|
Twerk from Home posted:I'm on AT&T Gigabit internet, meaning that I have to use their provided router. It's a Pace 5268ac, and it's pretty bad. The wifi on it was awful, which I solved by getting two ubiquiti access points. I'm getting tired of the router itself being terrible to configure (I run some servers at home), and occasionally being slow for DNS resolution. I recently set up pi-hole, and learned that you cannot configure a separate internal DNS server for the ATT router's DHCP, meaning that I can't have devices automatically use pi-hole for DNS resolution. I'm inclined now to get my own router, put it behind the AT&T one and put it in the DMZ just have double-NAT. looks like you went through everything I did with the pace. ultimately I ended up just manually configuring dns on all the hosts that needed it to avoid the double NAT DMZ
|
#
?
Feb 1, 2021 21:18
|
|
|
|
| # ? May 31, 2024 21:08 |
|
|
For some reason, my edgerouter x decided it didn't want to route internet traffic anymore this morning. It'll let me get into the dashboard and everything looks fine but I can't hit the internet from anything either plugged into the edgerouter itself or connected to the AP that's powered off the eth4 port. Plugged my laptop directly into the cable modem and I got internet. I swapped out the edgerouter x for an old asus router I had sitting in the closet and everything is working as it was yesterday, just with my old wireless router in place of the edgerouter x. Things I've tried: 1. Factory resetting the edgerouter and running the wizard again. 2. Updated the firmware to the latest version, ran the wizard again. Both of these produced the same results; I can get into the EdgeOS configuration interface and everything looks to be fine, but I still can't hit the internet... Did it just mysteriously die overnight? It's less than two years old.
|
|
#
?
Feb 2, 2021 03:30
|
|
|
Seems unlikely. Need to troubleshoot up the stack as there are some moving pieces. Does the WAN interface have link? Is it getting a DHCP address from the modem on the WAN interface? Can you ping out from the ER-X itself? 8.8.8.8 and google.com are reliably pingable. If yes, move on to ensuring the PAT rule is good. If yes, ensure a client is getting a good DHCP address. Ensure it can ping the inside interface of the router. Try pinging through the ER-X to the internet using an IP and a name -- it could be DNS. Other wacky stuff: your carrier might have switched to ipv6 and your Asus router supports it while it's disabled on the ER-X. Stuff like that.
|
|
#
?
Feb 2, 2021 05:38
|
|
|
Yeah after putting the kids to sleep I was able to look into it more. The edgerouter wasn't getting a DHCP address from the modem. I ended up factory resetting the edgerouter again and for some reason it decided to work this time around. 
|
|
#
?
Feb 3, 2021 03:10
|
|
|
What do I need to know about getting a VPN? Should I go with Nord?
|
|
#
?
Feb 3, 2021 20:27
|
|
|
codo27 posted:What do I need to know about getting a VPN? Should I go with Nord? Nord has had some questionable decisions in the last few years. They're not terrible, but there are better options. Really depends on what you're looking for. Providers like Proton, Mullvad, or IVPN are probably better choices.
|
|
#
?
Feb 3, 2021 20:42
|
|
|
codo27 posted:What do I need to know about getting a VPN? Should I go with Nord? If you're feeling like tinkering you can roll your own wireguard node using a Digital Ocean droplet or other provider for $5/month or so.
|
|
#
?
Feb 3, 2021 20:50
|
|
|
codo27 posted:What do I need to know about getting a VPN? Should I go with Nord? What do you want to do with the VPN? Privacy from your ISP? Torrents? Access home network while away? Encrypt traffic while on public/insecure WiFi? There's a bunch of different options, some are better than others for specific use cases.
|
|
#
?
Feb 3, 2021 21:10
|
|
|
What in the hell is this loving VPN poo poo everyone is convinced they need. I assume its all the loving advertising. I've been going around telling folks its a scam and to remove that poo poo and stop paying.
|
|
#
?
Feb 3, 2021 21:13
|
|
|
I use my wireguard node protect my traffic when using public hotspots. I also have a blackhole hosts file set up on it so that it blocks ads and other nasties for me.
|
|
#
?
