|
Combat Pretzel posted:So what's the current preferred software router/firewall? pfSense in a VM here, works like a charm - been running this way for years and years. You just need a second nic in whatever VM host you have. External host nic plugs directly in to the cable modem, map your virtual networks to the appropriate VM network interfaces, and you’re up and running. I’m interested in trying OPNSense but pfSense works just fine and I’m not using it for anything beyond a basic router/firewall. devmd01 fucked around with this message at 00:17 on Jul 17, 2020 |
# ? Jul 17, 2020 00:15 |
|
|
# ? Jun 8, 2024 06:27 |
|
Combat Pretzel posted:IPFire, looking into that one, too. Re: IPFire and WireGuard, while I disagree with the maintainer’s take, his perspective is hyper reliable appliances. So from that standpoint, WireGuard is very beta still. IPFire tends to get most used in layer 3/4 deployments connecting site to site stuff from my understanding. So shiny is less interesting than exceptionally reliable. That said - yes,
|
# ? Jul 17, 2020 02:33 |
|
SlowBloke posted:Dedicated RGMII path, USB3 comes from pcie. The original SoC was for phones(which is why it had only one usb port). Thanks! About as sane as you can get there in terms of connectivity. I always hated the USB LAN controller on the RPis. sean10mm posted:Apologies if this is the wrong thread for this question, but here goes: Today I learned about the B1/B2 stepping of the I225 having IPG issues with "some" switch ICs / other ends of the link, with the end result potentially having to be running at 1Gb. I am not an enterprise networking guy but my experience with Intel NICs (mostly Ophir, 82570 and friends) as a user and system designer was always awesome and loving rock solid. Have heard that the newer generations have slipped somewhat, but at the home, I always endeavored to get mobos w/ Intel MAC + PHYs. Granted, I am still running the same P67-based Asus motherboard (82579 PHY) I got in 2010, and the P5Q I had before that running a Core 2 Duo, I never used the lovely Atheros controller and tossed in whatever Intel PCIe x1 NIC had the 82574L on it. Maybe the verification / validation group has lost some talent in recent years coupled with SOCs/hardware still ever-increasing in complexity...who knows.
|
# ? Jul 18, 2020 07:30 |
|
Hello thread. I've had a TP Link Archer C7 for a few years now. I've noticed the 5G is pretty spotty at best (i.e., device is connected but can't get to the internet) and it seems to be choking on connections (sometimes dropping devices). We have ~15 devices connected - 3 of which are via Ethernet. It's a small-ish 2 bed apartment (1k square ft) though the walls are plaster/concrete so anything outside the living room where the router is has some trouble anyway. Our complex has it's own internet connection - not through one of the big boy providers. It's fast though - google clocked it at 229 Mbps down, 214 Mbps up (depends on how many people in the complex are concurrently streaming). I also don't need a cable modem - this just connects through an ethernet port on the wall. I'm looking at upgrading the router. I'd really like something that can handle this many devices and have the 5G band work well. It also needs to have at least 4 ethernet ports. I was looking at Ubiquiti but saw there's been some concerns in the thread? Also there's a shitload of products so I'm a little lost as to where to start. Thank you. e: would this be a good idea? https://store.ui.com/collections/unifi-network-routing-switching/products/unifi-dream-machine Lowness 72 fucked around with this message at 22:49 on Jul 19, 2020 |
# ? Jul 19, 2020 16:25 |
|
I've got a sort of similar question as the previous post. My ISP-supplied cable modem/router is a hunk of junk, it just doesn't work right. The cable modem part itself is perfectly fine, but the router part is a dumpster fire. The firewall configuration flat out doesn't work, there is absolutely no logic in which entries it cares to enforce. Block all DNS and DNS over TLS, then open DNS over TLS only to a specific DNS server of my choice? Nope, it'll either block ALL outgoing traffic or none at all, depending on the current weather conditions or the phase of the moon. To make matters even worse, every time it reboots it applies wifi settings from my ISP's crappy self-service webpage. I can change those, but unfortunately it only allows passwords of <16 characters. So every time my router reboots, I have to manually fix the SSID+password again. At least it has a bridge mode, so now I want something that actually works and does what I tell it to do. I was considering the combination of an ER-X and a Unifi AP AC Lite, but is there a better and similarly affordable option now? It's a 50m² apartment, with a 300/60mbps connection. A single AP covers it just fine with 5GHz right now.
