|
CaptainSarcastic posted:I turned on IPv6 in my router, got an address from the ISP, and showed an IPv6 address assigned to my computer, but the IPv6 test site still showed me not having IPv6 working. I didn't see any effect on my speedtests, although I'm not sure that would be expected anyway. Should I have powercycled my modem and router even though the DHCP handoff appeared successful? Did you get a real IPv6 address or are you only seeing a link-local (starts with fe80:) one?
|
#
?
Nov 1, 2020 23:30
|
|
|
|
| # ? May 17, 2024 19:40 |
|
|
astral posted:Did you get a real IPv6 address or are you only seeing a link-local (starts with fe80:) one? The router shows a real one, my computer shows a local one. I just changed the IPv6 DNS from Comcast to Cloudflare, renewed my DHCP lease, reconnected to my router, and same result.
|
|
#
?
Nov 1, 2020 23:44
|
|
|
CaptainSarcastic posted:The router shows a real one, my computer shows a local one. Do you know how your ISP assigns IPv6 addresses so you can configure that on your router? I would guess it's probably DHCPv6-PD, where your ISP delegates you a prefix (something like a /64 or /56), and your router then assigns addresses to your devices from there.
|
|
#
?
Nov 2, 2020 00:03
|
|
|
skipdogg posted:My ISP doesn’t even support IPV6 right now, and they switched to CGNAT last year. The biggest issue with that situation for me was Xbox live being very unhappy and I lost direct connection to my Plex server and home VPN server It shouldn't be seen as acceptable in TYOOL 2020 to move to CGNAT without also implementing IPv6
|
|
#
?
Nov 2, 2020 00:11
|
|
|
astral posted:Do you know how your ISP assigns IPv6 addresses so you can configure that on your router? I would guess it's probably DHCPv6-PD, where your ISP delegates you a prefix (something like a /64 or /56), and your router then assigns addresses to your devices from there. I'll have to look into it. I booted over into Windows and see the same behavior there, too. Both Linux and Windows appear to be set to allow IPv6, so I'll look at the router settings.
|
|
#
?
Nov 2, 2020 00:17
|
|
|
CaptainSarcastic posted:I turned on IPv6 in my router, got an address from the ISP, and showed an IPv6 address assigned to my computer, but the IPv6 test site still showed me not having IPv6 working. I didn't see any effect on my speedtests, although I'm not sure that would be expected anyway. Should I have powercycled my modem and router even though the DHCP handoff appeared successful? You must make sure the firewall is enabled, and none of the stupid "let us help you poke holes in it" features are enabled. (UPnP for example.) You get a lot of firewalling for free with NAT that evaporates with ip6. Default deny with keep-state for outbound connection tracking is all you need and should be the default.
|
|
#
?
Nov 2, 2020 00:39
|
|
|
I had ipv6 enabled for a while but turned it off because it was slower. Youd think it would be the same but it’s not, I was getting longer traceroutes with ipv6, in one case going to Europe and back to access a server that was a 2 hour drive from my house. Lots of bad ipv6 route tables out there.
|
|
#
?
Nov 2, 2020 02:42
|
|
|
Perplx posted:I had ipv6 enabled for a while but turned it off because it was slower. Youd think it would be the same but it’s not, I was getting longer traceroutes with ipv6, in one case going to Europe and back to access a server that was a 2 hour drive from my house. Lots of bad ipv6 route tables out there. What kind of IPv6 implementation did your ISP have?
|
|
#
?
Nov 2, 2020 03:24
|
|
|
astral posted:What kind of IPv6 implementation did your ISP have? Probably CGNATing everything into their legacy v4 interconnects compatibility: yes good idea: no
|
|
#
?
Nov 2, 2020 04:01
|
|
|
And some isp's had really lovely uplinks for ip6. "Hey hurricane electric will give us free ip6 if we hit this peering exchange" or "$0.50/mbps for ip6 this checks a box." when in reality HE is garbage. (Pretend they're buying where 50¢ is cheap.)
|
|
#
?
Nov 2, 2020 04:32
|
|
|
I got it to the point where it was showing me getting an IPv6 address but still timing out on most of the tests, so I've given up for now. It doesn't seem like I would see a real benefit from it, so am mostly doing it out of curiosity. I'll table it for now and leave it disabled unless I'm missing some good reason to get it up and running.
|
|
#
?
