|
Oh, I’m definitely aware of the horror stories, it’s so drat frustrating.
|
#
?
Dec 15, 2022 19:55
|
|
|
|
| # ? May 24, 2024 00:17 |
|
|
I would think that the seller didn't fully disclose the fact that it literally wasn't even connected (not just that they didn't have service currently) that could be a legal issue I would think that the guy that lives in loving los altos hills can afford anything though
|
|
#
?
Dec 15, 2022 21:25
|
|
|
Welp, looks like Ubiquiti just released another hotfix for EdgeRouters, firmware 2.0.9, hotfix 5. It chiefly addresses a vulnerability found in hotfix 4. https://community.ui.com/releases/EdgeMAX-EdgeRouter-Firmware-v2-0-9-hotfix-5/b3882362-9d9a-4efd-8110-30a1e86e0154 Security documentation and CVE entries here: https://community.ui.com/releases/Security-Advisory-Bulletin-026-026/07697c65-30b3-4c06-a158-35e06534480d note: if you are running any apps like nano or tailscale, they might get clobbered by this update, be prepared to clean out the caches and old images to reinstall.. Edit: Forgot to mention that in my case the update went smoothly, I even had a VPN connection that oddly did not get clobbered during the update. Binary Badger fucked around with this message at 21:39 on Dec 15, 2022 |
|
#
?
Dec 15, 2022 21:29
|
|
|
Binary Badger posted:Welp, looks like Ubiquiti just released another hotfix for EdgeRouters, firmware 2.0.9, hotfix 5. It chiefly addresses a vulnerability found in hotfix 4. quote:Known issues 
|
|
#
?
Dec 16, 2022 09:28
|
|
|
Ooof. Would staying at a previous firmware or going to OpenVPN fix that?
|
|
#
?
Dec 16, 2022 15:10
|
|
|
I really want to throw some dough down on a Dream Machine Pro SE, but with most current generation's motherboard's onboard LANs having 2.5Mbps or more, and Wifi 6e/7 moving beyond the 1 Mbps bottleneck, it feels like we are on the cusp of most switches moving past the 1 Mbps RJ45 ports. I really don't want to drop $500 on something that I'll need another switch for.
|
|
#
?
Dec 16, 2022 15:43
|
|
|
Corb3t posted:I really want to throw some dough down on a Dream Machine Pro SE, but with most current generation's motherboard's onboard LANs having 2.5Mbps or more, and Wifi 6e/7 moving beyond the 1 Mbps bottleneck, it feels like we are on the cusp of most switches moving past the 1 Mbps RJ45 ports. We’ve moved past 1Mbps a long time ago. You really don’t need to waste money on a DMP SE for a home network. And until you start getting >1 gig WAN speeds, you really don’t need a router capable of it. And to be honest I really don’t see a need for greater than 1gig right now except for some fringe cases.
|
|
#
?
Dec 16, 2022 17:42
|
|
|
I downgraded from 1 gig to 500mbit on my wan connection and the only time I notice it is when downloading xbox one or playstation games. 4 people in the house heavily using the internet, the adults full time WFH, online gaming, multiple 4K streams, never comes close to using even half the line on a regular basis.
|
|
#
?
Dec 16, 2022 18:02
|
|
|
skipdogg posted:I downgraded from 1 gig to 500mbit on my wan connection and the only time I notice it is when downloading xbox one or playstation games. 4 people in the house heavily using the internet, the adults full time WFH, online gaming, multiple 4K streams, never comes close to using even half the line on a regular basis. Yup. If ATT ever brought unlimited bandwidth to their sub-1gbps plans I would downgrade. The once or twice a month where I download something big isn't really worth the extra money.
|
|
#
?
Dec 16, 2022 18:51
|
|
|
withoutclass posted:Yup. If ATT ever brought unlimited bandwidth to their sub-1gbps plans I would downgrade. The once or twice a month where I download something big isn't really worth the extra money. You can get unlimited data at the lower speeds thought att fiber resellers like https://www.toast.net/
|
|
#
?
Dec 16, 2022 18:55
|
|
|
Eletriarnation posted:I installed a RTL8125B-based 2.5G card in my Windows 10 desktop about a week back and it's been fine so far. I don't have a lot of ways to really test its limits, but iperf to my NAS gives 2.25Gbps so that seems fine. I didn't actually pick the brand ("NICGIGA") since I got it free in exchange for a review, but there are clearly a lot of OEMs making cards based on this chip and they seem mostly equivalent from what I can tell. I ended up going with the one you probably got, a RTL8125B NICGIGA. Just slapped it in and I get my full up/down without any real issues so far. Seems like a winner for the 25 I spent. If I thought I'd get a benefit on my ancient server, I'd pick up a second, but it's all just SATAIII NAS drives, so I don't think I'll be saturating the link anyway.
|
|
#
?
