|
I have an OpenBSD PC in the basement that acts as my gateway to the internet. Since OpenBSD 5.7 removed named from the base distribution, I looked to migrate my local network DNS requirements from it. Therefore, from a isc-dhcpd with ddns-updates and named solution I went with dnsmasq and unbound. Everything works well enough right now, except that every now and then I get domains that cannot be resolved, but if I try a second time it works. Currently I am using the following forwarders for my unbound: forward-addr: 208.67.222.222 # OpenDNS forward-addr: 208.67.220.220 # OpenDNS forward-addr: 74.82.42.42 # he.net forward-addr: 8.8.8.8 # google.com Could it be OpenDNS itself to blame? Should I move google's DNS in the first position? Is unbound just lovely (everyone is praising it though)?
|
#
¿
Sep 10, 2015 23:43
|
|
|
|
| # ¿ May 17, 2024 01:48 |
|
|
bobbilljim posted:Not sure why you need unbound, personally I would use just dnsmasq as a dns server also. But, as far as I could find out, dnsmasq can only forward the request to only one other server. Therefore, I kinda have to have a caching server on localhost as far as I can tell. Am I wrong? Can I configure dnsmasq differently?
|
|
#
¿
Sep 12, 2015 05:03
|
|
|
H2SO4 posted:UniFi is awesome for my parents at their house and their small biz. I ran it for a while but I tend to do goofy poo poo every now and then on my network thanks to the home lab so I'm back to an ERL. Still run their APs though. If you have a simple network and don't need to monkey with exotic poo poo then UniFi all day. Doesn't UniFi require one to install their management application on a supported OS before you can do anything with it? That is, they don't seem to have a web-based management interface built-in into the AP? But, let's say you install their management application (virtual machine or something), does it need to run after that or can it be turned off?
|
|
#
¿
Feb 20, 2017 05:43
|
|
|
Having a caching DNS on your own gateway is a great way to speed up domain queries. For me I have dnsmasq + unbound and they work well together.
|
|
#
¿
Jun 26, 2017 00:04
|
|
|
Paul MaudDib posted:As a poweruser/homelab-someday-wannabe, what are the merits of having a real computer running something like PFsense to route on, versus just running one of the WRT flavors? If you want to be a poweruser, just install OpenBSD or FreeBSD (Open is better). You get PF and a host of other goodies. Sure, you have to edit text files . Plus you can write your own programs/scripts to do ... whatever it is that you want to do.
|
|
#
¿
Jun 27, 2017 01:30
|
|
|
Twerk from Home posted:What does PFSense or one of the BSDs do so well that Vyatta or EdgeOS doesn't? I thought they were most similar than different, is it really just about having tons of CPU power so you can route at line speed without hardware offload? Reading on Vyatta and EdgeOS ... same thing, different tools. Sure, maybe one of them provides functionality X that the other one doesn't, but ... meh, they all have the same purpose at the end of the day. Vyatta is based on Linux (Debian) it seems, while pfSense is FreeBSD. Speaking about pfSense, i downloaded and installed it in a VM locally. One thing that I noticed is that it packs in there quite a few tools (dhcpd, unbound, pf, cron, ntp, etc.) and provides a unified web interface to manage them all. As for ease of use, it doesn't look easy to me. I mean, one still needs to know what they're doing no matter what. I wondered how would a UI look to the PF rules and I must say I'm not impressed. To be fair, making a firewall rules UI is drat hard, unless you dumb it down that it becomes useless. For the normal people I would recommend a cheap consumer based router any time. While I use the Ubiquity AP and I like its performance, I am not sure that an EdgeRouter for $100 is worth it for the normal home user. For me personally having a cheap computer as the gateway with OpenBSD installed provides me with everything that I need. If a tool doesn't exist that does what I want, I just write it. At the moment I have at least 10 or so little daemons/cronjobs that provide all kinds of services (network traffic control, ad-domains maintenance, parental control, google drive backup tool, etc.). But this is not relevant for the normal folks, that just wants to have it running there and not really worry about it.