Nov 2, 2020 04:43
|
|
|
Hadlock posted:I think most modern parts of the internet use ipv6 at this point Pretty much this, the majority of US traffic to Facebook is over IPv6 (and UDP), Google is almost half, it's already well past the time ISPs should get over their poo poo and have native v6 for everyone already H110Hawk posted:And some isp's had really lovely uplinks for ip6. "Hey hurricane electric will give us free ip6 if we hit this peering exchange" or "$0.50/mbps for ip6 this checks a box." when in reality HE is garbage. (Pretend they're buying where 50¢ is cheap.) Cogent's IPv6 implementation and network is orders of magnitude worse than HE at a higher price point
|
|
#
?
Nov 2, 2020 04:53
|
|
|
Biowarfare posted:Cogent's IPv6 implementation and network is orders of magnitude worse than HE at a higher price point I mean calling it a network is pretty disingenuous don't you think?
|
|
#
?
Nov 2, 2020 05:03
|
|
|
H110Hawk posted:I mean calling it a network is pretty disingenuous don't you think? It can only reach 1/3 of the internet! (They've also recently started charging per BGP session... when you buy IP transit ...)
|
|
#
?
Nov 2, 2020 05:22
|
|
|
Biowarfare posted:It can only reach 1/3 of the internet! We got hit with that stupid loving charge, and it's not the amount it's that it's basically the equivalent of a Frontier/Charter/Spectrum below the line unadvertised required fee that is definitely not a government tax.) Called to do a turn up and they asked why just point our default at them statically. "You didn't order BGP." gently caress all the way off. (We have it as a outbound nat for untrustworthy connections, such as from employees.  )
|
|
#
?
Nov 2, 2020 05:26
|
|
|
H110Hawk posted:First thing I would do is to try wiring one of the failing devices during an outage. If it works its a wireless issue, which could still be the router getting overloaded. Wifi load is a combination of throughput and associations (aka devices on the wifi). Sounds like you are at 10 devices. Are your tv's themselves on the wifi? Reduce one or the other to increase throughput. Buy a 100ft ethernet cable and string it along the floor. Unplug your chromecasts (etc) and see if it helps. Sorry for the issue necromancy but I tried hardwiring a machine that was having issues and it seems to be fine now on that machine. So yeah maybe it’s a wireless issue. Again, I never had these issues with the Xfinity router. Checking the TP Link settings page, it looks like there are 8 wireless devices on the network in the worst case. Is it possible that the router picked a suboptimal wireless channel to park on? Any smarter way to diagnose that other than forcing it to other channels and seeing if it gets better? It’s difficult because it’s intermittent, sometimes everything works fine and sometimes it’s unusable.
|
|
#
?
Nov 2, 2020 13:48
|
|
|
Biowarfare posted:Pretty much this, the majority of US traffic to Facebook is over IPv6 (and UDP), Google is almost half, it's already well past the time ISPs should get over their poo poo and have native v6 for everyone already I think a lot of this is because a large portion of Facebook access is done over cellular networks. All the cellular carriers natively implemented IPv6 during their 4G buildouts. I'm pretty sure v6 support was a requirement of the various 4G standards... My own ISP I can see their ASN has several IPv6 peers, but v6 has not been enabled on their own network yet. :/
|
|
#
?
Nov 2, 2020 14:57
|
|
|
stevewm posted:I think a lot of this is because a large portion of Facebook access is done over cellular networks. All the cellular carriers natively implemented IPv6 during their 4G buildouts. I'm pretty sure v6 support was a requirement of the various 4G standards... I think the UDP part (HTTP/3 or QUIC) is also because of Chrome or native app on mobile devices, since it's significantly faster on high latency/mobile devices than normal TCP-based HTTPS with handshaking and all. For whatever reason, my ATT hotspot doesn't give IPv6 addrs anyway (still).
|
|
#
?
Nov 2, 2020 19:14
|
|
|
H110Hawk posted:You must make sure the firewall is enabled, and none of the stupid "let us help you poke holes in it" features are enabled. (UPnP for example.) You get a lot of firewalling for free with NAT that evaporates with ip6. Default deny with keep-state for outbound connection tracking is all you need and should be the default. I spent a bunch of time looking into my UDMs firewall based on this post. Now to figure out precisely the right IPv6 settings for Telus fibre.
|
|
#
?
Nov 3, 2020 06:25
|
|
|
Would a UPS of this size be good enough to keep the modem and router up for a while? Winters are loving brutal here and for that price I dont think its worth being without if we can keep internet during the many outages we'll have over the next 4-5 months.
|
|
#
?
