In todays adventure of “home networking - if it’s stupid but it works…” where temporary solutions become permanent solutions. I have a lot of wildlife here, but last night was the first time I saw a full pack of coyotes. So I decided to add another cam way in the back for nature duty. Could probably swap in a Flex but the mesh AP has already been there so long that it was a more immediate solution to just do this. But in this whole process I realized why, elsewhere in the chain, my attic U6e very occasionally shows dropped packets but doesn’t show any errors on any logging - unlike the others it wasn’t directly connected to the PoE switch, I had thoughtlessly left the old PoE injector in-line. The OG PoE-af is only 15W, but while the U6e rarely draws that much, that one also does that mesh bridge, and was occasionally hitting a limit and having little mini brownouts. So, while it’s on a PoE++ capable port on the switch since it’s at the end of a rather long cable run I swapped in the 30W PoE+ adapter
|
|
# ? Feb 26, 2024 18:41 |
|
|
# ? Jun 8, 2024 09:27 |
|
https://www.youtube.com/watch?v=OUSTGLL51m0 love a physical slider to turn my switch into DUMB MODE its a realtek RTL8372 like most of the new cheap 2.5/10 switches Cygni fucked around with this message at 00:21 on Feb 27, 2024 |
# ? Feb 27, 2024 00:19 |
|
It's annoying as poo poo that there's no data sheet available for those. If it was some basic ARM core in there (doesn't look like there's a CPU on the board otherwise), someone could make an open source build for them that just do a proper secure SSH into a terminal and that's it, rip all the horrible insecure http and awful web interface bullshit out completely.
|
# ? Feb 27, 2024 01:34 |
|
And add SNMP Yes, I’ll die on this hill.
|
# ? Feb 27, 2024 15:48 |
|
a single MAC address across all units made so far.
|
# ? Feb 27, 2024 16:06 |
|
Agrikk posted:And add SNMP I mean the sky's the limit but also you could easily compile in/out whatever you needed. I'm just so loving frustrated with the situation. 1) All these companies are making GBS threads out basically reference implementations of these powerful switch chips. OK fine, I don't expect much from them and the hardware is often at least functional. 2) They all have loving godawful web-based administration that is slow as poo poo and buggy and insecure. Maybe based on some reference from Realtek (or the other IC mfgs)? 3) All these youtubers and web sites encouraging people to use these horribly, horribly insecure pieces of poo poo and suffer through the terrible configuration experience. "OHHHH MAN LOOK AT ALL THESE 2.5GB PORTS FOR $100! Oh btw the web interface is buggy and loses configuration and is http-only and has a default password you can't change and the admin interface is for some reason available on all VLANs and you can't turn it off and there's no serial console and..." 4) Companies like Realtek being secretive assholes about the data sheets for these chips, and the toolchains to build for the internal micros. What are you so loving afraid of? No matter what they do with it they're still buying your chip. Releasing your register maps is not going to make it trivial for someone to clone the entire silicon. Let the Chinese clone mfg keep cranking out the hardware, let the OSS community build a decent SW load for some of these Realtek chips, ffs.
|
# ? Feb 27, 2024 17:42 |
|
I like that the Chinese vendors often build their web UI in C so that it can run on very low spec hardware as a single binary. It's not like Cisco, Alteon, 3com do much better, with web UIs that cannot maintain data state with CLI input as everything is an ugly untested hack fest. Is that still a thing in the 2020s? Ubiquiti still has warnings I think if you change settings in the CLI.
