|
fletcher posted:I'd probably start with an iperf running between your router and gaming rig, make sure it's able to saturate the 1 Gbps. Though if your speedtest was fine during the LAN despite having problems, it sounds like the iperf will probably be fine...Hmmm No QoS unless it's setup by default on pfSense which I don't think it would be. I wonder if I can try something with my current network (again, a slightly different config that used that 8port switch) simultaneously playing on my PS5, desktop, something that runs on my 2014 laptop, and maybe a friend's gaming laptop. BTW it's crazy to me still seeing your posts since I remember you from GenMay for some reason. I think we're about the same age, 35.
|
# ? Jul 16, 2021 02:25 |
|
|
# ? Jun 4, 2024 21:51 |
|
So looking to setup a better network now that we own a house, and with all the shenanigans with unifi looking for an alternative, anyone have any experience with omada? Looks to be reasonably priced with decent hardware.
|
# ? Jul 16, 2021 02:48 |
|
Rakeris posted:So looking to setup a better network now that we own a house, and with all the shenanigans with unifi looking for an alternative, anyone have any experience with omada? Looks to be reasonably priced with decent hardware. I've had an EAP620 running for a few months without any issues, but I'm just logging into it as a standalone device, not using the Omada controller stuff. It's pretty fast and covers a larger area than my Netgear Nighthawk R7000 did. My wife and I have maybe 20 or so wireless devices and they've all worked perfectly with the AP. We both were working from home for a bit and it was nice having something that's nice and stable. It's running off a Netgear PoE switch, and I have a little Lenovo PC I bought for like $150 off eBay running OPNsense handling firewall/ routing. It all works together quite well, I decided to go this route instead of Ubiquiti due to the shenanigans you mentioned and I don't regret it at all. I *might* buy another one and set up the controller on a Windows server I have running in the basement, but the coverage is good enough that I don't really know if I even need a second one. It looks like they're on sale for $129 on Amazon right now, maybe I'll just pick one up.
|
# ? Jul 16, 2021 22:13 |
|
Anybody know if there was trouble with t-mobile Internet or even something broke in either a Win10 or Intel patch? My internet has been down since 8ish CST and all my equipment seems not just fine, but great! My home network (3 computers and a couple of iOS devices) is fine, but I get zero connection over the internet itself at all. Also, if anyone knows a site or even app to check this in the future I would appreciate it. I don’t know enough networking to search Google correctly, and it’s likely someone here would know a good source!
|
# ? Jul 17, 2021 08:32 |
|
okay, updating the edgerouter firmware and bootloader was pretty easy, but the AP just refuses to let me ssh, even though it does let me connect to wifi/ping it. and I don't really want to install java just to use this new ubiquiti network software when 1) I don't even know it'll work and 2) they just got hacked. am I gonna lock myself out even harder somehow if I set it up Network with a local account on an old laptop to test? edit: well I worked it out, apparently it had its own password I temporarily forgot about. Zodium fucked around with this message at 14:19 on Jul 17, 2021 |
# ? Jul 17, 2021 13:26 |
|
I've got NginX serving an Ubooquity jail with a LetsEncrypt cert for public access. I've got separate accounts to log in through NginX itself then my Ubooquity profile so I think that's pretty secure, but I am seeing a lot of brute force attempts in the NginX logs:code:
Anyway, what's the best way to block some of this crap? I see I can configure fail2ban to look at NginX logs, is there a better way to do the same thing from with NginX itself?
|
# ? Jul 18, 2021 05:46 |
|
Takes No Damage posted:I've got NginX serving an Ubooquity jail with a LetsEncrypt cert for public access. I've got separate accounts to log in through NginX itself then my Ubooquity profile so I think that's pretty secure, but I am seeing a lot of brute force attempts in the NginX logs: If you want to block it, use fail2ban. If you want to rate limit, you can do interesting things with BCrypt costs. Basically you can make it much slower to do the decryption. This stack overflow post is a pretty good overview of the approach: https://serverfault.com/a/854889
|
# ? Jul 18, 2021 15:15 |
|
While that does slow down a brute force attack from a single attacker/bot, it also makes it way easier to DDOS your CPU since your server will be churning BCrypt on each request. Fail2ban is probably a better approach overall.
|
# ? Jul 18, 2021 15:35 |
|
SamDabbers posted:While that does slow down a brute force attack from a single attacker/bot, it also makes it way easier to DDOS your CPU since your server will be churning BCrypt on each request. Ya - I’m not wild about the brute force thing. I’m usually not keen on anything but typical ddos protections of fail2ban in these scenarios. That said, on my home network I only access it remotely via VPN (WireGuard these days).