Nov 3, 2020 12:56
|
|
|
The VA of a UPS is more related to the current you can draw through it than the runtime you can expect to get - you can boost runtime without changing the VA by adding more batteries, for example. That model has a calculator on the APC website that shows you the expected battery life under certain loads: https://www.apc.com/shop/ca/en/products/APC-Back-UPS-6-Outlets-450VA-120V-Canada/P-BN450M-CA If we say the modem and router are going to draw 25W then you'll get 1hr 20 out of it.
|
|
#
?
Nov 3, 2020 13:19
|
|
|
So something like this is probably a better bet. Says over 4 hours with 15w draw on the site https://www.amazon.ca/APC-Back-UPS-Battery-Protector-BE550G/dp/B005GZRUZW?th=1
|
|
#
?
Nov 3, 2020 13:30
|
|
|
You might be better off with a DC UPS if you just need to power devices that have power bricks - e.g. if your modem and router both have a 12v power supply then a UPS is going to be boosting the battery voltage up to 120v for the transformer in the plug to drop it down to 12v again, and that's inefficient. https://www.cyberpower.com/global/en/product/series/indoor_dc_ups_with_12v
|
|
#
?
Nov 3, 2020 14:46
|
|
|
Could be wrong but I dont believe my modem or my router have bricks on the cable. Or does the enlarged box on the plug itself count?
|
|
#
?
Nov 3, 2020 14:56
|
|
|
Thanks Ants posted:You might be better off with a DC UPS if you just need to power devices that have power bricks - e.g. if your modem and router both have a 12v power supply then a UPS is going to be boosting the battery voltage up to 120v for the transformer in the plug to drop it down to 12v again, and that's inefficient. Unless your devices specifically are wired for this don't do this. You're going to be cutting and splicing your power bricks. If you need extended run times then see what you can find on the used market without batteries, but you're eventually going to need to power your devices too if you exceed the battery in your laptop for example.
|
|
#
?
Nov 3, 2020 16:04
|
|
|
Its mainly just to keep in touch and stuff on our phones. Outages are common and can last, sometimes into the double digits in hours. This doesn't add up to me. Why's the 550VA unit last longer than the 650? 
|
|
#
?
Nov 3, 2020 17:49
|
|
|
codo27 posted:Its mainly just to keep in touch and stuff on our phones. Outages are common and can last, sometimes into the double digits in hours. Look up the specs for the replacement batteries. What you're missing is an element of time. Volt-Amps is an instantaneous load it supports. How long it supports that is volt-amp-hours. Find the battery spec, it will likely say 12v, 100Ah (or whatever.) Now you can do the rough algebra to figure out how long it will last under your load.
|
|
#
?
Nov 3, 2020 18:27
|
|
|
Honestly if you want to do it right, go get a marine deep cycle battery, a trickle charger and an inverter Trickle charger $25 https://www.amazon.com/BLACK-DECKER-BM3B-Automatic-Maintainer/dp/B0051D3MP6/ Deep cycle battery $65 (you can get a 100 amp hour battery for ~$170, read up on lead acid technology, you can really only get about 50% of the amp hours out of the battery before doing damage to it) https://www.amazon.com/Weize-Rechargeable-Cycle-Battery-Replaces/dp/B07SJRR8TZ/ Really nice marine grade inverter: $275 https://www.amazon.com/Victron-Phoenix-Inverter-VE-Direct-5-15R/dp/B076T8MW4F I personally own this one and it hasn't caught fire yet, $20.00 https://www.amazon.com/gp/product/B01KT26D68/ I mean, yes, you'll have to unplug all your poo poo, and then plug it into the inverter, but if it's out that often and for that long maybe it's worthwhile. The tricky thing about inverters (and why I listed the $250 model) is that some laptops won't charge off cheap inverters due to the AC sine wave really being AC square wave Alternately if you have modern cell phones/laptops that all charge off of USB-C PD you can just wire a couple of these directly to the battery and skip the DC-AC-DC conversion dance: https://www.amazon.com/Charger-Anker-Adapter-PowerDrive-Delivery/dp/B07YY7KQZP/  But yeah as someone else pointed out, those UPS things will run your router and modem for about 3-4 hours. We used to have a bunch of summer storms in Dallas and our wooded neighborhood on top of a "hill" would see outages a couple of times every summer. This worked for that, but sitting out long winter storms, snowed in, I would look for a better solution than a UPS designed to meet minimum criteria by the office secretary/IT department. Edit: I have a lot of free time today https://www.rapidtables.com/calc/electric/Amp_to_Watt_Calculator.html A 100 amp hour 12v lead acid battery will, 1 amp hour at 12v is about 12 watts, which is about what your cell phone charger puts out (the one that came in the box, not an upgraded charger), so a 100ah battery can be discharged to 50%, gives you 50 hours of cell phone charging, or about 1 day of continious cell phone charging for two people. Realistically you could run two phones off that battery for three days. That doesn't include your router/modem, which will probably burn through that battery in a day, maybe faster If you have a house, this wraps back around to buying a 2kw generator, which cost about $999, require no maintenance and will run for a week straight if you have enough gas (10 gallons? maybe a little more) and then you can run the microwave or toaster oven if you have a small/crappy enough model Hadlock fucked around with this message at 21:33 on Nov 3, 2020 |
|
#
?