Dec 16, 2022 19:42
|
|
|
Echophonic posted:a RTL8125B NICGIGA EXCUSE ME A WHA--oh
|
|
#
?
Dec 16, 2022 19:55
|
|
|
I had to do a triple-take.
|
|
#
?
Dec 16, 2022 20:51
|
|
|
Yeah... it's a pretty goofy name. Kind of behind the curve too, now. They should have gone with Nictera, which sounds so much like a startup name that I'm surprised it seems to be not already taken.
|
|
#
?
Dec 16, 2022 21:06
|
|
|
I know nothing about networking or know enough to feel confident that my approach is the best or at least good, so I apologize in advance for a question that has probably been asked 1000 times. I'm going to be out of town for a few weeks, possibly longer, and would like to be able to connect to my home desktop computer while I'm away. From what I've been reading, it seems like a good way to go about doing this is to set up a vpn server on my at home computer, that way when I'm traveling I can vpn into my network and just rdp into my desktop computer. Does that sound right? If so, where would I start? Do I just find something like Wireguard or OpenVpn, install it on my computer (assuming it's somewhat easy to set up) and then go to a coffee shop and see if I can connect? Does it make sense to run the vpn server on my actual desktop, or would I be better off running it on like a raspberry pi with piVPN or an old laptop or something? Not sure if it matters, but my modem/router is the C4000xg here: https://www.centurylink.com/home/help/internet/modems-and-routers/greenwave-c4000.html
|
|
#
?
Dec 16, 2022 22:18
|
|
|
Wireguard is your best bet, it’s super easy to set up. I have enough knowledge to make a real vpn happen and I didn’t want to bother with all that bullshit just so I can get on my camera system.
|
|
#
?
Dec 16, 2022 22:28
|
|
|
Tailscale? 
|
|
#
?
Dec 16, 2022 22:29
|
|
|
Red_Fred posted:I realised this last week that the random Internet drop outs I was getting a few times a day after upgrading my Wifi to Omada was due to my AdGuard DNS. A bit of reading people seem on the fence if AdGuard is actually good, I was using Pi-hole before. I've switched to NextDNS and it seems better however most of my issues before I think were 2.4 Ghz interference problems with the odd DNS gently caress up. Is it expected that the TP-Link EAP610 is actually worse for 2.4 Ghz than my ancient Ubiquiti UAP? 2.4 Ghz is definitely worse since switching. I live in an apartment so interference is real but the UAP seemed to blast the 2.4 Ghz with less issues. I've had to add another 5 GHz specific SSID to ensure those devices stay on 5 GHz, I know that's not recommended but it seems to work OK. Is this a terrible idea?
|
|
#
?
Dec 17, 2022 01:45
|
|
|
sausage king of Chicago posted:I know nothing about networking or know enough to feel confident that my approach is the best or at least good, so I apologize in advance for a question that has probably been asked 1000 times. I would install PiVPN on your raspberry pi and set it up with wireguard. Port forward the right port on your router, make the profiles for your devices, and then test it on your cell phone and see if it works before you go.
|
|
#
?
Dec 17, 2022 03:51
|
|
|
Bad Munki posted:EXCUSE ME A WHA--oh It's written in all caps on the heatsink, too. Just a real unfortunate name.
|
|
#
?
Dec 17, 2022 07:16
|
|
|
Tangentially related: The Anker/Eufy bullshit gets worse: https://www.theverge.com/2022/12/16/23512952/anker-eufy-delete-promises-camera-privacy-encryption-authentication
|
|
#
?
Dec 17, 2022 23:55
|
|
|
Any advice for me building my first DIY router? Hardware is an HP S01 with an Intel quad NIC and SSD installed an Omada AP and a dumb switch or two. House is wired up with cat6 for the gaming PC and the main streaming device. Was planning on giving pfSense a go on the HP and leaving the AP alone or putting openWRT on it. Anything I should be particularly concerned about with that setup or other stuff to consider?
|
|
|
#
?
Dec 18, 2022 00:20
|
|
|
That Works posted:Any advice for me building my first DIY router? Sounds about like what my home setup is. I'm using opnsense instead of pfsense but it's been rock solid.
|
|
#
?
Dec 18, 2022 01:39
|
|
|
Not sure why you’d need to do anything with the AP. It works perfectly fine without a controller and one advantage Omada APs have over other similar products is a web GUI.
|
|
#
?
Dec 18, 2022 01:50
|
|
|
what's the current recommendation for a router that supports multiple vlans? I'd like to separate my work equipment from my personal equipment from my IoT crap. I'm using a tp link archer C9 currently which has a guest network, but that leaves me using the regular wlan for both work and home computers
|
|
#
?