|
|
#
¿
Jun 27, 2017 15:05
|
|
|
unknown posted:http://www.jetwaycomputer.com/NF592.html Unless you want to have a ton of separate LANs you don't need more than 2 NICs. Hell, even in software you can achieve that without any problems. For a normal home router box that many NICs is overkill.
|
|
#
¿
Jul 14, 2017 06:53
|
|
|
It's always worth it. The available consumer wireless technology is simply poo poo. Maybe there are better options if you're a bazillionare, but not for normal people. A bird, a plane, a cloud or just the stars properly aligned and it all goes to poo poo. For unimportant devices (tablets, smartphones) sure as nobody cares if the download needs to be restarted or page X didn't load.
|
|
#
¿
Aug 11, 2017 15:30
|
|
|
Internet Explorer posted:Couldn't disagree more. Running wiring is not a skill that nerds need to know unless it is something that specifically interests them. Any learning experience is worthwhile in and of itself. Learning Klingon is worthwhile, not to mention pulling a network wire. But, since we have a relatively short lifespan is important to prioritize. Sitting on my rear end drinking beer is the only thing not worthwhile.
|
|
#
¿
Aug 11, 2017 21:39
|
|
|
CrazyLittle posted:I know how to pull cable. I still paid somebody else to pull 2x6 locations for $2500 in my house. Worth every penny - especially when I came in after them and used their pull paths to run speaker wire for surround sound and coxial cable TV. For a business $2500 is nothing so it makes sense. But I don't think I'd pay someone that much to do it for the house when I know I'm capable.
|
|
#
¿
Aug 12, 2017 00:15
|
|
|
Question: How many switches are too many? Situation: My house is wired with Cat5 wires. So, from the basement (where the cable modem and the gateway are located), everything goes into a switch, and from there to the panel that connects the wires to the rooms. In each room I have 1 drop. So, since I have more than one device in a room, I put a switch in there too. So far to me that sounds reasonable. Would it be too much to add another switch into a room to expand the network further or should I just pull longer cables from the existing switch?
|
|
#
¿
Aug 17, 2017 17:25
|
|
|
OhFunny posted:Hey thread whats a good wifi adapter for a desktop? If you are on the same floor, it would be worth it to pull the wire through rooms and hide it in a conduit like this or this or this . Wi-fi is ok if you absolutely need the mobility, but a wire will always be superior. And the amount of work required is incredibly small.
|
|
#
¿
Nov 12, 2017 01:45
|
|
|
Hughmoris posted:My folks have ATT Uverse internet and TV. Their internet use is currently browsing/email/youtube. They live in a multi-story townhouse and as expected they get shift Wifi coverage (Uverse modem is in a 2nd floor bedroom) While cable is always better than wireless, if running the cable over two floors is a big PITA, you could also buy 1 AP and one extender.Set the AP near the modem and the extender on the first floor somewhere where it gets a reasonable enough reception that it can amplify.
|
|
#
¿
Nov 16, 2017 04:03
|
|
|
Does pfSense provide anything more than a UI to pf?
|
|
#
¿
Jan 25, 2018 07:05
|
|
|
Steakandchips posted:I have foot thick solid stone walls. Jesus, where do you live? Castle or prison?
|
|
#
¿
Mar 22, 2018 21:25
|
|
|
Steakandchips posted:Never use the half round clips with the nails. Use a proper tacker. This is the one I have and it is amazing. https://www.amazon.co.uk/dp/B0001K9PNM/ref=pe_217191_31005151_dp_f3 Any particular reason? I had them in my house holding a network cable along the baseboard and they're very much fine for over 10 years now. What am I missing?
|
|
#
¿
Apr 12, 2018 14:35
|
|
|
Alpha Mayo posted:Is there any free software that will measure TCP throughput and graph it out for me in real time? Something like ixchariot but free? Assuming that by realtime you mean "often enough" the simplest system out there is mrtg. It can monitor anything you want however often you want. There are others more complex though (nagios , collectd (with graphana), etc.).
|
|
#
¿
Apr 12, 2018 15:53
|
|
|
Steakandchips posted:They take far longer to install and are far more prone to breakage than staples. Ah, ok. I had to install 5 in my house, and that baseboard portion is behind furniture (therefore nobody goes in there), so for this kind of a job the staples are definitely not standing out.