Feb 3, 2021 21:35
|
|
|
withoutclass posted:I use my wireguard node protect my traffic when using public hotspots. I also have a blackhole hosts file set up on it so that it blocks ads and other nasties for me. Wireguard to where? The other endpoint is where you are shifting that risk. This is the part the above user is alluding to. You have to trust "nordvpn" to not do whatever you distrust the network you're running it on to do. Public wifi - nayer do wells sniffing your banking info. Home internet - your isp sniffing where you're going and using it against you (illegal torrents) or using it to pry into your life for advertising. Bypassing overzealous firewalls? (att mobile sometimes let's me ssh, sometimes doesn't.) You get the idea. Answer these questions and you're on your way to an answer. That answer is never Norton / sophos / etc "endpoint protection" bullshit. Never.
|
|
#
?
Feb 3, 2021 21:42
|
|
|
I've got an advanced one here... my Comcast has been down for days and the tech that came out had to put in a construction ticket. In the meantime, I'm able to plug my Tmobile phone into my wifi router and use USB tethering, and hey what do you know, the upstream, downstream and ping are all better than Comcast on their best day. The catch is I get throttled after 5 gigs. I have an app on my phone, PDAnet, which hides tethering from Tmo and gives me full speed even past 50GB, but it needs a windows PDAnet client app to be running for the USB tether to work. Is there a way to flash any custom firmware on my wifi router to use PDAnet USB tether with it, or is there some alternate phone app that can hide the tethering?
|
|
#
?
Feb 3, 2021 21:44
|
|
|
redeyes posted:What in the hell is this loving VPN poo poo everyone is convinced they need. I assume its all the loving advertising. I've been going around telling folks its a scam and to remove that poo poo and stop paying. A VPN isn't a scam but the way that some providers advertise it certainly is.
|
|
#
?
Feb 3, 2021 21:45
|
|
|
H110Hawk posted:Wireguard to where? The other endpoint is where you are shifting that risk. This is the part the above user is alluding to. You have to trust "nordvpn" to not do whatever you distrust the network you're running it on to do. I run a droplet on Digital Ocean for it. But pretty much all the things you listed above besides torrents. There's some small mobile data cap improvement that, at least in my head, would come along with using a blackhole hosts file as well so I'm not pulling down ads.
|
|
#
?
Feb 3, 2021 22:24
|
|
|
I've been meaning to switch to Wireguard on my ER-4 now that there are official packages for it. I set up OpenVPN a few years ago and it works OK, but I could never get IPSec/IKEv2 working on it. Really useful to get to my house and access local resources no matter where I am (primary use), though when I used to have gigabit up/down at my last place, I'd just use the VPN all the time when out and about because... why not? I'll prolly leave the OpenVPN endpoint on the ER-4 "just in case" but have only heard good things about WG.
|
|
#
?
Feb 3, 2021 22:36
|
|
|
I dont have much shady goings on. Accessing home from away safely would be nice. With all the talk it seems like they are drat near necessary these days, but maybe I'm being taken for a ride
|
|
#
?
Feb 4, 2021 00:54
|
|
|
I run a Pi 4 with PiHole and PiVPN on it and it’s loving magical. When I did the PiVPN setup I went with WireGuard instead of OpenVPN and this poo poo just works. Super fast and lightweight, I have the client on all of my devices so when I’m not on a trusted network it immediately turns itself on and automatically connects. It’s great on my iPhone because I can have it automatically enable itself when I’m roaming on cellular and not on WiFi, and you can specify friendly WiFi networks so it only connects when it detects that you are on a not friendly network.
|
|
#
?
Feb 4, 2021 01:58
|
|
|
codo27 posted:I dont have much shady goings on. Accessing home from away safely would be nice. With all the talk it seems like they are drat near necessary these days, but maybe I'm being taken for a ride Accessing your home resources while away is a great reason to want to setup a VPN - however you're the one doing it all here. You need to download and run a Wireguard server at your home, port forward the port from your router to that server, then install a wireguard client on your devices. Click connect and off you go. This is Free(tm) assuming you have somewhere already to run the server. "All the talk these days" is basically FUD in most cases. If you want your ISP to not see your data, but you do want say Digital Ocean to be able to see it, then install the wireguard server there and connect from your router/home devices. If you want your sketchy public wifi to not be able to see your traffic, install it at digital ocean or at home. If you want NordVPN in the USA/Netherlands/Canada/UK/whatever to be able to see your data instead of your ISP, pay them. Grab a promo code from your favorite youtuber or something. Sketchy public wifi is a valid concern, if you connect to Starbucks Wifi it's fine, if you connect to my laptop that claims it's Starbucks Wifi it could be a bad day for you. This is becoming a smaller concern with things like Chrome enforcing HSTS and aggressively phasing out old broken TLS/SSL setups.
|
|
#
?