Dec 18, 2022 20:43
|
|
lignicolos posted:Sounds about like what my home setup is. I'm using opnsense instead of pfsense but it's been rock solid. Thanks. I spent the whole day and got OPNSense installed on the HP miniPC and managed to get a test network up and working just fine today for wired and the AP wifi, posting from it now! Now I am a bit stuck on best way to continue setting up for both APs and for some smart devices in the house. Basically I'm not sure what the best way is to segregate stuff on the network. I am figuring it's either VLANs or just static IP assignment and some firewall rules. Right now WAN is verizon fios and its modem connects to the router. The router is the HP OPNsense box and it connects to a dumb 8port switch. 8 port switch is connected to 2 (injected) Omada APs and then the NAS, my gaming desktop and our primary streaming device. The NAS also has a Homeassistant VM on it. I have TPlink 8 port managed switch arriving in 2 days. I will need to connect an Obi for VOIP and a few more wired devices. Basically I want to separate things roughly like this (in order of access and traffic priority). 1. Wired streaming devices (NAS, desktop PC, Main TV streaming device, HomeAssistant VM) 2. Wireless streaming devices (our tablets, smartphones for home occupants). These would benefit from having local network access to the NAS. 3. Guest wifi devices (friends who need wifi, no network access otherwise) 4. Isolated devices (wifi smart devices that can talk to the HomeAssistant VM locally) no WAN access. What's the best way to go about separating these out? I have 2 AP's but only one of them is entirely suitable for our needs so the 2nd could be on a separate wifi network if needed.
|
|
|
#
?
Dec 19, 2022 01:14
|
|
|
Asleep Style posted:what's the current recommendation for a router that supports multiple vlans? I'd like to separate my work equipment from my personal equipment from my IoT crap. I'm using a tp link archer C9 currently which has a guest network, but that leaves me using the regular wlan for both work and home computers The C9 might have the option to isolate devices on the guest network so they can’t see each other which might do what you want to accomplish, just by putting your work computer on the guest network. Especially if they require a VPN back to the office, anyways. Though using a dedicated router, switch and AP might be needed if you want to do wired connections. Not sure of any consumer routers that allow you to split up physical ports.
|
|
#
?
Dec 19, 2022 01:29
|
|
|
Cyks posted:The C9 might have the option to isolate devices on the guest network so they can’t see each other which might do what you want to accomplish, just by putting your work computer on the guest network. Especially if they require a VPN back to the office, anyways. thanks! it looks like isolating devices on the guest network is actually the default behavior, that will work fine for now. I'd prefer the option of a wired connection so that video calls are more reliable, but that's less urgent
|
|
#
?
Dec 19, 2022 16:23
|
|
|
I remember once reading someone say that they frequently see mikrotik stuff get hacked and end up botnetted/etc. Are there any best-practices there, other than the obvious "keep them up to date, don't put the management interface on your main network, and for the love of god don't put the management interface on the internet"?
|
|
#
?
Dec 21, 2022 00:07
|
|
|
Paul MaudDib posted:I remember once reading someone say that they frequently see mikrotik stuff get hacked and end up botnetted/etc. Are there any best-practices there, other than the obvious "keep them up to date, don't put the management interface on your main network, and for the love of god don't put the management interface on the internet"? Turn off any IP management services that you're not using, and set an allowed address range for the ones that you are.
|
|
#
?
Dec 21, 2022 00:55
|
|
|
Actuarial Fables posted:Turn off any IP management services that you're not using, and set an allowed address range for the ones that you are. what's the best-practice for a homelab control plane anyway? Obviously plug all your IPMI/management cables into a separate switch (or a couple ports) and VLAN those ports to be control-plane. Then I guess you have the "recovery" switch port which should also be on that VLAN. Block all traffic to/from that VLAN other than a whitelist of service IPs/ports and/or a MAC whitelist or something? cause yeah leaving them around even inside a home network probably isn't the best idea. or if you want, do vlan trunking and just assign it on whatever switch you plug into I guess.
|
|
#
?
Dec 21, 2022 01:09
|
|
|
I'm planning a homelab upgrade and I've narrowed the switch down to two choices: Brocade ICX 7250 Mikrotik CRS326-24S+2TQ+RM This selection was based on a few criteria: More than 4 ports of 10gig SFP+ More than 12 ports of 1gig Layer 3 routing, specifically inter-vlan routing with ACLs Quiet (<45dBa) No more than $600 The Brocade is available on eBay fairly often for around $600 used. The Mikrotik is $600 or less new, when it's in stock. I think either of these switches would meet my needs, but I don't know enough about Brocade or Mikrotik to choose one over the other. Does anyone have experience with one or both of these switches, and could offer reasons why I should or shouldn't pick one of them?
|
|
#
?