|
# ? Jul 18, 2021 16:17 |
|
Sounds like if I just want to disrupt sniffing bots fail2ban is the way to go. I have it on my local PC already since I have a port forwarded there for external SSH and that process was pretty straightforward. I'll try following along with this article and hope everything works the same on FreeBSD.
|
# ? Jul 18, 2021 21:56 |
|
Takes No Damage posted:Sounds like if I just want to disrupt sniffing bots fail2ban is the way to go. I have it on my local PC already since I have a port forwarded there for external SSH and that process was pretty straightforward. I'll try following along with this article and hope everything works the same on FreeBSD. In this use case I think it should be similar if not largely the same. Actually you might also enable to do some fail2ban stuff with pf on FreeBSD. This is a guide catering to FreeBSD and OpenBSD - https://www.cyberciti.biz/faq/freebsd-openbsd-pf-stop-ftp-bruteforce-attacks/
|
# ? Jul 18, 2021 23:51 |
|
Takes No Damage posted:I've got NginX serving an Ubooquity jail with a LetsEncrypt cert for public access. I've got separate accounts to log in through NginX itself then my Ubooquity profile so I think that's pretty secure, but I am seeing a lot of brute force attempts in the NginX logs: You do you, but I personally require a VPN connection in order to reach just about anything on my network. I really don't like exposing services to the outside world when I can avoid it, because any service could have unknown-to-me bugs which could be potential vectors for somebody to compromise my poo poo. So, I try to minimize my attack surface.
|
# ? Jul 19, 2021 05:47 |
|
^^^ That would probably be ideal, but worst case this is all hosted in a FreeBSD jail with a read-only mount to some media files, I should be pretty safe from losing actual data even if someone does decide to specifically hack in over 80 or 443. At least I'm no longer just forwarding 22 to my desktop and relying on non-standard account credentials to protect me
|
# ? Jul 20, 2021 08:01 |
|
Takes No Damage posted:^^^ That would probably be ideal, but worst case this is all hosted in a FreeBSD jail with a read-only mount to some media files, I should be pretty safe from losing actual data even if someone does decide to specifically hack in over 80 or 443. At least I'm no longer just forwarding 22 to my desktop and relying on non-standard account credentials to protect me That's, um, yes, that's a definite improvement over the port 22 situation. But, if you've got it set up that way (particularly with the data access restrictions), then, yeah, it's probably about as safe as you're gonna get without going the VPN route.
|
# ? Jul 21, 2021 05:34 |
|
Ok so I’m getting ready to go phase 1 of my redesign: Running wires and putting in the ports. Is there a preferred vendor / place to get cat 5e/6 bulk wiring? I need about 400 ft assuming about a 10% overage per wire for bends, cable management etc. also, I’m leaning toward solid copper as some things I’ve read have had negative reviews of copper clad aluminum wire in general though some of it seems to be network pros nitpicking.
|
# ? Jul 22, 2021 17:49 |
|
otter posted:Ok so I’m getting ready to go phase 1 of my redesign: Definitely get solid copper and CAT6 at least. It's not worth it to cheap out with CCA and/or CAT5e if you think you'll ever want to use 2.5/5/10GbE in the future. You can grab a 500ft spool for reasonable price at Home Depot or Lowes, though I've also used Monoprice bulk cable with good results/experience too. If you're running multiple drops to the same places then maybe grab two 250ft spools so you can run two drops at once. I also have had good experience with these keystones which come with a holder to make punching them down easier. If you're going to put in a patch panel then do yourself a favor and get one that accepts keystones. They're much easier to work with and you can mix media types should that be necessary. SamDabbers fucked around with this message at 18:06 on Jul 22, 2021 |
# ? Jul 22, 2021 17:56 |
|
Any AiMesh users know if it's easy to make the existing router a node? I got a newer, faster router and for the moment it's a node, but I'd like to make it the main. Is a reset the only way to do this?
|
# ? Jul 23, 2021 04:32 |
|
Wife and I in two floors, 1200 square feet. Internet connection is 200Mpbs FIOS. We have some kind of older el cheapo netgear router that has generally worked fine in all of our apartments but based on its position now it has a hard time covering the front room of the house. The router has to be at a corner of the house on the bottom floor, and of course the front room top floor is where my desk is. We have a couple laptops and a desktop PC connected via wifi, and a networked Epson printer and a Roku hooked up through ethernet, and a pair of phones and tablets connected via wifi. Generally not a lot of high intensity use - maybe a zoom call + streaming netflix is the most bandwidth intensive stuff that happens. I'd like to get some form of replacement hardware that is relatively extensible and could be used as part of a multi-access point network in a bigger house sometime in the next few years, although I could also be persuaded to just buy a newer and better basic router. I would have picked Unifi but am seeing/hearing a lot of chatter about security vulnerabilities. Does that stuff really matter, and if so, are there good alternatives? I like the idea of being able to plug and play and manage the whole thing through relatively simple tools. I'm pretty computer literate but don't have a lot of time or patience at this point in my life for loving around with configuration in detail and getting various devices to play nice with each other.