|
# ? Jul 20, 2020 12:06 |
|
KozmoNaut posted:I've got a sort of similar question as the previous post. Older google wifi kits are starting to get cheap as the newer nest units start becoming the norm in electronics outlets, if you can stomach having your internet passing thru a google device they are good products.
|
# ? Jul 20, 2020 12:37 |
|
SlowBloke posted:Older google wifi kits are starting to get cheap as the newer nest units start becoming the norm in electronics outlets, if you can stomach having your internet passing thru a google device they are good products. Unfortunately that's a no-go, as I want to block stuff like Google DNS and other centralized services that seem to be hard-coded into some devices and apps now.
|
# ? Jul 20, 2020 12:46 |
|
I bought a brand new Samsung S20 Ultra about 2 months ago and it's having a moderately annoying issue with a particular WiFi router in my house. If the phone is connected to this router (which is one of three WiFi routers in my house) the Play Store app cannot download any apps or app updates at all. Everything else on the phone works on this connection - Chrome, Discord, whatever. I can browse the store but trying to download anything never gets past "Waiting for download..." But if I connect to either of the other two routers it can download app updates. And this is with changing absolutely nothing on the phone - I disconnect from the problem router, connect to one of the others, boom its getting app updates. The problem router is a WRT3200AC connected to the internet via Comcast (with a modem I own), while the other 2 WiFi spots are the built-in router of a Comcast cable/phone combo box and a WRT54G hooked up to that box (Yes we have 2 cable-modems in one house). Various Google results have led me to try DMZ-ing the phone's IP (it has a DHCP reservation), opening particular ports for the phone, and changing the WiFi MTU from auto to something above 1420 or so. All of this did zip to fix this. So if anyone has any ideas as to what's going on I'd love to hear them. As a side note connecting at 2.4 or 5 ghz to the 3200 made no difference plus the router has the latest firmware version.
|
# ? Jul 20, 2020 16:17 |
|
A+ disable updates. Can you further describe this network you have? What is the internet connection and which router is it hooked up to? Are these all the same ssid and password? What on earth is going on here?
|
# ? Jul 20, 2020 16:42 |
|
H110Hawk posted:A+ disable updates. Can you further describe this network you have? What is the internet connection and which router is it hooked up to? Are these all the same ssid and password? What on earth is going on here? Deep breath The 3200AC is in my room and is directly hooked up to a cable-modem, which is an Arris modem-only box which is 250/15 Comcast. I pay for this connection personally. On the other side of the house is the Comcast supplied phone/modem box which my parents pay for and I have no idea what the speed tier is. This is what happens when you live on your own for a while but are forced to move back home & have too much online crap attached to the Comcast supplied email address. Anyway the Comcast box has the WRT54G attached via ethernet because of a coverage dead spot somewhere else and is acting pretty much as an extender that mainly services an iPad 2. All these routers have their own SSIDs & passwords & are a mix of 2.4 and 5 ghz. To recap: phone connected to 3200 = get no updates, connect to 54G or Comcast box = get updates. Would You Like To Know More™ ?
|
# ? Jul 20, 2020 16:57 |
|
Possibly a related issue but my Chromebook will not download from Google play over 5G. Everything else works just fine. This is with a TP Link C7 I think. I found a random thread that basically described it as an issue specific to Chromebooks but maybe try disabling 5g on that router and see if that fixes it?
|
# ? Jul 20, 2020 17:13 |
|
KozmoNaut posted:My ISP-supplied cable modem/router is a hunk of junk, it just doesn't work right. What ISP? Can they send you one that doesn't have wifi?
|
# ? Jul 20, 2020 17:28 |
|
MREBoy posted:Would You Like To Know More™ ? What DNS servers is the S20 getting from the problem router? Are the DNS servers it gets from the working routers different?