|
# ? Feb 27, 2024 17:55 |
|
I think the only ones that are a 'good' experience is when you either: A) Go for a fully enterprise centrally-configured solution, with the complexities and costs that come with that. B) Stay entirely in CLI land and take the time to learn the ins and outs of the CLI of your switches. C) Maybe a handful of the L3 switches that are borderline routers with proper CPUs running an actual nice web interface from a company that actually keeps it up to date security-wise and not a botnet waiting to happen. I mean C is great but they tend to be way more expensive than you want for a simple switch with a couple VLANs or whatever. B is OK too if you learn their syntax but there's not a lot of affordable low-power switches that meet this criteria. Usually you're talking older used enterprise switches and there aren't a lot of quiet fanless low power ones that fit here. Like a lot of people I have a used enterprise L2/L3 PoE switch in my basement, and I've learned the CLI and it works great for me. But because I couldn't run multiple lines everywhere in my house, I need some 5/8 port switches here and there just with VLAN support and it's a goddamn shitshow. Rescue Toaster fucked around with this message at 18:19 on Feb 27, 2024 |
# ? Feb 27, 2024 18:17 |
|
Rescue Toaster posted:I mean the sky's the limit but also you could easily compile in/out whatever you needed. I'm just so loving frustrated with the situation. I bought one of these after reading those exact reviews, thinking I’d found some amazing sweet spot for managed switches. Hooo boy was I wrong. I had the switch set up for about four days before I yanked that piece of poo poo out of my network. Thankfully I saved all the packing materials and sent it back to Amazon so the return went more smoothly than the setup. Bought me a PowerConnect 6224 off of eBay with two 2-port stacking modules for $50. So it’s 24 1-gig ports instead of 8 2.5g ports. It’s 4 10g ports instead of 1 and it’s full-featured switch that’ll pair well with my existing 6248P and Force10. In a moment of sanity I got to return a couple of 2.5g nics as well. Because in all honesty the machines running on 1g ports aren’t saturating thrm, so why would I need 2.5g ports? because I’m a turbo nerd with a 42U home network and more is ALWAYS better
|
# ? Feb 28, 2024 11:40 |
|
Agrikk posted:42U home network that’s too much, pic please
|
# ? Feb 28, 2024 12:32 |
|
As I said earlier I'm really happy with my setup, has been solid for a couple of years now. Here's my rack down in the rumpus/workshop, everything but the QNAP at the bottom is fanless by choice. The black device on the left is my router, running VyOS on bare metal, and the one on the right is running Proxmox, with a bunch of linux VMs and containers for various things. I run a VLAN for IoT, some are tagged to the wifi, some are assigned ports on the switch. I've considered a 2.5gbps switch but only the NAS and the router/proxmox devices have the NICs for it. I just connect the proxmox device directly to the second port of the NAS to take advantage of it, mounting some NAS folders as volumes and letting the containers make use of them. Has been good for speeding up the radarr/sonarr processing. I had to do some wiring to get everything in the rumpus, we moved in a few years ago and the NBN (fibre to the premises) box had been installed in a corner of the living room. Makes sense for most people, but I would have preferred it down in the rumpus. So, I decided to run some ethernet lines down to the rumpus, which is down a storey and on the other side of the house. I considered running a single fibre line instead, and putting a switch on each end, but decided to keep it simple by putting most of the hardware out of the living room. One line goes from the fibre box down to the rack, four come back, and one of the ports goes up into the ceiling for the my wifi, which is powered by an injector here. It was a pain in the arse because upstairs is all on a concrete slab, so it wasn't practicable to drill through it. So I removed a brick from the storeroom immediately below the slab using a drill and a chisel, and ran the cables down between the double brick, then out under the house and around to the rumpus. I found some solid utp cat 6a for cheap and decided to crimp rather than punch down. I got a good crimping tool and found it pretty easy. Everything is gigabit atm but I got close to 2.5gbps when I tested it with capable hardware, hopefully it goes to nearly 10gb one day and I won't have to go fibre for some years. The AP is a TP-Link EAP245, and I love it. The square design of our house means that a single AP here above the stairs covers everywhere inside with good 5GHz coverage. Since I only have one I don't bother with the Omada controller, and though I know it's frowned upon, I have excellent results having a 2.4GHz network with the same SSID. The standalone EAP kicks devices off the 5GHz when their signal degrades and it connects to the 2.4GHz super fast. So when I walk to the far end of the back and front yards I don't notice anything. From time to time I consider upgrading it but then I remember I don't even saturate it now. As I've wired every static appliance in the house, the only wifi devices are genuinely mobile. VyOS I love this software. I don't think it's for everyone but I prefer to have a single config file that I can change or roll back and return to exactly what I had before. The only thing I do with it that's probably an anti-pattern is that I run Adguard Home on it, instead of in a separate device or on proxmox. I like keeping them together because if DNS is down or the router is down, it means the same thing to most of my network. I can mess with any other device on my network and not break basic internet access for my family. VyOS supports containers and I use one for AGH, which does both the DNS and the DHCP. This is because the only GUI I really miss on vyos is DHCP, to quickly and easily move devices around. I actually run two AGH containers - the second one just does DHCP for my IoT VLAN, as AGH doesn't support DHCP on multiple subnets.