|
# ? Jul 24, 2021 03:21 |
|
KYOON GRIFFEY JR posted:Wife and I in two floors, 1200 square feet. Internet connection is 200Mpbs FIOS. We have some kind of older el cheapo netgear router that has generally worked fine in all of our apartments but based on its position now it has a hard time covering the front room of the house. The router has to be at a corner of the house on the bottom floor, and of course the front room top floor is where my desk is. I think UniFi is still fine for the AP side, and a bit of elbow grease / judicious application of firewall rules can get rid of a lot of the dumb UniFi tracking poo poo they added. Personally, I run an ER-4 + CloudKey Gen2+ + 2x U6-LR, 1x U6-Lite, 1x U6-Extender, 2x U6-S24 (12x 2.5 GbE + 12x 1 GbE + 2x SFP+) switches and a few smaller ones. I can’t quite explain why I still use the ER-4, but if it blew up tomorrow, I suppose I might get one of those miniPCs for pfSense… but, there is an elegance to me in the deeply embedded routing solution vs. a “full” PC that now has a BIOS/EFI instance (vs. U-Boot, maybe a proprietary FSBL) and a bunch of extra crap on it. My WAN is only 1000/45 Comcast, so not like I’m pushing a lot of packets. I live in a four story (+1 for garage) townhome from the 80s, first home, so I went a little overboard with installing APs and running cable, but it’s been really fun + I can keep my Tx powers really really low. Only real challenge I have is stucco exterior that means living in a Faraday cage of emotion. movax fucked around with this message at 19:47 on Jul 24, 2021 |
# ? Jul 24, 2021 19:45 |
|
I am in the process of buying a house with 3 ethernet lines ( i think i saw one outside but im not sure what the builder was thinking when they built the house). So I may have to hire someone to install ethernet in the ceilings for some ceiling mounted APs. The house was built in 2015 and there are four levels (2600 sq ft row home) how screwed am i?
|
# ? Jul 25, 2021 03:16 |
|
RoboBoogie posted:I am in the process of buying a house with 3 ethernet lines ( i think i saw one outside but im not sure what the builder was thinking when they built the house). So I may have to hire someone to install ethernet in the ceilings for some ceiling mounted APs. “Three Ethernet lines” (as opposed to seashells?) I’m not sure about, but I will stand by my dinosaur-era advice of “it’s always worth it to run cables where you can”, regardless of how good WiFi / wireless gets. You just never have to think about it after you pull the cable from Point A to B…
|
# ? Jul 25, 2021 03:24 |
|
RoboBoogie posted:I am in the process of buying a house with 3 ethernet lines ( i think i saw one outside but im not sure what the builder was thinking when they built the house). So I may have to hire someone to install ethernet in the ceilings for some ceiling mounted APs. I had an absolute shitload of cat6 ran in the house i moved into last year and it was about $2000. I found a local hifi stereo dealer that did custom systems since they're in walls running wire all day every day. Worked out the best for me vs. any other kind of installer quotes i got, including claimed "low voltage DC wiring" skillsets. edit: 1975 trilevel with no crawlspace and 3 separate tiny attics Sniep fucked around with this message at 04:20 on Jul 25, 2021 |
# ? Jul 25, 2021 04:16 |
|
Sniep posted:I had an absolute shitload of cat6 ran in the house i moved into last year and it was about $2000. I found a local hifi stereo dealer that did custom systems since they're in walls running wire all day every day. Worked out the best for me vs. any other kind of installer quotes i got, including claimed "low voltage DC wiring" skillsets. i may try that, i do want to get a home theater set up and i am debating abandoning speakers and switch to in wall units. im going to have to figure out how to budget for this since we still need to buy furniture. Do i need to install an AP on every floor? or every two floors?
|
# ? Jul 25, 2021 04:51 |
|
RoboBoogie posted:Do i need to install an AP on every floor? or every two floors? Entirely depends on your floor plan and interior construction. It took me a little bit of experimentation before I finally gave in and bought two more APs to bring it to four, one on each floor and one in the garage. My floor plan sans garage is an L with equal length sides so I dropped the APs as close as possible to the center. Since you’re going to have someone running cable, go with more than you think you need.