|
# ? Jul 20, 2020 17:33 |
|
astral posted:What ISP? Can they send you one that doesn't have wifi? Wifi is just a small part of the overall issue. I can put it into bridge mode and use something better instead. I just need to know what the best options are.
|
# ? Jul 20, 2020 18:04 |
|
astral posted:What DNS servers is the S20 getting from the problem router? The 3200 for whatever reason is telling my phone it's the DNS @ 192.168.0.1. Just checked on my PC (connected via ethernet) and ipconfig says its dns is also 192.168.0.1 The other two report 75.75.75.75 & 75.75.76.76 which is Comcast's DNS AFAIK. I just tried setting the DNS in the router manually to the above + 8.8.8.8 and that apparently had no effect as all devices are still reporting 192.x as the DNS (rebooted the phone and release/renewed on the PC). If this is related to Linksys's stupid remote management stuff that I don't use & its doing a DNS hijack I'm going to be mad MREBoy fucked around with this message at 18:13 on Jul 20, 2020 |
# ? Jul 20, 2020 18:11 |
|
No, that shouldn't be a problem. It just means that it's looking to the router to provide DNS information, and as long as the router has valid DNS addresses, the chain propagates. If you wanted to be super sure, you'd be setting those DNS addresses into your S20. Try using 8.8.8.8 or 8.8.4.4 without Comcast's DNS? DNS failover is a thing that is supposed to happen, but let's see if it's actually working as intended.
|
# ? Jul 20, 2020 18:15 |
|
SwissArmyDruid posted:No, that shouldn't be a problem. It just means that it's looking to the router to provide DNS information, and as long as the router has valid DNS addresses, the chain propagates. I set the phone's WiFi connection for the 3200 to Static IP, the various input boxes were auto-filled correctly and already had DNS set for 8.8.8.8 and 75.75.75.75. rebooted phone just in case, no change.
|
# ? Jul 20, 2020 18:26 |
|
Why do ISP provided modems/routers have to be so drat awful? You think they would want better units so they don't get so many support calls. The modem/router combo Frontier provided my parents has been replaced 4 times now in the space of 2 years. Adding to that it is really braindead.. It has dual-band Wifi.. but you can't have them seperate. And if you disable one band.. it does something really, really stupid. It continues to broadcast the SSID on that band, but disallows devices from connecting to it. You can't actually shut a band all the way off! Also, they have switched to using 802.1x style authentication (My parents are on Frontier's "Vantage" FTTN product, which is handled differently than their traditional DSL). So you are truly stuck with it. -
|
# ? Jul 20, 2020 18:46 |
|
stevewm posted:Why do ISP provided modems/routers have to be so drat awful? You think they would want better units so they don't get so many support calls. Because they charge for service calls to naive people. And it is literally done by the lowest bidder. Also they want all the spyware they can cram in there to further monetize you. And gross incompetence. The people signing the contracts for the devices aren't the ones analyzing the support calls, and the support centers are trained to get you off the phone not resolve your issue. Which means calls aren't properly categorized into "modem at fault" just "problem exists within users devices." And malice.
|
# ? Jul 20, 2020 18:53 |
|
H110Hawk posted:Because they charge for service calls to naive people. And it is literally done by the lowest bidder. Also they want all the spyware they can cram in there to further monetize you. Even though the hardware might be poo poo... Ironically... my parents have had good support from Frontier with this service. If something goes wrong they have my mom do some basic troubleshooting steps, determine the modem is at fault. And then a actual Frontier tech comes a couple days later with a new modem. The tech plugs in the new modem, does whatever they need to do to authenticate it to the network, and makes sure it works before he leaves. I'm guessing it has something to do with the type of service. Vantage FTTN/VDSL is what they have been rolling out to rural areas, it is unlike their normal DSL services. If they had traditional DSL I figure things would be much different.