|
# ? Feb 29, 2024 03:33 |
|
rumpus
|
# ? Feb 29, 2024 03:42 |
|
Subjunctive posted:rumpus
|
# ? Feb 29, 2024 05:54 |
|
And here I thought I was the only person who referred to it as a rumpus room. Anyways, here's my rack. I think I've posted it before but what 'ev
|
# ? Feb 29, 2024 07:10 |
|
after all my time spent pondering unifi alternatives I ended up just buying more unifi equipment lol. While the newer dream machine is kinda pricey the wifi 6e APs they offer are actually cheaper than other APs that are reasonable to mount (I don't want some wacky looking Asus thing on my ceiling if possible). I got in my Unifi U7 Pros APs and they work pretty well with my Quest 3 (very smooth streaming on the 6ghz band), but I've noticed our iphones can't connect to wifi 6 at all. I've tried different channels, WPA3 is on, the signal strength is fine (-43dbm), but connections remain 5ghz and throughput testing in Unifi's Wifiman app stays at 300-450 Mbps. This is even holding the thing directly under the APs (I have two and both perform the same). I tried turning off band steering, but it didn't change anything. In the unifi gateway it marks the iphone as 'poor' experience despite the good connection. Though even the Q3 occasionally has blips of poor streaming and I notice the signal strength dips oddly low in the Quest settings (there's nothing sophisticated signal wise just the bars) despite standing right below the AP. So perhaps I have something configured dumb. Any ideas?
|
# ? Mar 1, 2024 01:30 |
|
I'm moving into a new house and I'd like to get some reliable NVR camera setup going, along with networking. A friend talked me into Ubiquiti, so I have that semi-planned out. Lately I've seen headlines (I know I know) about Russian hackers targeting Ubiquiti stuff. Is this something to be super concerned about, or should I just pull the trigger on the Ubiquiti stuff, or is there an alternative I should be looking into?
|
# ? Mar 1, 2024 14:08 |
|
FuzzySlippers posted:after all my time spent pondering unifi alternatives I ended up just buying more unifi equipment lol. While the newer dream machine is kinda pricey the wifi 6e APs they offer are actually cheaper than other APs that are reasonable to mount (I don't want some wacky looking Asus thing on my ceiling if possible). I got in my Unifi U7 Pros APs and they work pretty well with my Quest 3 (very smooth streaming on the 6ghz band), but I've noticed our iphones can't connect to wifi 6 at all. I've tried different channels, WPA3 is on, the signal strength is fine (-43dbm), but connections remain 5ghz and throughput testing in Unifi's Wifiman app stays at 300-450 Mbps. This is even holding the thing directly under the APs (I have two and both perform the same). I tried turning off band steering, but it didn't change anything. WiFi 6 is not the same as 6GHz. Unless you have an iPhone 15 Pro or Pro Max the phone does not have a 6GHz antenna and will use the WiFi 6 (802.11ax) standard only which is a 2.4GHz or 5GHz connection. If it is that then it can do WiFi6E (802.11axe) and idk what's going on. I hate computers
|
# ? Mar 1, 2024 14:29 |
|
Behotti posted:I'm moving into a new house and I'd like to get some reliable NVR camera setup going, along with networking. A friend talked me into Ubiquiti, so I have that semi-planned out. Lately I've seen headlines (I know I know) about Russian hackers targeting Ubiquiti stuff. Is this something to be super concerned about, or should I just pull the trigger on the Ubiquiti stuff, or is there an alternative I should be looking into? Hackers are targeting everything. Just make sure you keep the AP (and any other device) software up to date and generally you'll be fine.
|
# ? Mar 1, 2024 17:17 |
You can also choose to just not use the cloud features, those tend to be what almost all hackers ever get to. If hackers are somehow targeting your house directly I think you've probably got other problems.
|
|
# ? Mar 1, 2024 17:39 |
|
Behotti posted:I'm moving into a new house and I'd like to get some reliable NVR camera setup going, along with networking. A friend talked me into Ubiquiti, so I have that semi-planned out. Lately I've seen headlines (I know I know) about Russian hackers targeting Ubiquiti stuff. Is this something to be super concerned about, or should I just pull the trigger on the Ubiquiti stuff, or is there an alternative I should be looking into? The hacker stuff was targeting their edgemax line using default usernames and passwords from my understanding. Personally I think the cameras are a little expensive and I don’t like that their nvr only works with their cameras. For a home if you were doing like 3, it’s reasonable.