Feb 4, 2021 02:23
|
|
|
Double posting because this cracked me up. Our fs.com rep sent us this amazing email, complete with reddit homelab link and screenshot. 
|
|
#
?
Feb 4, 2021 17:59
|
|
|
Thanks again for the InfiniteCables recommendation earlier, I think we can get everything for around $300 shipped, which is better than I was anticipating. Is there any suggested reading for best practices for setting this all up cleanly with cable management that makes the next person working with it glad it was set up properly? I didn't put any cable management stuff in the order yet because I have no idea what would be useful and what would be frivolous. Is there also such a thing as universal brackets for mounting that switch in the rack? This is the kit needed for that switch, but I can't find it from anywhere that isn't charging $150 in shipping. I'm tempted to just modify a bracket from another model or fabricate it myself out of scrap metal.
|
|
#
?
Feb 5, 2021 10:17
|
|
|
I'm running into data cap problems with Comcast. I saw on the previous page someone asking if there's any way to see what device is using how much data on a network but it didn't sound like there was a clear answer. I've got an Asus router fwiw. My fiancee and I both work from home. Her internet usage isn't a lot. Things on her end are usually pretty small -- a lot of Google spreadsheets and word files. I deal with 100MB-2GB files fairly regularly. I'd been using Box Drive with a folder synced to my desktop. Everything else is in the cloud. I also use a program called TeamViewer to remote access my work computer. Generally I'll download files and then stick them in Box Drive so I can access them on my both my laptop and my work computer. In December we used ~1TB of data and in January we used 1.2TB, about 50GB short of the cap. I got a text from Comcast saying we'd used 90% of our January data about a week before the end of the month so I immediately stopped downloading files and using Box Drive to work off on my personal computer, and started doing everything through TeamViewer. I just checked our data usage in February and we're already at 250GB of data used... We aren't *heavy* users -- we have 4K Netflix but we don't stream hours of that on a daily basis. A lot of what we watch is regular old HD. My fiancee scrolls Instagram a lot, we both stream Spotify but not all day, no YouTube, no torrents, no online gaming. What's weird is we were at ~800GB in November and nothing has really changed since then. I checked the activity monitor but I can't quite figure out how to read it. I'm sure this is a common complaint, because gently caress data caps, but I figured I'd ask some folks who are a lot smarter that me. Does anything sound out of ordinary? Any tips? Unfortunately I'm stuck with Comcast. Every house in my neighborhood except mine has access to gigabit fiber 
|
|
#
?
Feb 5, 2021 20:48
|
|
|
yoohoo posted:I'm running into data cap problems with Comcast. I saw on the previous page someone asking if there's any way to see what device is using how much data on a network but it didn't sound like there was a clear answer. I've got an Asus router fwiw. Check if you can install the Merlin WRT firmware on your router. It gives a pretty good view of usage by MAC address when I used it in the past. https://www.asuswrt-merlin.net
|
|
#
?
Feb 5, 2021 21:53
|
|
|
Coxswain Balls posted:Is there also such a thing as universal brackets for mounting that switch in the rack? This is the kit needed for that switch, but I can't find it from anywhere that isn't charging $150 in shipping. I'm tempted to just modify a bracket from another model or fabricate it myself out of scrap metal. AFAIK the closest thing you'll find to a universal bracket is a shelf. There are some 3rd party rack ears that may or may not work for your switch, depending on the placement of screws and the width of the switch. If the screw holes on the switch are 20mm apart (measured center to center) and have the tools to lengthen the holes on the rack-end of the bracket (your switch is 6mm wider than the switches these are designed for, so just by 3mm each hole) then https://www.amazon.com/magnaroute-FX-13-Multi-Vendor-Compatible-TRENDnet/dp/B01CX6PZMQ might work.
|
|
#
?
Feb 5, 2021 22:13
|
|
|
rufius posted:Check if you can install the Merlin WRT firmware on your router. It gives a pretty good view of usage by MAC address when I used it in the past. Thanks but it looks like my router is no longer supported. That's kind of annoying considering I bought it in November.
|
|
#
?