|
# ? Jul 20, 2020 19:19 |
|
After figuring out my pci-e wifi card is like 10+ years old and going down the new wifi card / power line networking rabbit hole for awhile I've decided to just run new drops. What was best practice again? Buy 500' CAT 6 from monoprice? What's a good crimping tool? I'm gonna go measure to make sure I don't need 1000' I may as well run upstairs too. I learned how to crimp cables in high school so at least it's not my first rodeo. Alternatively I can just try and figure out all the existing wires in my house, they don't seem to work for the most part and the previous owners have had multiple different providers of telecom. No one removed any of the existing installs, like there are 12+ wires on the side of my house.
|
# ? Jul 20, 2020 19:37 |
|
KozmoNaut posted:Wifi is just a small part of the overall issue. More along the lines of avoiding having an unnecessary 'hunk of junk' router in the mix. MREBoy posted:I set the phone's WiFi connection for the 3200 to Static IP, the various input boxes were auto-filled correctly and already had DNS set for 8.8.8.8 and 75.75.75.75. rebooted phone just in case, no change. What happens if you try just Google's 8.8.8.8 (and 8.8.4.4 if your device requires two)? Or a different one entirely, like Cloudflare's 1.1.1.1 (and 1.0.0.1). The reasoning for this is that when you have multiple different DNS servers, it's usually not a "try the first one, if that doesn't answer use the second" but an "ask everyone; use the fastest answer". So, if one of the ones you set was responding faster, but with the wrong information, you'd continue seeing the issues. You'll also probably want to flush the DNS cache on that device somehow. I'm not particularly familiar with doing this on android devices, but a quick search suggests you can do this in chrome at chrome://net-internals/#DNS
|
# ? Jul 20, 2020 20:00 |
|
Quaint Quail Quilt posted:What was best practice again? Don't use a crimping tool, you need a punch down tool for wires in the walls to terminate them into keystones. Don't use monoprices "self punching" or "tool less" keystones they are garbage, ask the ones I had to throw in the trash. For jumper cables use monoprice pre-terminated cables in whatever lengths you need. If you insist on crimping your own cables stop and don't do it it's a dumb waste of time and money. If you still insist get the rj45 plugs where the wires feed through the end for twice as much money (it's like a few pennies or a dime more per connector) and a crimper with a blade on it.
|
# ? Jul 20, 2020 21:25 |
|
astral posted:More along the lines of avoiding having an unnecessary 'hunk of junk' router in the mix. Did all the above, no change.
|
# ? Jul 20, 2020 21:32 |
|
I have a PiHole running on a Synology. It's using a custom hosts to forward the PiHole's 192.168.. to nas.lan The Synology also runs a handful of other things, which have an address of nas.lan:1234 Is there a way to have service.lan redirect to nas.lan:1234 ? Basically I want to type in whatever.lan and have it forward to nas.lan with the correct port PRADA SLUT fucked around with this message at 23:56 on Jul 21, 2020 |
# ? Jul 21, 2020 23:50 |
|
MREBoy posted:Did all the above, no change. Probably can rule out DNS, then. I'm fresh out of ideas; that really is a strange issue. PRADA SLUT posted:I have a PiHole running on a Synology. It's using a custom hosts to forward the PiHole's 192.168.. to nas.lan A reverse proxy would do this. astral fucked around with this message at 00:23 on Jul 22, 2020 |
# ? Jul 22, 2020 00:21 |
|
If these are all Synology packages then look at the Application Portal - https://www.synology.com/en-us/knowledgebase/DSM/help/DSM/AdminCenter/application_appportalias
|
# ? Jul 22, 2020 00:32 |
|
Thanks Ants posted:If these are all Synology packages then look at the Application Portal - https://www.synology.com/en-us/knowledgebase/DSM/help/DSM/AdminCenter/application_appportalias They're Docker containers, if it matters
|
# ? Jul 22, 2020 04:32 |
|
PRADA SLUT posted:They're Docker containers, if it matters you can set up DSM to handle reverse proxy for you, and certs if you want without too much hassle. something like this: https://blog.golimb.com/2017/07/14/synology-reverse-proxy/
|
# ? Jul 22, 2020 15:31 |
|
I've used it twice in the last couple of weeks, but now I can not get my Asus Ac5300 to boot up or enter rescue mode or well, do much of anything. Internet light briefly, then power light solid, and it just stays that way. Reset holding doesn't effect this at all. How did I brick this thing so HARD?!?! The first DD-WRT upgrade failure I went to stock for a while, but it was pure garbage so I was flashing it back to DD-WRT today when I somehow killed it completely. FML.