|
# ? Mar 1, 2024 17:43 |
|
Good to know. I'm smart enough to change default admin login/passwords (Nimda and pa55w0rd1, hacker proof). I'm gunna use 4 cams, and maybe the doorbell too and that should be sufficient. I'll probably pull the trigger on the order next week. I've gotta try and map the routing but I've got a family friend coming over this weekend hopefully to help me run the cable, he does it professionally so I'm hoping it goes smoothly.
|
# ? Mar 1, 2024 20:33 |
|
Shugojin posted:WiFi 6 is not the same as 6GHz. Unless you have an iPhone 15 Pro or Pro Max the phone does not have a 6GHz antenna and will use the WiFi 6 (802.11ax) standard only which is a 2.4GHz or 5GHz connection. If it is that then it can do WiFi6E (802.11axe) and idk what's going on. lol gently caress me when I checked if the iphone supported wifi 6 properly I didn't bother to check if it was different among the models.
|
# ? Mar 1, 2024 23:38 |
|
M_Gargantua posted:You can also choose to just not use the cloud features, those tend to be what almost all hackers ever get to. If hackers are somehow targeting your house directly I think you've probably got other problems. This actually reminds me, since the Unifi cloud debacle back in December, I've disabled Unifi remote admin and just use tailscale into my network if I need to futz with settings. I don't routinely upgrade firmware since Unifi is having more frequent issues with upgrades bricking hardware and requiring rollbacks. Is there anything else I need to be careful with, regarding Unifi specifically?
|
# ? Mar 2, 2024 01:28 |
|
Just in case this helps anyone else: if you get inconsistent connection quality on a Unifi U7 Pro there's a bug that is corrected by turning on Flow Control and Jumbo Frames. I was amazed by the difference once I changed that.
|
# ? Mar 2, 2024 04:39 |
|
There’s been a few annoying bugs I’ve noticed lately. Every UCG-Ultra I’ve installed I had to turn the login splash page off on any WiFi network with isolation turned on despite “hotspot portal” being turned off for IoT devices to work. Mildly annoying but not a big deal. UXG-Lite’s guest settings are worse and I’ve stopped installing them. Isolation on either the WiFi or the network (can’t remember which) completely kills LAN to WAN connectivity. Was reported 3 months ago on the official forums with no comment by Ubiquiti.
|
# ? Mar 2, 2024 13:06 |
|
Behotti posted:Good to know. I'm smart enough to change default admin login/passwords (Nimda and pa55w0rd1, hacker proof). I'm gunna use 4 cams, and maybe the doorbell too and that should be sufficient. I'll probably pull the trigger on the order next week. I've gotta try and map the routing but I've got a family friend coming over this weekend hopefully to help me run the cable, he does it professionally so I'm hoping it goes smoothly. I have a udm-pro and it was super easy to start using the camera side of things. It auto provisioned the hard drive I installed, and the responsiveness and clarity of the video is great. I think if you have like 8+ cameras they really suggest you get the NVR unit, but a handful on the router itself is fine. Two irritating points I found are 1) it's not immediately clear but you need the UniFi Protect mobile app to set up cameras, the base UniFi app won't do it, and 2) there's no motion snooze functionality. So, for the second if you have a camera pointing at your driveway and you decide to wash the car, I just disable notifications using android and turn it back on when I'm done.
|
# ? Mar 2, 2024 13:37 |
You can just run UniFi Protect on the UDM and view through a browser, you don’t need the app. It is a different “Service” so while Protect talks to Network they do different things. I only got UniFi and Protect apps well after my whole system was set up. But I also have it set so the apps don’t talk to the cloud and only VPN in using WireGuard.
|
|
# ? Mar 2, 2024 15:38 |
|
My eero system is aging and I don't really want to give Amazon more money when it fails. What's the general consensus on Aruba Instant On stuff in comparison. I also don't mind dropping a little more money on Ruckus if it's worth it. I have about 4000 square feet over 2 floors to cover which is currently being served by 4 eeros without dead spots. I can get a wire to the ceiling if needed.