|
# ? Jul 25, 2021 11:54 |
|
TITTIEKISSER69 posted:Any AiMesh users know if it's easy to make the existing router a node? I got a newer, faster router and for the moment it's a node, but I'd like to make it the main. Is a reset the only way to do this? Boosting this with an update and an appeal for help from anyone with knowledge. So my new router (AC3100) is now my main router and AiMesh router, and happily adopted my AC-68U (was T-Mobile) as a node. All good there. However the problem is with my AC-68P (also T-Mobile), which was formerly my router. The AC68P refuses to become a node, I've tried doing so by going through the web interface wizard and moving the LAN cable to the new router when prompted, and by using the Asus Router App on my phone. It has no problem becoming a router, and I've tried hardware reset, clearing NVRAM on the ASUStek CFE MiniWeb Server page, but no change. I've also tried uploading the AC68U firmware to it via the web interface, and by putting it in Rescue Mode and using the firmware restore tool. No luck. Any ideas? It is currently on the AC68P firmware, version 3.0.0.4.386.43129
|
# ? Jul 25, 2021 18:21 |
|
RoboBoogie posted:I am in the process of buying a house with 3 ethernet lines ( i think i saw one outside but im not sure what the builder was thinking when they built the house). So I may have to hire someone to install ethernet in the ceilings for some ceiling mounted APs. Is it wired for telephones, by chance?
|
# ? Jul 26, 2021 00:22 |
|
astral posted:Is it wired for telephones, by chance? no phone outlets in this one, which was surprising. i have rented a house with phone outlets and switched everything to ethernet. I guess they were expecting millennials to buy this house It is wired for cable though, i dont know if i can use that to pull in ethernet and cable lines into it. RoboBoogie fucked around with this message at 03:42 on Jul 26, 2021 |
# ? Jul 26, 2021 00:50 |
|
astral posted:Is it wired for telephones, by chance? My townhouse does (Cat5e) but I cannot find the white recessed media box it all should be wired to anywhere - my neighbors across the street showed me a picture of theirs in the garage, but I'm almost wondering if contractors put it in an adjacent unit Even though contactors use cat5 for these things, they still sometimes do weird poo poo with it
|
# ? Jul 26, 2021 16:45 |
|
I want to run a network cable from my basement to the upstairs. The basement is currently unfinished but I'm going to finish the walls later this year. I have fiber internet. The fiber cable runs in through the basement wall and connects to the modem. The modem connects to the router. I want to run the network cable upstairs to run a second router for better wifi signal upstairs. 1. What sort of faceplate should I plan on using for the fiber cable where it comes through the finished basement wall to connect to the modem? A brush plate? Or should I get something else and terminate the cable at the faceplate behind the wall, then use another cable to connect the faceplate to the modem? I'd prefer to avoid messing with the fiber cable as I've heard they are fragile. 2. What kind of setup should I have for the network connection between the upstairs router and the modem downstairs? I have an amazon basics cat6 that's long enough. I could just run it through brush plates at both ends. Or if it's worth it I could get better cable and terminate it at real faceplates both upstairs and downstairs, and then plug into those using short male-male cables. What's the best practice here?
|
# ? Jul 26, 2021 17:22 |
|
Sous Videodrome posted:I want to run a network cable from my basement to the upstairs. The basement is currently unfinished but I'm going to finish the walls later this year. I have fiber internet. The fiber cable runs in through the basement wall and connects to the modem. The modem connects to the router. I want to run the network cable upstairs to run a second router for better wifi signal upstairs. This sounds vaguely like my parent's house - I can write more about it later, but can you show us what this "fiber modem" is? Whether it's an ONT or something else you'll probably be best off having that be where the fiber ends in your house so you only have to deal with Cat6 after that. Unless it's in a truly terrible place, that can probably stay put. AT&T put my parent's ONT in their garage and ran Cat5e from it to the media box in their bedroom closet, so I gave them a dumb cheap APC UPS to sit in their garage to do battery backup, fully expecting that summer or winter will kill it eventually. My dad called me one day saying internet was down, when I went there I found he was drywalling the garage and while he didn't unplug the ONT, he did unmount it from the wall and let it dangle by the fiber, curbing is past the point where it broke internally. Had to have AT&T resplice it
|
# ? Jul 26, 2021 17:52 |
|
Here it is. I looked on all sides of it and didn't see any model number markings. It's whatever centurylink installed. You can see the fiber cable comes through the wall through a hole drilled in the siding. Then it comes through that hole in the old plaster. When I finish the walls I will frame them in at the level of that stud on the left, then drywall on top.
