking my IP through my browser shows my normal non-VPN IP, which is what I want. My question is how can I check to see that traffic going through that specific port is going through the VPN?
|
|
# ? Nov 15, 2016 10:02 |
|
I think I need a new router. Almost daily, the wi-fi in the entire house drops for about a minute or two. Right now I have a 3 TB 802.11n Time Capsule, and would want to upgrade to ac. I'm thinking of moving away from Apple, since they haven't released any new hardware since 2013, and I can probably save some money. I'm looking for something that either has a built in drive, or allows you to connect an external and is fully compatible with Time Machine and Windows backup. I also want MU-MIMO, full IPv6 support on main and guest, UPNP and NAT-PNP (I understand those are completely different, and an application that only knows UPNP can't open ports on a NAT-PNP only router), and some good QoS. I'm also open to flashing it with custom firmware if nothing offers what I want out of the box for the right price. Edit: Does anything exist with a six-port switch? zergstain fucked around with this message at 07:22 on Nov 16, 2016 |
# ? Nov 16, 2016 07:19 |
|
Pretty sure the asus routers support time machine.
|
# ? Nov 16, 2016 16:03 |
|
Don Lapre posted:Pretty sure the asus routers support time machine. Only the 68U and later.
|
# ? Nov 16, 2016 17:04 |
|
SeaborneClink posted:Only the 68U and later. Which you can get for $59.99 now http://www.t-mobile.com/accessories...als+LLC&irgwc=1 These are AC68u's and can be flashed to ac68u firmware.
|
# ? Nov 16, 2016 17:19 |
|
This says $99. Also I live in Canada, so this might be no good anyway. I suppose I could also get a router without any hard drive connectivity and get a NAS drive instead. I'd need more than 4 lan ports to do that though.
|
# ? Nov 16, 2016 19:37 |
|
Don't let the number of LAN ports make your buying decision for you, pay $20 for a switch and move on to harder questions.
|
# ? Nov 16, 2016 20:55 |
|
How to run ethernet cable to my detached garage? Underground in a pipe? I think power is getting to my garage that way but I'm not sure if I can get at the existing conduit.
|
# ? Nov 17, 2016 00:31 |
|
Shaocaholica posted:How to run ethernet cable to my detached garage? Underground in a pipe? I think power is getting to my garage that way but I'm not sure if I can get at the existing conduit. That would certainly be the 'best' way to do it, but if you can't use the existing pipe and have to dig a new one it's also the most expensive and time consuming route. Another option would be to get a couple of NanoStationM5s and setup a wireless bridge between the house and garage. What's the distance between your garage and main house?
|
# ? Nov 17, 2016 00:41 |
|
Krailor posted:That would certainly be the 'best' way to do it, but if you can't use the existing pipe and have to dig a new one it's also the most expensive and time consuming route. Corner to corner about 10-15ft. I think the existing power is buried under concrete but I'm not sure. I haven't looked into it but the area between the house and garage is either concrete driveway or brick.
|
# ? Nov 17, 2016 01:02 |
Don Lapre posted:Which you can get for $59.99 now Oh sweet thanks. Fake edit: their fuckin website set off fraud protection on both my credit cards before I could finally get my order through. Pain in the rear end.
|
|
# ? Nov 17, 2016 01:13 |
|
Shaocaholica posted:How to run ethernet cable to my detached garage? Underground in a pipe? I think power is getting to my garage that way but I'm not sure if I can get at the existing conduit. Direct-burial Ethernet is also another option. If it's grass from the house to the garage you could trench at 6-12 inches down by just lifting up sections of the lawn. I would also advise getting a pair of Ethernet Surge Protectors if you have any cabling running outside of a building.
|
# ? Nov 17, 2016 01:34 |
|
|
# ? May 17, 2024 16:32 |
|
Don Lapre posted:Which you can get for $59.99 now I looked into this a bit more. It doesn't seem to support NAT-PMP. Actually, what does support it? Maybe I don't need it, but I thought devices like the AppleTV would play nicer if it's available. I'm also considering going the tomato/openwrt route. What hardware is recommended for that?
|
# ? Nov 17, 2016 20:22 |