|
|
#
¿
Apr 12, 2018 22:18
|
|
|
I discovered Ubiquity from this thread. I bought an AP, it works just fine, but in no way I would recommend or be willing to buy the rest of the products for my home network. A good AP is hard to come by. A good router or switch ... they're dime a dozen. To pay hundreds of $ for that ... I need more edit: money, money 
Volguus fucked around with this message at 02:37 on May 26, 2018 |
|
#
¿
May 26, 2018 01:41
|
|
|
Thermopyle posted:The most commonly recommended Ubiquity routers (and is in the OP) are less than 100 dollars. That's $90 more than a router is worth.
|
|
#
¿
May 26, 2018 02:33
|
|
|
Twerk from Home posted:What $10 router are you using on your gigabit fiber internet connection? I am using a PC with OpenBSD on it. The PC was more than $10 in its time, today ... probably not even that. Yes, it can handle my measly 250Mbps connection just fine. OpenBSD is free. And more capable than any "router" (including pfsense) could be.
|
|
#
¿
May 26, 2018 03:25
|
|
|
What I have done in the past was to just add a plastic thingy above the baseboard to hold the cable. Here, by baseboard I mean this. The conduit would be the same color as the baseboard, and would fit rather nicely. Can go around doors as well. Here are some examples: https://www.homedepot.ca/en/home/p.plastic-cordmate-cord-channel-white.1000417673.html https://www.homedepot.ca/en/home/p.plastic-cordmate-ii-kit-white.1000106549.html https://www.homedepot.ca/en/home/p.wire-channel-nonmetallic-white.1000417688.html Volguus fucked around with this message at 21:22 on Aug 1, 2018 |
|
#
¿
Aug 1, 2018 21:19
|
|
|
redeyes posted:Kind of freaks me out running those tiny PIs as DNS servers. Doesn't that slow down internets a lot? The amount of DNS traffic your house makes is not that ... demanding, especially when most of the domains are in cache (since , humans in general, tend to have and prefer and like habits, and habits die hard, and habits include visiting domain X a bazillion times, like this somethingawful.com domain) therefore retrieving an IP from cache is not that time or CPU consuming. While personally I have my gateway handle my DNS (some pentium 4 CPU, older than grandma) the RPi should be more than suited for the job. No, it cannot handle a 100+ employees company each with their different porn habits, but it does just fine for a normal household.
|
|
#
¿
Aug 17, 2018 00:23
|
|
|
Dick Trauma posted:Your vacuum cleaner is networked? Mine is. Well, one of them, the roomba. convenient. and dangerous. dangerous as hell. And the garage door opener. Wifi, with internet access, the whole shebang. I'm basically asking for it.
|
|
#
¿
Dec 2, 2018 08:34
|
|
|
Twerk from Home posted:I ran Pi as home server for a while, but they proved to be a pain to keep going if you do anything at all that writes to the SD card, even logs. Pi-hole is just a DNS server, right? Could I just run it on any always-on server on my network and have DHCP point at it for DNS? Can I run it alongside dnsmasq? The Pi server most likely runs dnsmasq itself. You can most certainly make it work on a normal server, it doesn't have to be a Pi, though that setup would require you to do some manual installs. If they aren't already they should provide normal-linux-distro packages as well, alongside their Pi-hole distro. Where normal would most likely fall in the Debian/Ubuntu - Fedora range.
|
|
#
¿
May 22, 2019 16:41
|
|
|
H110Hawk posted:Yup. I would make sure that you schedule updates on it or something, and add fail2ban. It will eventually ban most of the internet. Why not just ban all of the internet from the start and only allow the IPs you actually need?
|
|
#
¿
Mar 10, 2020 00:15
|
|
|
Are there any racks out there (one shelf would be fine, but more wouldn't hurt, as long as they're not very expensive) that can be mounted on 24'' apart studs? The one that I have (that I installed my patch panel in) was made for 16'' studs and in my basement they put them at 24''. I could put a board perpendicular to the studs but I want to finish the basement at some point in the far future.