|
# ? Jul 26, 2021 19:12 |
|
You could probably use a keystone fiber coupler. Just figure out what kind of fiber that is and the connector, then buy an appropriate coupler and patch cable.
|
# ? Jul 26, 2021 19:17 |
|
Do channels fire 2.4 and 5ghz matter on router setup? Move defaults to auto and 48 for each but I'm trying to set if there's anything that might be hurting performance. In the room with the router in getting closer to my max speeds and 30-50ms latency, but the next room knocks 100Mbps off, and gives me 80-110ms latency. I don't think it's the router itself so I'm not ready to buy a new one to try just yet. Edit: for what it's worth in using a Netgear orbi rbk50 wired satellite which I can't imagine has been significantly improved upon with respect to signal and reception in newer routers considering it's only 3 years old, but I might be wrong on that. PageMaster fucked around with this message at 06:38 on Jul 27, 2021 |
# ? Jul 27, 2021 06:26 |
|
UK goon here. Last week my dad switched from Virgin Media hybrid fibre to BT fibre to the premises, going from Virgin's 350Mbps package to BT's 900Mbps. While the hardwired speed he's getting is as advertised, his WiFi speeds have taken a nosedive. He uses a couple of Unifi access points wired by Ethernet in a mesh network setup. He used to get around 300Mbps download but now this has dropped to under 200Mbps. Any idea why that would be?
|
# ? Jul 27, 2021 12:28 |
|
Sous Videodrome posted:Here it is. I looked on all sides of it and didn't see any model number markings. It's whatever centurylink installed. Fwiw that's a calix 844G. There's a sticker with a bunch of info covered by the stand at the bottom. E: actually not an 844, the one you have doesn't do wifi based on the LEDs. Very similar though. If you ever really need to know slide the bottom stand thing off. NmareBfly fucked around with this message at 14:12 on Jul 27, 2021 |
# ? Jul 27, 2021 14:07 |
Why are my downloads going so slow all of a sudden? I've got a dedicated server in LA (I'm near SF) and when I initially set it up I was able to hit 95MB/s downloading from it. For the past couple weeks my downloads from this server top out at 1.2MB/s though. Running speed tests locally max out my gigabit connection, and running speed tests on the server also max out that gigabit connection. Just luck of the draw with routing along the way?
|
|
# ? Jul 27, 2021 18:00 |
|
fletcher posted:Why are my downloads going so slow all of a sudden? I've got a dedicated server in LA (I'm near SF) and when I initially set it up I was able to hit 95MB/s downloading from it. For the past couple weeks my downloads from this server top out at 1.2MB/s though. Running speed tests locally max out my gigabit connection, and running speed tests on the server also max out that gigabit connection. Just luck of the draw with routing along the way? what do your traceroutes and mtrs look like? multithreaded?
|
# ? Jul 27, 2021 19:35 |
|
text editor posted:My townhouse does (Cat5e) but I cannot find the white recessed media box it all should be wired to anywhere - my neighbors across the street showed me a picture of theirs in the garage, but I'm almost wondering if contractors put it in an adjacent unit do you see the wires in the basement, the place i once rented had the wires bundled and tied up in the basement, no media box
|
# ? Jul 27, 2021 20:28 |
|
PageMaster posted:Do channels fire 2.4 and 5ghz matter on router setup? Move defaults to auto and 48 for each but I'm trying to set if there's anything that might be hurting performance. In the room with the router in getting closer to my max speeds and 30-50ms latency, but the next room knocks 100Mbps off, and gives me 80-110ms latency. I don't think it's the router itself so I'm not ready to buy a new one to try just yet. Generally the Orbi’s use dedicated wireless backhaul. What that means is if you choose channel 48, it saturates the remaining 5GHz spectrum as the backhaul for satellites to communicate. That thing is jam packed full of radios. Which is a long way to say, it probably doesn’t matter. That said, if you’re in an apartment and several people are using Orbis, your spectrum is gonna be super crowded. Anyway - what are your walls made of? Does latency/throughput improve if you move the satellite to another location in the room? EDIT: I’ve got a house with 3 nodes and my SIL basement apartment has a 4th one. There’s exterior walls and multiple floors involved so a lot of obstruction. I have 1Gbps internet and I get around 250-300mbps on most devices across the house. Latency is usually around 10-25ms. rufius fucked around with this message at 15:56 on Jul 28, 2021 |
# ? Jul 28, 2021 15:54 |
|
|
# ? Jun 4, 2024 21:51 |
|
I think most people don't have wireless backhaul because there's a cheaper version of everything (eero, orbi) that DOESN'T have it
|
# ? Jul 28, 2021 17:02 |