|
fryzoy posted:routing table stuff On FreeBSD I'd use pf to set next-hop and reply-to based on source IP. On Linux I'd do the same thing with iptables marking packets and ip rule matching them and assigning them a different routing table with a different default gateway set.
|
# ¿ Oct 12, 2011 19:17 |
|
|
# ¿ Apr 29, 2024 07:27 |
|
That is assuming you didn't click through any SSL certificate mismatch warnings, have malware install an untrusted certificate on your box (via an exploit injected while you were browsing unencrypted websites?), run into attackers with any one of the numerous stolen but valid signed certificates, fall prey to BEAST, etc.
|
# ¿ Oct 16, 2011 01:59 |
|
CuddleChunks posted:Too bad the laptop is still using a lovely antenna built into the molding of the screen and even though you get tons of bars of signal now your own link back to the AP is just as weak as ever. Antennas increase both signal reception and transmission equally.
|
# ¿ Oct 24, 2011 02:53 |
|
Wheelchair Stunts posted:I was under the impression that while the AP does have a more focused ear, it also has a lot more noise to try to get a decent SnR from that bitty transmitter that is now competing with who knows how much more noise than before. The antenna amplifies both the signal and noise by the same amount, if it is pointed at both a signal and a source of noise. A directional antenna only amplifies what it's pointed at, so if you point it at the source of the signal other sources of noise would be excluded and the signal to noise ratio would improve drastically. In the unlikely event the source of the signal is inline with the source of the noise then both will be amplified. In that case, you should move the laptop or antenna (merely moving the antenna but keeping it pointed at the laptop should suffice), move the source of the noise, or put the antenna on the laptop. Ninja Rope fucked around with this message at 02:07 on Oct 25, 2011 |
# ¿ Oct 25, 2011 02:05 |
|
Triikan posted:Probably a Mikrotik or the like would be good for this. I don't know a lot about Mikrotik but that router says it can do 199k pps with conntrack off, which I assume needs to be turned on to do NAT. So, do you need NAT?
|
# ¿ Nov 15, 2011 21:39 |
|
The_Franz posted:The newer RB1100AH should do the trick as well. I think that within a month or two Mikrotik is also launching the RB1100AHx2 which is basically the RB1100AH with a dual-core CPU. That does appear to be fast enough, but I doubt it does NAT in hardware so it's hard to estimate exactly what performance impact it would have. Something from Cisco or Juniper would run $750-$1000 if you bought it new. Not really related, but I wonder how that differs from a standard PC in this instance. If NAT isn't done in hardware, you're limited by the CPU speed for NAT performance. In that case why not use a standard PC (form factor? power usage? price?)?
|
# ¿ Nov 15, 2011 23:48 |
|
The_Franz posted:If you look at bottom of the spec page there is a row in the table with firewall: on and conntrack: on (conntrack is connection tracking for NAT). It can do near gigbit speeds with 512 byte frames and 2.5 gigabits with 1518 byte frames with routing, NAT and firewall capabilities turned on. conntrack isn't necessarily NAT, it's just the module that allows for stateful logic (by tracking connections!). NAT requires conntrack but is another layer. conntrack does most of the work, but I don't know how much NAT costs on top of that. Maybe nothing!
|
# ¿ Nov 16, 2011 05:05 |
|
Scaramouche posted:Was hoping you guys could help. No. It's a waste of time. Get something new and more reliable if he's trying to use it for business.
|
# ¿ Nov 16, 2011 22:24 |
|
Link aggregation/LACP won't improve the performance of one client to one server communication (unless a layer 4 hashing algorithm is used, available on some switches, and multiple connections are created between the client and server). It's useful for one-to-many, many-to-many, and redundant connections, though.
|
# ¿ Nov 21, 2011 11:06 |
|
Shaocaholica posted:So if I did need those things 10G is the only option then? Unless you can make your app use multiple connections at the same time, yes, 10G ethernet is your only option (without getting into infiniband, fibre channel, or whatever; I don't know what you're trying to do). You already mentioned "a few machines", so maybe LACP will work for you (one to many!).