Feb 5, 2021 22:22
|
|
|
yoohoo posted:I'm running into data cap problems with Comcast. I saw on the previous page someone asking if there's any way to see what device is using how much data on a network but it didn't sound like there was a clear answer. I've got an Asus router fwiw. I think teamviewer is heavier than you might think -- like it'd take a lot of file downloads to equal constant teamviewer usage. Windows 10 has some built in data usage now. Search "Network Status" in Win10 and you should see data usage on the right side. The "Data usage" button will give you a per-app breakdown. If it's not one of your main PCs, you'll have to dive deeper. If you're willing to replace your router, most of the new gen of mesh routers will get you per-device statistics. KS fucked around with this message at 03:07 on Feb 6, 2021 |
|
#
?
Feb 6, 2021 03:02
|
|
|
Ok this is kinda a lame question but I really need a better wifi router vs what the cable company provides. Like its ok but its coverage is kinda poo poo. My place isn't that big but it does have pretty thick walls which is causing problems. I have the router set up in the office and the master bedroom is next to it but I'm dropping a bar by going into that room. If I'm downstairs directly directly under the router the signal is just fine. Ideally I want to keep their router and just plug the new one into the hub and only have some devices hook up to the new router. Would something like this give me better coverage? https://www.amazon.com/Dual-Band-su...&language=en_US I did some googling and that was one of the best ones that came up. I really don't need a mesh set up as its only a 2 story 2 bedroom place but I just need better coverage. Ideally in the $100-200 range.
|
|
#
?
Feb 6, 2021 03:08
|
|
|
yoohoo posted:Thanks but it looks like my router is no longer supported. That's kind of annoying considering I bought it in November. I mean, you could also install an older firmware if you’re comfortable with that: https://sourceforge.net/projects/asuswrt-merlin/files/ Supposedly the default firmware has a bandwidth monitor if you enable the Adaptive QoS features? https://www.asus.com/support/FAQ/1008717/
|
|
#
?
Feb 6, 2021 03:26
|
|
|
Actuarial Fables posted:AFAIK the closest thing you'll find to a universal bracket is a shelf. There are some 3rd party rack ears that may or may not work for your switch, depending on the placement of screws and the width of the switch. If the screw holes on the switch are 20mm apart (measured center to center) and have the tools to lengthen the holes on the rack-end of the bracket (your switch is 6mm wider than the switches these are designed for, so just by 3mm each hole) then https://www.amazon.com/magnaroute-FX-13-Multi-Vendor-Compatible-TRENDnet/dp/B01CX6PZMQ might work. Awesome, this should work perfectly as a base if I can't fabricate my own, thanks.
|
|
#
?
Feb 6, 2021 03:38
|
|
|
H110Hawk posted:Double posting because this cracked me up. Our fs.com rep sent us this amazing email, complete with reddit homelab link and screenshot. 1400 can buy you a good amount of used Aruba or Brocade stuff that is just as trustworthy, probably more reliable, and more functional. I don't even think any of the FS stuff supports Cumulus, at least at that price point, which was the only reason I had ever considered one of their white box switches
|
|
#
?
Feb 6, 2021 04:48
|
|
|
text editor posted:1400 can buy you a good amount of used Aruba or Brocade stuff that is just as trustworthy, probably more reliable, and more functional. I don't even think any of the FS stuff supports Cumulus, at least at that price point, which was the only reason I had ever considered one of their white box switches Oh I wouldn't buy it. I just thought it was funny they sent it with a screenshot of a reddit post where the person doesn't even buy one as part of the marketing material. Cumulus is dead in the water as an "open" platform. They're completely vertically integrated since mellanox bought them. If you think a Broadcom bug fix is going to come out now you're going to be waiting a long time.
|
|
#
?
Feb 6, 2021 05:06
|
|
|
I'm still rocking a Unifi USG3 and it looks like some apps (like the Youtube App on my fireTV) are trying to bypass my DNS settings and using their own resolvers. Is there a good guide on forcing things to use my PiHole for DNS? Is that done through port forwarding settings but like, deny outbound?
|
|
#
?
