|
Kazinsal posted:existing network appliances piss me off so much I'm writing a routing/firewall OS can you do something fancy with eBPF
|
# ? Jun 12, 2021 11:39 |
|
|
# ? Jun 1, 2024 00:18 |
|
my homie dhall posted:what do people think about cumulus? it's very good and you should use it if you can
|
# ? Jun 12, 2021 16:36 |
|
yea we like it. works great with the "use ansible for all of your configs" model from a few posts ago.
|
# ? Jun 12, 2021 17:22 |
|
cumulus is neat but they should open source their switch ASIC drivers. insanely fuckin dumb that you can buy "white box" switches that only work with two OSes (cumulus and Dell FTOS) open network install environment: a busybox ramdisk in an EFI system partition so you can have the freedom to choose which closed source network OS you wish to use
|
# ? Jun 12, 2021 21:08 |
|
They're beholden to the same Broadcom/Mellanox SDKs as everyone else.
|
# ? Jun 13, 2021 01:44 |
|
Kazinsal posted:existing network appliances piss me off so much I'm writing a routing/firewall OS lol
|
# ? Jun 13, 2021 02:36 |
|
my stepdads beer posted:can you do something fancy with eBPF if he was gonna use ebpf he wouldnt have to write the os
|
# ? Jun 13, 2021 04:04 |
|
oh nvm i was thinking xdp i guess
|
# ? Jun 13, 2021 04:05 |
|
I dunno if any of youse have had to deal with it yet, but I found out this weekend iptables feels positively ergonomic compared to its successor. nftables has an interface that could only have been developed on extreme linux brain
|
# ? Jun 14, 2021 06:05 |
|
agreed. I'm using the iptables wrapper for it atm
|
# ? Jun 14, 2021 10:46 |
|
Last time I looked at openconfig/ansible for networking it supported like Maybe 10% of one of my edge switch Configs And I really wanted it to work as well
|
# ? Jun 23, 2021 11:40 |
|
what manufacturers?
|
# ? Jun 24, 2021 11:50 |
|
☁️
|
# ? Jun 25, 2021 07:49 |
|
my stepdads beer posted:what manufacturers? 100% cisco shop
|
# ? Jun 27, 2021 02:22 |
|
abigserve posted:100% cisco shop True story at my last place of work we had a separate IT department to handle user facing problems, wireless, running new desk-ports all that stuff, and he dotted line to the CTO who was in charge of prod networking and other stuff. Our closet infrastructure was Juniper (which I really don't like for switching infra, but i digress) . When we opened a new floor, IT dude who was hired because of nepotism of our previous HR director, didn't even do a bidding process and just bought all Cisco. The cisco sales team doing their thing loaded the BoM up with Cisco Prime, an ASA, 2x 4100 ISR's all for a loving wiring closet. Anyway he got fired.
|
# ? Jun 27, 2021 16:09 |
|
ate poo poo on live tv posted:True story at my last place of work we had a separate IT department to handle user facing problems, wireless, running new desk-ports all that stuff, and he dotted line to the CTO who was in charge of prod networking and other stuff. Our closet infrastructure was Juniper (which I really don't like for switching infra, but i digress) . When we opened a new floor, IT dude who was hired because of nepotism of our previous HR director, didn't even do a bidding process and just bought all Cisco. The cisco sales team doing their thing loaded the BoM up with Cisco Prime, an ASA, 2x 4100 ISR's all for a loving wiring closet. Anyway he got fired. lol
|
# ? Jun 27, 2021 16:28 |
|
fun sunday afternoon bullshit: attempting to figure out why the gently caress some site almost always errors out in firefox apparently firefox's QUIC validation will panic and give up if you include a host header in the server response naturally any error you can find for this is obtuse as hell, and you just get a bunch of generic protocol error/closing stream messages if you look in the firefox about :networking log or decrypted wireshark QUIC dissectors (which at this point can't even show you the contents of the HTTP stream inside the QUIC payload) tooling for debugging protocol errors and implementations for new stuff is reliably dogshit :| while the tools are all crap atm though, you can just tweet people working on QUIC stacks and they'll be like "oh yeah, that's a thing" so who needs computers to actually tell you why they're broken https://twitter.com/SimmerVigor/status/1409265636262518784 Qtotonibudinibudet fucked around with this message at 00:37 on Jun 28, 2021 |
# ? Jun 27, 2021 23:37 |
|
ate poo poo on live tv posted:True story at my last place of work we had a separate IT department to handle user facing problems, wireless, running new desk-ports all that stuff, and he dotted line to the CTO who was in charge of prod networking and other stuff. Our closet infrastructure was Juniper (which I really don't like for switching infra, but i digress) . When we opened a new floor, IT dude who was hired because of nepotism of our previous HR director, didn't even do a bidding process and just bought all Cisco. The cisco sales team doing their thing loaded the BoM up with Cisco Prime, an ASA, 2x 4100 ISR's all for a loving wiring closet. Anyway he got fired. Many years ago a place once did a similar thing but they bought McAfee (RIP) IPS's and they loaded the same BoM up with their siem, their sandboxing, and about 3 other things I don't know what the gently caress they did yadda yadda yadda they were all in boxes for multiple years and everyone involved got asked to leave. We eventually shipped them all - still in the original boxes w/ tape - to the IT recyclers edit; re-reading this it implies that maybe that's like 5 boxes total but no. it was at least 15 boxes all up
|
# ? Jun 28, 2021 07:47 |
|
lmao
|
# ? Jun 28, 2021 08:47 |
|
abigserve posted:Many years ago a place once did a similar thing but they bought McAfee (RIP) IPS's and they loaded the same BoM up with their siem, their sandboxing, and about 3 other things I don't know what the gently caress they did my company ran exclusively on 'gray market' hardware for years (way predating me) thanks to purchasing decisions like this 🙏
|
# ? Jun 28, 2021 10:55 |
|
Wait, did McAfee actually die? I thought it was just a meme or some poo poo.