Nov 3, 2020 21:27
|
|
|
codo27 posted:
Probably a smaller inverter, that takes less juice when not being driven hard
|
|
#
?
Nov 4, 2020 06:31
|
|
|
Apparently “being unplugged for a few hours” was too much of a challenge for my AP AC Pro, and it utterly refused to connect to my router and then refused to connect to my phone for adoption after multiple factory resets. What pieces of poo poo these things are.
|
|
#
?
Nov 6, 2020 01:41
|
|
|
I'm about to buy gear for my home, I have a unifi unit now for my 1600 sq ft place and it's great. After reading some posts like the above, how would you goons buy? I was looking at a dream machine plus two more ap units and a poe switch.
|
|
#
?
Nov 6, 2020 02:51
|
|
|
Gyshall posted:I'm about to buy gear for my home, I have a unifi unit now for my 1600 sq ft place and it's great. After reading some posts like the above, how would you goons buy? I was looking at a dream machine plus two more ap units and a poe switch. I've got 8 pieces of Unifi gear in my setup and have had zero issues. Granted I've only been using it less than a year. I setup my parents house with a dream machine and two Flex HD and it has been great as well. Seems like certain products of theirs had a rough go with first revisions and stuff but overall it seems like pretty good stuff to me. I would be curious to see what their support has to say for Fallom's issue - Fallom can you keep us posted?
|
|
#
?
Nov 6, 2020 03:19
|
|
|
My personal opinion on gear Pfsense or opensense firewall/router Unifi AP’s HP switch(es) I’m not touching the dream machine and don’t care to have the whole unifi stack.
|
|
#
?
Nov 6, 2020 03:20
|
|
|
I'm UniFi APs, EdgeRouter for routing (thinking about pfSense occasionally) and have started getting UniFi switches to replace my EdgeSwitches. The EdgeSwitch UI is actually pretty good + better for a power user — Ubiquiti makes some braindead UI/UX decisions in their controller and it's nuts that I can do some stuff from the phone but not the web browser interface. Not sure what I'll do with my EdgeSwitches later, but I got sucked into the whole 'one dashboard' thing... but not enough to ever consider switching to it for routing for myself. Got a Cloud Key Gen 2 Plus recently though to replace my Cloud Key Gen 2 (selling it on SA-Mart) as I do want to try out the Protect stack.
|
|
#
?
Nov 6, 2020 05:42
|
|
|
Due to the need of reliability and speed from my wife and I working from home, I am putting together a more robust network set-up than my current Samsung mesh network. I now have a Ubiquiti Gateway connected to our Gigabit Fiber modem and am looking to use an HP Procurve 2910al-48G-PoE Ethernet Switch to connect everything else to as I'm looking to hardwire everything I can. Being that I'm fairly new to managed switches, I have 2 questions with this set-up: 1. Is there a security concern given the age of the HP switch or can I simply rely on the gateway to cover that? 2. Is the set-up I described above the ideal connection route? The reason I ask this is because with the above set-up I get ~770mb up/down while connecting my gigabit modem directly to my switch yields ~900mb up/down. Not sure if this should be expected with a dedicated gateway. Thanks
|
|
#
?