|
|
#
¿
Apr 2, 2020 01:35
|
|
|
I have a question regarding electrical and CAT6 wires: I have a guy (certified electrician, costs a bunch) tomorrow coming to pull electrical wires in the basement, basically to put in 4 plugs along the walls. The basement is not finished yet, it's in anticipation of the drywalls that I will put up at some point this decade I hope. I will need CAT6 pulled too in certain locations, though I'm not 100% sure yet where exactly they will end. Should I pull the cat6 wire along and near the electrical wire or will it be better to just put them as far apart from the 110V as possible? I can put them on the ceiling since there's no drywall up there either. Or through the studs, if I drill another set of holes.
|
|
#
¿
Nov 18, 2020 01:07
|
|
|
movax posted:I would not run them directly along the Romex for longer continuous segments if I could avoid it. 60 Hz will introduce common-mode noise on the pairs, which differential signaling is specifically good at rejecting. Ethernet is pretty small — I would likely do smaller, second holes right in the middle of the studs and far enough away from the other holes that you aren't structurally weakening the stud (carving a notch is one of the shittiest things you can do). Thanks for the info. I now learned today that the indoor electrical wires are called Romex (well, a brand, probably as common as google). Running through the big boards that hold up the first floor (2''x??) probably would be better and easier than through the studs, since the insulation is up between them (I'll see how the electrician will handle that tomorrow) and then just dropping down wherever I need them. And, now that you mentioned it, an AP may not be a bad idea either.
|
|
#
¿
Nov 18, 2020 02:17
|
|
|
A question about the Unifi controller software, the web interface: It used to, some time ago, to allow the browser to remember the login username and the password to be autofilled. It seems that for a while now it doesn't anymore and the browser not only doesn't offer to save the username/password but it doesn't autofill any field. I understand the need for better security in the business, but is there an option to at least make it allow the browser to just remember and pre-fill username/password? Or, ideally, to not require one if I would be so inclined?
|
|
#
¿
Nov 20, 2020 04:39
|
|
|
H110Hawk posted:I think browsers stopped doing that for untrusted certs. Aka self signed ones. drat, you're right. Now I gotta figure out how to add it to my trusted list.
|
|
#
¿
Nov 20, 2020 17:07
|
|
|
KKKLIP ART posted:So we just got a good promo and swapped over to AT&T’s gigabit fiber. I currently have an older UniFi security gateway and some AC lites. Obviously Wi-Fi won’t get me the full download and upload speed, but what’s the best bet in terms of a mesh system to get me there? Please just wire it to the main PC at least. Settle for wifi as the last option. Devices that don't matter (phones, tablets) sure, wifi, since they're irrelevant. But the main PC you should do everything in your power to connect it to a network cable.
|
|
#
¿
Mar 15, 2022 02:15
|
|
|
Is there a network card/chip with SFP+ ports that can negotiate at 2.5Gbps? Explanation: I live in Canada and I have Bell FTTH with their HomeHub 3000 modem. I pay for a 1Gbps plan. I would like to get the 1.5Gbps plan, however, to make use of it I'd have to use the HomeHub as the actual router as well and that's not acceptable. Currently I have a normal PC as the gateway and I bypass the modem with plain and simple ppoe, while being plugged into one of the network ports of that modem. The optical cable from outside goes into that modem via a SFP+ transceiver that apparently can be removed and plugged into whatever SFP+ port you like. Therefore, I'd like to buy a 2 port SFP+ network card, a switch with one (or more) SFP+ ports and improve the overall internet speed in my house. If the switch would have 2 SFP+ ports I could even connect one to the downloads machine for instant linux isos. But, from what I could gather from the internet is seems that: - The HomeHub 3000 optical port negotiates at 2.5Gbps. Not 10 like normal chips. - All SFP+ ports cards that I can find can only negotiate at 1 and 10 Gbps - There are cards (like https://www.intel.ca/content/www/ca/en/products/details/ethernet/700-network-adapters/x710-network-adapters.html) that can do 2.5 but apparently only for RJ45 port not SFP+. - There seem to be adapters out there that convert from optical cable to RJ45 but none of them seem to say if they negotiate the optical port at 2.5Gbps or not - There are threads on dslreports that have patched Broadcom drivers for FreeBSD (well, pfsense) that apparently allow a card with that chip to connect at 2.5Gbps, but I'm not sure yet if I wanna trust those. Plus I run OpenBSD on my gateway, but I guess I could downgrade to FreeBSD if I had to. What am I missing here? Is this the state of FTTH and there's nothing I can do until Bell does whatever it is they do on the other end and can negotiate at 10Gbps? If that's all there is ... well, it sucks.