|
# ? Jun 28, 2021 15:33 |
|
my stepdads beer posted:my company ran exclusively on 'gray market' hardware for years (way predating me) thanks to purchasing decisions like this 🙏 I think Gray Market is actually fine for saving money assuming that you have cold-spares for weird hardware/software bugs and also don't care a low MttR. I could come up with a pretty resilient network/server/hypervisor stack that would function just fine on gray-market hardware. Though if I were doing that I'd also probably just use some white-box with cumulous installed instead. Schadenboner posted:Wait, did McAfee actually die? I thought it was just a meme or some poo poo. He is dead. https://www.cnn.com/2021/06/23/tech/john-mcafee-death/index.html
|
# ? Jun 28, 2021 16:30 |
|
ate poo poo on live tv posted:He is dead.
|
# ? Jun 28, 2021 18:49 |
|
https://www.fastly.com/blog/debunking-cloudflares-recent-performance-tests lol
|
# ? Dec 7, 2021 00:50 |
|
my stepdads beer posted:https://www.fastly.com/blog/debunking-cloudflares-recent-performance-tests this is just like ford vs ferrari
|
# ? Dec 7, 2021 03:37 |
|
cloud
|
# ? Dec 7, 2021 07:08 |
|
butts
|
# ? Dec 7, 2021 07:08 |
|
my stepdads beer posted:https://www.fastly.com/blog/debunking-cloudflares-recent-performance-tests quote:A fairer test on this point would have compared Rust on Compute@Edge with JavaScript on Cloudflare Workers, which are at more comparable stages of the product lifecycle. err why not just do rust on both i guess the reason as they point out is that cloudflare bans running benchmarks in their own tos lol
|
# ? Dec 7, 2021 09:21 |
|
Progressive JPEG posted:i guess the reason as they point out is that cloudflare bans running benchmarks in their own tos lol lol
|
# ? Dec 7, 2021 12:23 |
|
anyone have good pihole block lists they’d recommend? besides 0.0.0.0/0 and .* ?
|
# ? Dec 7, 2021 13:19 |
|
fresh_cheese posted:anyone have good pihole block lists they’d recommend? I use 0.0.0.0/1 and 128.0.0.0/1 works pretty well
|
# ? Dec 8, 2021 00:01 |
|
fresh_cheese posted:anyone have good pihole block lists they’d recommend? https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts https://dbl.oisd.nl/ https://phishing.army/download/phishing_army_blocklist_extended.txt https://raw.githubusercontent.com/deathbybandaid/piholeparser/master/Subscribable-Lists/ParsedBlacklists/AakList.txt https://raw.githubusercontent.com/deathbybandaid/piholeparser/master/Subscribable-Lists/ParsedBlacklists/Prebake-Obtrusive.txt bout 1.1m domains
|
# ? Dec 8, 2021 00:49 |
|
Mr. Crow posted:I use 0.0.0.0/1 and 128.0.0.0/1 works pretty well that would solve a lot of my problems, frankly
|
# ? Dec 9, 2021 19:29 |
|
Progressive JPEG posted:i guess the reason as they point out is that cloudflare bans running benchmarks in their own tos lol dont trust any company that won't let you publish benchmark results lol how hard is this.
|
# ? Dec 9, 2021 19:38 |
|
cloudflare is the definition of "when a company is telling you who they are, listen"
|
# ? Dec 9, 2021 19:38 |
|
Jonny 290 posted:https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts thanks Jonny
|
# ? Dec 9, 2021 20:36 |
|
so what’s a good prosumer/home network thing that isn’t unifi, or should I just get unifi stuff, idk. I’m sick of lovely ASUS consumer stuff
|
# ? Dec 10, 2021 15:51 |
|
get teh edgerouter and unifi ap yeah
|
# ? Dec 10, 2021 16:06 |
|
concur with Jonny, a solid combo. I don’t have Wi-Fi problems with an AP every floor plus in the garage. plus everything that can be plugged in has cat6 going to it, so the Wi-Fi only has tablets + phones to deal with, occasionally my work laptop. devmd01 fucked around with this message at 16:39 on Dec 10, 2021 |
# ? Dec 10, 2021 16:28 |
|
|
# ? Jun 1, 2024 00:18 |
|
I like my raspberry pi cm4 build with openwrt; mainly because it lets me do more stuff, and is arm64 so I can run real stuff on my router. I get way faster wireguard speeds on it for example. otherwise yeah I use UniFi APs; although I’ve heard good thinks about ruckus gear.
|
# ? Dec 10, 2021 16:32 |