Nov 6, 2020 14:07
|
|
|
Looking for a recommendation here. We are re-doing our home network stack, at its core will be a Cisco Meraki switch and wireless AP (got 'em free and they seem quite nice), as well as some Mikrotik SFP switches. We've had a generic Netgear as our router/firewall (lol)/VPN server and would like to replicate that functionality with something a little less...poo poo. So what are some favorites here for a firewall + VPN server, with enough power to keep up with symmetrical 1Gb internet? We do have a 24/7 NAS that might be able to pick up that duty via software VM, though I'd have to ensure it has enough ports available, but we're looking to keep tech-janitoring to a minimum. I'm fine going to the box and telling it to update every so often, but I don't want it to be such a manual solution that I need to be touching it every week.
|
|
#
?
Nov 6, 2020 15:38
|
|
|
DrDork posted:Looking for a recommendation here. We are re-doing our home network stack, at its core will be a Cisco Meraki switch and wireless AP (got 'em free and they seem quite nice), as well as some Mikrotik SFP switches. We've had a generic Netgear as our router/firewall (lol)/VPN server and would like to replicate that functionality with something a little less...poo poo. How long are the licenses on the "free" Meraki stuff you got? That's going to suck when they run out. If I had to do a new router/firewall today, I think I would go protectli and pfSense it on one of the i3 models. You can get the same thing from AliExpress as well, but I like the idea of using CoreBoot on a machine like that and they've at least done the legwork in making sure the specific white box model works with their CoreBoot binaries — its an extra $150 over ordering from Ali, but it ships faster / saves you a bit of time. I think the only thing I would knock it on is not having a SFP slot — don't really need 6 copper NICs and it would save me an adapter in my current setup.
|
|
#
?
Nov 6, 2020 18:57
|
|
|
movax posted:How long are the licenses on the "free" Meraki stuff you got? That's going to suck when they run out. 3 years, which'll be long enough that by then I'll expect to be moving up to some better gear--I've got enough stuff running over SFP+'s that I'm hoping my next reset will be able to be based around something like a 8-port 10Gb minimum switch as the core and then a 8-port 1Gb ethernet off a trunk for the low-speed devices. Plus it looks like a 3 year license for my setup would only be about $100, so if I got 6 total years out of the gear for $100, I'd consider that a steal. Protectli looks pretty neat--is there any real need for the i3 model when even their lowest end one claims full gigabit line speeds? Since it'd simply be sitting at the border I'd have no need of the additional ports of the higher end models, and it'd only be serving up stuff for two people + a NAS (admittedly running a crap ton of torrents, but still). e; I don't care much about VPN speeds--anything I'm doing via VPN is usually just light browsing or at most streaming a 1080p or lower movie off Plex. DrDork fucked around with this message at 21:24 on Nov 6, 2020 |
|
#
?
Nov 6, 2020 19:17
|
|
|
DrDork posted:3 years, which'll be long enough that by then I'll expect to be moving up to some better gear--I've got enough stuff running over SFP+'s that I'm hoping my next reset will be able to be based around something like a 8-port 10Gb minimum switch as the core and then a 8-port 1Gb ethernet off a trunk for the low-speed devices. Plus it looks like a 3 year license for my setup would only be about $100, so if I got 6 total years out of the gear for $100, I'd consider that a steal. I have a psychological aversion to buying anything from Intel that's Celeron / Atom / not part of the "main" Core series. It's completely irrational and there is data to prove I'm wrong, but I just remember those generations where they knee-capped the gently caress out of Celerons and they were god awful. You said you don't care about VPN speeds though, so the main reason (they benched here: https://protectli.com/kb/openvpn-performance/) to get the FW6x doesn't apply to you. But seeing as even 10+ year old machines could theoretically support Gbit line rates, you'd be 'future proofing' for awhile if you got a FW6 I think, in case you wanted to throw VPN or other functions on there.
|
|
#
?
Nov 6, 2020 21:47
|
|
|
|
| # ? May 17, 2024 19:40 |
|
|
movax posted:But seeing as even 10+ year old machines could theoretically support Gbit line rates, you'd be 'future proofing' for awhile if you got a FW6 I think, in case you wanted to throw VPN or other functions on there. Yeah, I guess I'm just looking for some sort of performance review that has something like DNSSEC, DPI, etc., turned on. I mean when even a $20 switch can do 1Gb line speed switching, I have no doubt that their little Atom boxes can do the same, but I'm not as sure once you start layering on the bits that make it an actual firewall. Couldn't find any performance data for that sort of thing on their site (and I guess it's understandable since you can load so many different OSes and services on there), but I just have no real gut sense for how powerful I'd need it to be. I mean I suppose it can't be that bad if my $100 Netgear can keep up as-is, right?
|
|
#
?
Nov 6, 2020 21:59
|
|