|
|
#
¿
Jun 6, 2022 00:07
|
|
|
Less Fat Luke posted:I spent an inhuman amount of time trying to get 1.5GBps FTTH from Bell to negotiate at 2.5G with a ton of devices starting with a UDM Pro and trying BSD with some cards but gave up and just stuck with 1GBps from them. Godspeed fellow Bell user. Ooooh, really? Unless their "switch" accepts 10G (doubt it), you basically have to use their modem as a router to get the 3Gbps. And that's just a sad state of affairs. Edit: Just saw this video https://www.youtube.com/watch?v=tRSUdiOlBZM (skip to 10m in) which says that the HH4000 has a 10GB network port in the back that then you can basically connect to and just pppoe the poo poo out of it. So HH4000 would be then worth it. Yes, would not be able to get rid of it, but still, you could get 1.5 or 3Gbps and still use your equipment and let the modem be just a modem. Edit2: And I saw on Bell's site that I could order 3Gbps at home that would come with HH4000 (for about $40/month more) and now I'm just ... pondering. I'd need to get my house in order first (10G - 2 port card for my gateway, 10G switch, those can be expensive for over 16 ports), but that looks mighty tempting. Volguus fucked around with this message at 01:59 on Jun 6, 2022 |
|
#
¿
Jun 6, 2022 01:31
|
|
|
I'm looking for a 10Gb switch for the home network and I'm confused as hell as to what's available out there. I need 12 1Gb ports minimum so that means a 16+ port switch with 1 or 2 10Gb ports would be nice. One switch that I found is https://www.ebay.ca/itm/125393524540?epid=4012067490&hash=item1d3209573c:g:KvIAAOSw3nJfUsyO . The price looks reasonable and it seems that it can do what I want just fine. And it seems to be rack mountable as well. Is there anything better out there (ebay, used) that I should be looking at? One major point for my confusion is that it seems that a lot of the switches have their 10Gb port(s) mainly for inter-switch communication, for stacking. And with weird ports: CX4, X2, XFP ... Or some, like an IBM one I saw, it's full with SFP ports, which would mean that I'd have to buy transceivers. I am perfectly fine with 1 or 2 10Gb ports over copper RJ45, CAT6 since the distances are small. Other switches I've seen: https://www.ebay.ca/itm/164838383227?hash=item2661221e7b:g:tuMAAOSwLYRgiYyt Or this one: https://www.ebay.ca/itm/334393151857?hash=item4ddb629171:g:rtUAAOSwz~NiPNdO which comes with CX4/X2 module which I have no idea if I can use or do what I want.