|
# ? Jul 22, 2020 23:18 |
|
You should have been using Asus WRT Merlin anyway
|
# ? Jul 22, 2020 23:52 |
|
In the last couple of days, I've started getting this error message whenever I do a Google search, either searching through the address bar or directly on google.com.code:
Searches work fine in other browsers, so perhaps this is specific to Firefox? A quick Bing (ugh) search shows certain other users are seeing similar things, but it doesn't appear to be widespread. Any ideas of things I can check?
|
# ? Jul 22, 2020 23:53 |
|
Charles posted:You should have been using Asus WRT Merlin anyway I was having problems with devices on the otherside of my bridge getting DHCP leases or being able to use DNS with stock, does this fix that.
|
# ? Jul 23, 2020 00:04 |
|
FPS_Sage posted:In the last couple of days, I've started getting this error message whenever I do a Google search, either searching through the address bar or directly on google.com. Does your IPv6 address begin with 2002:....? What ISP do you use?
|
# ? Jul 23, 2020 01:07 |
|
Actuarial Fables posted:Does your IPv6 address begin with 2002:....? Yes, it begins with 2002. My ISP is Comcast.
|
# ? Jul 23, 2020 02:07 |
|
roadhead posted:I was having problems with devices on the otherside of my bridge getting DHCP leases or being able to use DNS with stock, does this fix that. Honestly don't know. It's just a fork of the standard Asus code with features added and maybe bug fixes. It's worth trying. I've found it to be good, but I'm not as much of a power user as the other people in this thread. Early on I did try DD WRT and as I recall it either lacked hardware acceleration or only used one core or something, which left it unable to do a gigabit connection. I'm sure that's changed by now, I was mostly being a smart rear end.
|
# ? Jul 23, 2020 03:51 |
|
FPS_Sage posted:Yes, it begins with 2002. Your router is likely not set up to communicate using IPv6. Comcast has 6to4 routers that allow non-IPv6 networks to reach IPv6-enaled servers out on the internet by converting your router's IPv4 address to a special type of IPv6 address. The "what's my IP" websites will report 2002:... as your IPv6 address, but your router and computer won't list this address anywhere. This 6to4 standard was meant to be used as a transition technology and was depreciated in 2015. Google probably doesn't want to support a 5 year dead technology and they're just saying no to it now. What model of Linksys router do you have? It's possible there's just something you have to enable to get IPv6 working correctly.
|
# ? Jul 23, 2020 06:02 |
|
Is anyone able to help me troubleshoot why my switch isn't working? I have a ERX connected from my ONT and then a Netgear 10 port unmanaged switch (Pro safe version) connected with all my devices off that. It was working all fine until midday today where the switch just stopped working. If I connect devices directly to the switch ports on the ERX they work (tried two different). I've also tried power cycling the switch but that didn't do anything. All the lights are working and I've also tried a different cable and port. Is this maybe a routing loop with the ERX switch ports? I have my DHCP range set outside of my static devices (static up to .61 and then DHCP from .62 on). EDIT: It seems something has started causing issues, can't identify which host yet though. Might be my NAS. Red_Fred fucked around with this message at 07:36 on Jul 23, 2020 |
# ? Jul 23, 2020 07:19 |
|
Zerotier worth anything? I've seen it come up in places.
|
# ? Jul 23, 2020 17:44 |
|
|
# ? Jun 8, 2024 06:27 |
|
Red_Fred posted:stopped working Make any changes to your network devices recently - updates, enabled features, minor config changes? Red_Fred posted:Is this maybe a routing loop with the ERX switch ports?
|
# ? Jul 23, 2020 17:56 |