|
# ¿ Nov 21, 2011 21:57 |
|
Longinus00 posted:IF you're just going one client one server then you can hook them together with crossover cables. No port trunking switch needed! You don't need specially rewritten software or anything if you use something like a bonding driver. You don't need crossover cables any more, gige mandates auto-detection. If you're going device to device without a switch involved, the Linux bonding driver includes the "balance-rr" mode which will aggregate bandwidth linearly. Adding a switch means you go back to my earlier caveats regarding hashing.
|
# ¿ Nov 22, 2011 00:27 |
|
CuddleChunks posted:I imagine it's cheaper to build without using external antennas. Also, modern chip antennas work pretty well.
|
# ¿ Nov 24, 2011 02:04 |
|
The_Franz posted:High speed VPN performance isn't really something that a lot of SOHO users need so the extra cost of adding encryption hardware would go to waste most of the time. What cards are these? Modern CPUs have AES instructions built in which give huge performance speedups and you can get Cavium cards as fast/expensive as you could possibly want.
|
# ¿ Dec 28, 2011 09:59 |
|
Server racks are all the same width. Audio/telco/whatever else racks may be different, I don't know. Are you sure you want those servers? Older servers tend to run 1-2.5 amps a piece depending on what's in them and what they're doing, that could put you over the 20a most outlets offer, not to mention the power bill and noise. Edit: Any 24-port Netgear switch will be fine.
|
# ¿ Jan 10, 2012 05:24 |
|
Kaepora Gaebora posted:Power consumption and noise are not concerns. I still suggest you look up the power usage. I misspoke when I said "outlet", I meant per breaker. Most breakers are 20a, but I suppose in your new place it could be 30a. It's not uncommon for servers to use a poo poo ton of energy when they all come on at once, like after the power goes out. 2U servers like the 2850 could use way more than 2a each. You don't need a managed switch. If you wanted vlans or mirrored ports then I guess a managed switch would be useful, but a managed switch isn't going to be faster and QoS on your internal network is probably not useful. Your router will do any/all of the important network stuff. I don't know poo poo about mini-racks but I'm sure they exist. You'd need the rails (the part that bolts into the rack, the servers should have rails bolted to them that slide into the bolt-on rack rails) that came with the server but you could probably ebay replacements. They'll be model specific. Any 24 port switch is going to come with rack ears. That's all you'll need for one giant, loud, expensive pile of servers that you'll never need to use.
|
# ¿ Jan 10, 2012 10:51 |
|
You can't use velcro strips like everyone else? Get the ones you can cut to length. Also you're not supposed to bundle too many Cat5 cables together like that due to interference. Cat5e and Cat6 each have higher ratings for bundling and I bet you could look up the details if you wanted.
|
# ¿ Jan 12, 2012 13:18 |
|
I bought a gig trendnet switch once. It was cheap but not as fast as the managed netgear that replaced it, though the managed netgear seems a little buggy, and that's coming from someone used to working with junos.
|
# ¿ Jan 13, 2012 08:34 |
|
Where does the network of powerline adapters end? At the pole? At the nearest transformer? Can you share a coax cable between MOCA and digital TV/cable internet, or does it need to be a dedicated MOCA-only segment?
|
# ¿ Jan 20, 2012 08:12 |
|
Mr Man posted:4mb down and 500kbits up?? Are you suggesting that his video game needs more than a half a megabit of upload bandwidth? It sounds more likely that his connection is for some reason unstable and the latency spikes are the problem.
|
# ¿ Feb 2, 2012 23:43 |
|
Golbez posted:For a while, I've been getting disconnected when downloading too much too fast. I can hit 1.5MB down for a few seconds, but if it's sustained for more than a minute, I lose connection for about 30 seconds. I was thinking it was my ISP and only happening when my torrents were set too fast, but now it's happening for normal downloads, which makes me think it's my router. It's a WRT54GL flashed with dd-wrt, v24-sp2. I tried restarting it but no change. Is my router hosed, or does anyone know some way to find out what exactly the problem could be? I'm wired in; I haven't had a chance to ask my girlfriend if her connection drops out at the same time. I get the same thing. I'm on comcast in the bay area and I just assumed it's them being lovely or my old dlink cable modem being lovely. I've meant to replace the modem but I haven't had time.