|
|
#
¿
Jul 2, 2022 12:38
|
|
|
I only need 1x10Gbe port as the connection to my gateway (for which I'll buy a 10Gbe card). But, 2x10G ports would be nice, so that I have have another 10G link to my VMs server. But that's not critical. The rest of the ports (I need 12 of those minimum) can stay 1Gb. I'd love for them all to be 10G to be honest, but I'm not gonna pay through the nose for such a thing. About that Netgear XS508M: The SFP+ "uplink" port is in "combo" mode with the 8th port. Does that mean that only one or the other can be used? But, will it be just normal 10G if I connect it to a 10G card? Anyway, that particular switch has too few 1Gb ports, but otherwise, yeah, that would do for me. Used, of course, not the $778CAD I see it is on Amazon.ca . That's an absurd price for a switch. It needs to do breakfast, coffee and walk the dog for that money. What models should I look for on ebay ? Or should I just go with some switch with fewer ports and just daisy-chain to some other normal 1Gb switches? The switch would be in the basement so noise would not be a factor (to a point). Volguus fucked around with this message at 00:22 on Jul 3, 2022 |
|
#
¿
Jul 3, 2022 00:11
|
|
|
KS posted:Yes, combo ports you can use either the copper or the fiber interface but not both. Thanks, that was helpful. Now I know what to look for. About the 10G uplinks, I'm not dead-set on copper, but: - The main reason I'm looking to get a 10G switch is because I want to get the 3Gbps internet plan (FTTH) that my isp is offering. - The modem that the ISP is mandating to be used has a 10G eth port to which I can connect and authenticate via ppoe so that I can just bypass the modem and just get 10G speed from my gateway (well, it'll be 3Gbps but still). - So I need 1x10G eth card for my gateway. - But since that gateway has a mini ATX MB, with only one free pcie slot, I was thinking to get a 10G card with 2 ports. So one port has to be eth, unless I want to go with SFP+ RJ45 module but I've heard that those can get really hot (from the interwebs, so dunno how true is this). SFP+ DAC seems to be cheaper and run cooler. - But, as I've said before , this is all hearsay from the internets, as I really have no idea wtf im doing here. - Whatever 10G network card(s) I get , I would like them to run on OpenBSD, and from what I could tell, Intel chips are working well there. - Or I could upgrade the MB on the gateway as well, as now I have a bigger case and don't truly need for that MB to be mini and just get two 10G cards, one RJ45 and one SFP+ . Sorry for the ramblings, but that's how my "plan" looks so far. I hope to have it done in a few months after the summer and the vacations are over (and the wallet stops bleeding).
|
|
#
¿
Jul 3, 2022 01:18
|
|
|
KS posted:All makes sense. Those links are about FreeBSD not OpenBSD. Been running 1Gbps pppoe for a few years now and it hits 940-960Mbps in speed tests. And downloads .... I've seen it hitting 90MB/s on good days. But now im not using those 10G drivers, it's just the "em" driver so ... who knows how it will behave then. I guess I'll have to look at their mailing lists to see what problems people are reporting.
|
|
#
¿
Jul 3, 2022 04:20
|
|
|
Something weird happened on my network yesterday. I got a switch from ebay, Dell Powerconnect 5524P (24 gigabit ports, POE, 2 10G SFP+) to replace my existing 16 port unmanaged tp-link switch. I installed it, factory restored it (just from the reset button, i don't have a serial cable just yet), and started to move my connections over. The switch is in the basement, and I have cables pulled to every room where there are other switches that give connectivity to whatever devices are in that room. I didn't want to cut connectivity to everyone else in the house so I just moved to the new switch my office and bridged the 2 switches with a new cable. All seemed to be working fine for a couple of minutes, after which all hell broke loose. 90%+ packet loss throughout the network. Like ... a poison. After many hours of troubleshooting and an angry family, I figured out that if I move all connections to the new switch and disconnect the old switch, everything is fine. Somehow, the old switch being in the network is causing mayhem. Is that ... possible? Or is there likely another issue here that I should be looking at? For the moment I don't need the old switch, but I had plans to put it in service in another room. Could be the POE from the new switch to mess with old one? I don't know what got over me to buy a poe switch, I thought that it'd be neat if/when I want to power some wifi APs or some such. Never expected these kinds of issues.
|
|
#
¿
Sep 11, 2022 17:20
|
|
|
|
| # ¿ May 17, 2024 01:48 |
|
|
movax posted:Is there an accidental loop somewhere? Sounds like a broadcast storm possibly. The Dell is smart enough to have STP or RSTP, your unmanaged one, highly unlikely. Hmm, how can I find out? My network is laid out in a star pattern, with the basement switch (now dell) being the central switch, and connected to it is the gateway, all the rooms and all the other computers that I have in the basement. In every room there's another smaller switch for the devices in there. Maybe in the basement, as things grew, they have gotten out of control? I have in there: 1 gateway 1 2U server, full of VMs 1 PiKVM rpi, 1 RPI that has pihole 2 computers from work Googling about loops it seems that there are people/companies who are selling tools to detect them. So it's clearly a thing that happens. edit: watching some more videos that's what maybe I actually did. by connecting the 2 switches I most likely created a loop. God drat, networking is hard. Volguus fucked around with this message at 20:32 on Sep 11, 2022 |
|
#
¿
Sep 11, 2022 20:18
|
|