Feb 6, 2021 21:20
|
|
|
MarcusSA posted:Ok this is kinda a lame question but I really need a better wifi router vs what the cable company provides. Like its ok but its coverage is kinda poo poo. My place isn't that big but it does have pretty thick walls which is causing problems. You can and it's a fine device, but keep in mind you are spending extra for features you are going to turn off. About $100 more than a stand alone AP and switch that do the same thing you are wanting that device to do. However if this isn't a permanent residence, having a device that can do the extra features in the future may not be a bag idea. Not wanting mesh is fine as long as you understand mesh in home networking just means wireless backhaul and you are going to run a physical cable from your existing router to this device.
|
|
#
?
Feb 6, 2021 23:07
|
|
|
KKKLIP ART posted:I'm still rocking a Unifi USG3 and it looks like some apps (like the Youtube App on my fireTV) are trying to bypass my DNS settings and using their own resolvers. Is there a good guide on forcing things to use my PiHole for DNS? Is that done through port forwarding settings but like, deny outbound? You’re looking for “captive DNS”. I set it up on my EdgeRouter. In that case, it was a matter of setting up NAT source and destination rules to force requests over port 53 to my router.
|
|
#
?
Feb 7, 2021 00:22
|
|
|
Cyks posted:You can and it's a fine device, but keep in mind you are spending extra for features you are going to turn off. About $100 more than a stand alone AP and switch that do the same thing you are wanting that device to do. However if this isn't a permanent residence, having a device that can do the extra features in the future may not be a bag idea. Ok fair enough. Is there something I can get that would dramatically increase my wifi strength then? It’s just frustrating being in the next room and having crap pings and DLs.
|
|
#
?
Feb 7, 2021 00:42
|
|
|
MarcusSA posted:Ok fair enough. Is there something I can get that would dramatically increase my wifi strength then? Walls degrade signal and it may be a lot worse if it's a solid wall or an insulated interior wall. Knock out the walls! But on a serious note, do you have dual band and/or are you exclusively using the 5Ghz band or something? If you have the option, try forcing 2.4Ghz and see how that goes. It should work better in terms of retaining signal strength penetrating walls. Top end speeds may suffer, but the end result could still be an improvement overall.
|
|
#
?
Feb 7, 2021 01:25
|
|
|
KKKLIP ART posted:I'm still rocking a Unifi USG3 and it looks like some apps (like the Youtube App on my fireTV) are trying to bypass my DNS settings and using their own resolvers. Is there a good guide on forcing things to use my PiHole for DNS? Is that done through port forwarding settings but like, deny outbound? You can try, but ultimately if the app uses DNS over https you’re going to have to start blocking port 443 on those IPs and that seems like a losing battle. I’d probably try an allow rule to port 53 on your pihole and block everything else.
|
|
#
?
Feb 7, 2021 01:26
|
|
|
rattrap posted:Walls degrade signal and it may be a lot worse if it's a solid wall or an insulated interior wall. Knock out the walls! Yeah they are super thick walls which is the problem. My current wifi router is provided by spectrum and does have 2.4Ghz but it doesn’t provide enough bandwidth to stream games and stuff which is what I really want to do. The 2.4 signal is great just not powerful enough.
|
|
#
?
Feb 7, 2021 01:27
|
|
|
Is this a laptop or a desktop? If it's a desktop drill a hole in your wall and run a cable. Otherwise try reorienting your router or antennas and see if that changes it. Literally prop the thing in its side or repoint the antennas. If it's the shape of the wifis this will tell you. If it's the Faraday cage that is your bedroom it will still be bad. I bet replacing your wifis with a unifi unit solves it though.
|
|
#
?
Feb 7, 2021 01:36
|
|
|
H110Hawk posted:That answer is never Norton / sophos / etc "endpoint protection" bullshit. Never. I'd never heard of Sophos Endpoint before, but I just got my new Macbook Air from work and it came preinstalled with this. Is this just some BS "antivirus" and adware protection? Or is there more to it that lets the IT department monitor my doings on this laptop?
|
|
#
?
Feb 8, 2021 23:46
|
|
|
|
| # ? May 31, 2024 21:08 |
|
|
OldSenileGuy posted:I'd never heard of Sophos Endpoint before, but I just got my new Macbook Air from work and it came preinstalled with this. Is this just some BS "antivirus" and adware protection? Or is there more to it that lets the IT department monitor my doings on this laptop? Both. Sophos is hot garbage. They don't even make an uninstaller because that's not their problem.
|
|
#
?
Feb 9, 2021 02:55
|
|