|
# ¿ Feb 12, 2012 06:28 |
|
I never remember how this works but Jonny seems like a smart guy, but shouldn't you try and figure out the fresnel zone for the projected link too? I can't picture off the top of my head exactly how close those smoke stacks or trees are to the direct line of sight, but if you're pushing the limits of your radios as is the added interference might be enough to kill the link?
|
# ¿ Feb 24, 2012 18:25 |
|
2.4 ghz should have less loss in cabling and through the air as long as there isn't a lot of moisture in the air. I don't know where you live, how often it rains, or what comes out of that smoke stacks, but I don't know if blasting 2.4 ghz through pillars of steam is going to help unless it's much more powerful. You won't have to worry much about overcrowding with your laser-like antennas attenuating everything not directly in their LoS. What is the fresnel zone for 900mhz? And just because there's poo poo in your zone doesn't mean it's harmful. That's why I was hoping someone who knew this poo poo better would chime in. Ninja Rope fucked around with this message at 21:35 on Feb 24, 2012 |
# ¿ Feb 24, 2012 21:27 |
|
You could use UTP<->Fiber ethernet converters to get around electrical and distance concerns, but they'll run $100+ each.
|
# ¿ Feb 26, 2012 10:16 |
|
Does the ethernet cable look good? Is it wiggly or loose? You can try replacing it.
|
# ¿ Feb 27, 2012 01:53 |
|
Vivec posted:Also would a wireless N adapter plugged into a computer connecting to an N router be as good as plugging a cable in from the router to the computer? No. It will never be as good, but it might be good enough.
|
# ¿ Feb 28, 2012 22:39 |
|
I don't know anything about m0n0wall, but if you were to treat it as a standard FreeBSD box you generally get that error when you run out of a specific type of kernel memory. Is the OS 64 or 32 bits? Do you mind sharing the output of: sysctl vm.kmem_size_min vm.kmem_size_max vm.kmem_size vm.kmem_size_scale sysctl hw.physmem hw.usermem hw.realmem sysctl hw.machine_arch sysctl hw.pagesize hw.pagesizes hw.availpages My first guess would be to take kmem_size and kmem_size_max and double them. These changes have to go into /boot/loader.conf.
|
# ¿ Mar 7, 2012 21:13 |
|
I've lived in places with those GE boxes and they want you to pay GE to come in and terminate the ends and install a switch. Instead, I use a cable tester to figure out which cable goes where and crimp the end of all of the cat5 cables that lead to jacks I want to use. If you do that you may have to restore it to the previous configuration before you move out.
|
# ¿ Mar 8, 2012 00:07 |
|
I've never had one that fancy. It's a box in the wall where all the cables go, and mine have had a device that acts as a phone and a tv cable splitter. I had one that plugged the ethernet into the phone splitter but it didn't do anything for ethernet (either it didn't work or the ethernet cables shouldn't have been plugged in there). There is a mounting point for what I assume is an ethernet switch and a phone number to call to pay GE to put that switch in too.
|
# ¿ Mar 8, 2012 10:02 |
|
Your ping to the 12th hop look fine, so it's likely the browndognetworks routers are forwarding traffic acceptably but are under high CPU load and are slow to respond to direct pings. This is normal because pings to the device are treated as lower priority than routed traffic. Have you tested for packet loss?
|
# ¿ Mar 14, 2012 22:54 |
|
lucidcharts.com works pretty good too.
|
# ¿ Apr 5, 2012 03:12 |
|
Gherkin Jerkin posted:I first noticed problems while trying to download games through Steam. Any current connections would continue to work (IM; Skype; Steam download; bittorent) but after 5 to 10 minutes of downloading or so, trying to browse webpages would yield: Is it possible your whole connection is dropping? What does the steam download graph look like when this happens? You're sure the steam download continues uninterrupted? Steam will continue to retry, so if you're not watching the graph you might not notice the outage. My whole connection drops when I download games from steam or during other big downloads. I assume it's my crappy cable modem but I don't have the energy to troubleshoot it.