|
# ? Mar 2, 2024 19:59 |
|
buffbus posted:My eero system is aging and I don't really want to give Amazon more money when it fails. What's the general consensus on Aruba Instant On stuff in comparison. I also don't mind dropping a little more money on Ruckus if it's worth it. I have about 4000 square feet over 2 floors to cover which is currently being served by 4 eeros without dead spots. I can get a wire to the ceiling if needed. It’s pretty good. The AP22 are rebranded Aruba AP505s with their own OS and I’ve never had a problem with the APs or switches. The management is cloud only though. I have about 50 AP22s that I pulled out / never opened because we decided to go with a different solution that I need to get listed on SA mart soon.
|
# ? Mar 2, 2024 22:32 |
|
What is the Bluetooth used for in the AP22? Management from an app?
|
# ? Mar 2, 2024 22:39 |
|
Subjunctive posted:What is the Bluetooth used for in the AP22? Management from an app? That’s what the page listing says but I’ve never seen it in action. The only way I’ve ever been able to pair a device was by adding the serial number in the cloud portal if it’s the first device for that site. Any additional devices for that site must be on the same management vlan as the other device. I’ve never seen Bluetooth device adoption like you can with Unifi devices. All management is done via app or web browser to cloud server.
|
# ? Mar 2, 2024 23:06 |
|
After all the UniFi poo poo I’m loath to go the cloud-admin way, but they otherwise look pretty good for the price…
|
# ? Mar 2, 2024 23:08 |
|
If the Instant On stuff is the same hardware as normal Aruba APs then the BLE stuff is used for location and beaconing but probably not exposed in Instant On
|
# ? Mar 2, 2024 23:09 |
|
TP Link omada can do device management by using a local controller (hardware or can just run it on a PC) if you want to avoid cloud stuff.
|
# ? Mar 3, 2024 02:04 |
|
Man Networking is not my strong suit at all but I've been dealing with this problem off and on for a while now. Home network is Google Wifi. Most of my devices connect fine but every so often I get a new laptop or just now wanted to get my son a desktop setup going and run into a problem where it connects to the wifi, but it is just not assigning an IP I believe? Basically I get "No Internet, Secured". From Googling this could be from a rogue DHCP server? One of the Google rabbitholes lead me to trying to use this and the app found 2 rogue servers? https://www.tachytelic.net/2019/05/detect-rogue-dhcp-server/ Could it maybe be the old OnHub puck I got messing up some of this stuff? edit: Holy poo poo I just removed the old OnHub and everthing is fine now. Welp. E2M2 fucked around with this message at 02:40 on Mar 3, 2024 |
# ? Mar 3, 2024 02:20 |
|
One of the reasons I recommend never using 192.168.0 or 192.168.1. Almost every router uses it by default as the dhcp scope.
|
# ? Mar 3, 2024 02:53 |
|
Cyks posted:One of the reasons I recommend never using 192.168.0 or 192.168.1. Almost every router uses it by default as the dhcp scope. Isn't the Google wifi ecosystem supposed to be plug and play for this stuff though? I don't even know if you can tweak stuff much through the app anyways. Guess serves me right for trying to cheap out with the OnHub stuff, especially since they're no longer supported.
|
# ? Mar 3, 2024 04:58 |
|
OnHub is specifically not compatible with Google WiFi or Nest WiFi which is pretty annoying. Sorry you had to find out the hard way
|
# ? Mar 3, 2024 09:29 |
|
Is there an affordable router that is an ASIC with POE and has the ability to do site-to-site VPN? My partner’s mom is currently using some Google puck-looking router for a home with several dozen new and old devices and we want to upgrade it. The site-to-site VPN would be handy because they don’t have an always-on computer we could put tailscale or something on but we would like to remotely access without opening the router up to the wider internet. It would be going inside a media and server closet so keeping the heat output low is beneficial (hence ASIC). They also have some POE APs already, so the POE would be helpful to remove the power cords and give greater mounting flexibility.
|
# ? Mar 3, 2024 14:26 |
|
|
# ? Jun 8, 2024 09:27 |
|
The only reasonably affordable all-in-one router with PoE out that I am aware of is the Mikrotik RB5009UPr+S+IN. It's not exactly consumer oriented and it's not cheap at ~$300 but it does tick all your boxes. The case is a giant heatsink and it's passively cooled.
|
# ? Mar 3, 2024 15:21 |