Dec 21, 2022 04:56
|
|
|
fatman1683 posted:I ... shouldn't pick one of them? "what are you looking for in a 10gbase-t homeswitch?" me: Gonna get one of the 12-port mikrotiks or 10-port netgears tho probably
|
|
#
?
Dec 21, 2022 05:20
|
|
|
I'm having this strange issue where my computer is now having a hard time staying connected to our home's router via the wifi adapter. It'll either not connect or stay on for a little while before disconnecting. However it connects to my phones hotspot with no problem at all. I don't think it's the router because all my other devices can connect to it no problem. (Switch, Steam Deck, PS5). I tried getting a new wifi adapter but still having the same issue. Any ideas? I've resorted to using my phone for my internet connection but am limited on my hotspot so it's not a permanent solution.
|
|
#
?
Dec 21, 2022 23:10
|
|
|
fatman1683 posted:Mikrotik CRS326-24S+2TQ+RM I don't have this switch, but I am familiar with L3 routing with mikrotik switches. By default, Layer 3 Hardware Offloading (l3hw) is disabled. All packets that need to be routed are sent to the CPU, which severely impacts the speed (450mbit/s on a good day for this device). Enabling l3hw will allow the switch chip to handle the packets instead, allowing essentially wire-speed routing. This does mean that other tasks that are also handled by the CPU, like the IP Firewall, are bypassed so you need to be more aware of the hardware features. More l3hw info: https://help.mikrotik.com/docs/display/ROS/L3+Hardware+Offloading The CRS326-24S+2TQ, with the Marvell-98DX8332 switch chip, can handle 256 ACLs. These ACLs are on the switch chip itself so they are run even when l3hw is enabled, but it's a hardware limitation so make sure that will work with your desired configuration. Switch chip feature set: https://help.mikrotik.com/docs/disp...features-Models Switch chip ACLs: https://help.mikrotik.com/docs/disp...witchRules(ACL)
|
|
#
?
Dec 22, 2022 01:44
|
|
|
Rescue Toaster posted:Have you tried just plugging the Arris WAN port straight into the ERX LAN and see if it works? The Arris itself would be doing double-NAT, but if the VOIP still works and nothing else is plugged into the Arris, who gives a poo poo? So Two Month Later update: This works most of the time, and reliably improved after I made sure it had a static IP.  But it still just decides to sometimes not work. Outgoing always seems fine, and I suspect that whenever I make an outgoing connection it forces it to resolve. But now and then it will just stop acknowledging incoming calls and it will say the number is not available. I think this might be a port issue rather than a VLAN issue? Issue two persists, where I can get symmetrical up/down on the ONT & ERX directly, but when I plug in the rest of my LAN it drops to ~250Mbps upload, even if I conduct the speed test directly from a device plugged into the ER-X. Maybe something with my VLANs or firewall? My firewall rules are comical in their novice implementations.
|
|
#
?
Dec 22, 2022 02:22
|
|
|
Actuarial Fables posted:I don't have this switch, but I am familiar with L3 routing with mikrotik switches. I would just be doing port and protocol ACLs between a relatively small number of VLANs, so well within the capabilities of the L3 hardware offload according to the documentation. Thank you for the confirmation!
|
|
#
?
Dec 22, 2022 02:47
|
|
|
Dumb question: can you piggy-back on POE? That is, I have my main switch, POE enabled. It'd be nice to have the network cable from that to go to another switch, powered by said POE, and that switch to be able to power, via POE, some other device.
|
|
#
?
Dec 22, 2022 03:27
|
|
|
theblackw0lf posted:I'm having this strange issue where my computer is now having a hard time staying connected to our home's router via the wifi adapter. It'll either not connect or stay on for a little while before disconnecting. However it connects to my phones hotspot with no problem at all. I don't think it's the router because all my other devices can connect to it no problem. (Switch, Steam Deck, PS5). I tried getting a new wifi adapter but still having the same issue. Have you ever set a static IP on it or something else in the house? It sounds like it could be two devices contending for the same IP address.
|
|
#
?
Dec 22, 2022 03:48
|
|
|
|
| # ? May 24, 2024 00:17 |
|
|
Volguus posted:Dumb question: can you piggy-back on POE? That is, I have my main switch, POE enabled. It'd be nice to have the network cable from that to go to another switch, powered by said POE, and that switch to be able to power, via POE, some other device. Those switches exist, but are small (eg 5 ports), and generally require 60/30+watt Poe ports feeding them and also usually only output the lowest possible like 7.5w which is just large enough for a simple VoIP phone. Search for poe-pd (Poe powered) switches. (Phone posting otherwise I'd give examples)
|
|
#
?
Dec 22, 2022 04:00
|
|