|
# ¿ Apr 9, 2012 01:41 |
|
You could try setting the DNS servers on your computer to 4.2.2.2 or whatever, and see if that fixes it? I guess it's possible that the router is so busy NATing it can't allocate an CPU to dnsmasq. If you set your computer to use a different DNS server rather than the router to use a different DNS server, it will just be forwarding DNS requests rather than processing them. Or you can try unchecking "use dnsmasq for dns"? That might do the same thing.
|
# ¿ Apr 9, 2012 19:28 |
|
poxin posted:Just purchased the asus rt-16n and flashed it with tomato usb. I'm connecting at 300mbps via wireless but I'm only getting about 2.3-3.3 MB/s transfer speed to another computer that is wired into the gigabit port, any ideas why it would be so slow? That's pretty much on par with G speeds of the wrt54g it replaced Are there a lot of other AP/clients/noise on the channel you are using?
|
# ¿ Apr 10, 2012 01:48 |
|
Rexxed posted:Not that one specifically, but I run a mini-itx system as a router. Mine's an old VIA EPIA 933mhz with 512 megs of ram I got on ebay. I boot off a CF card on a CF to IDE adapter. The processor never gets over about 3% usage (often less) and memory sits around 6%, so it's kind of overkill, but it works great, and it's rock solid. I've had up to about 4-5 months of uptime (interrupted due to power outages). I run m0n0wall but there's several router packages available, as well as just homebrewing a linux/bsd system with NATD and a firewall. I did the same but replaced it with a Shuttle due to size. My "fanless" VIA still required a fan because the power throttling poo poo didn't work under FreeBSD. I still have it sitting here unused because it's too useful to get rid of but I don't actually have a use for it.
|
# ¿ Apr 12, 2012 21:29 |
|
It's possible your ISP is throttling your connection based on the fact it's transferring a lot of data to a lot of destinations and from a lot of sources. With a VPN, all your ISP sees is one big transfer (though if they were clever they could probably take a good guess that you're torrenting anyway).
|
# ¿ Apr 16, 2012 06:40 |
|
Wheelchair Stunts posted:Why is using ICMP echo / ping a good connectivity test? I was under the impression (and have personally observed) numerous occurrences where ICMP traffic is (de/)prioritized which makes me think it'd be very tenuous for measuring packet loss among other things. What else will you use as a connectivity test? You could use TCP or UDP (or invalid IP?), but how do you know the other end won't silently discard the packet as part of a firewall rule? ICMP ECHO is what was decided on to be the connectivity testing packet and, as it doesn't contain data meant for applications it's intentions are easy to divine. You're free to use TCP or UDP packets or whatever else, but there are generally more problems that can come up with those. I don't know about prioritizing, but most devices implement rate limiting. Answer as many connectivity tests as you can, but if it seems like they're being abused then drop the rest sounds good to me.
|
# ¿ Apr 26, 2012 19:01 |
|
Boner Wad posted:Any thoughts on building a really tiny PC with a few Ethernet ports on the back? I've looked at Soekris boxes in the past and they seem way overpriced especially for the speed and compute power. I bought a Shuttle x35 or something, I forget which one, the one without a HDD or OS. I stuck a compact flash<->sata adapter and a 2g CF card in it running BSD. It runs like a champ and even though it's fanless the CPU is way overkill for routing. The only downside is the only NIC is 10/100. You could add another USB NIC or use a switch that does VLAN tagging.
|
# ¿ Apr 28, 2012 21:46 |
|
Has anyone successfully RMA'd anything through Netgear? I have a GS108T v1 that gets hugely temperamental when I enable flow control so I was thinking of RMAing it, but they seem to want proof of purchase for my, what, 4 year old switch, and me to pay shipping both ways. I'm not sure if it's worth it.
|
# ¿ May 6, 2012 22:46 |
|
What was that highly recommended cable modem? I want to try ordering a replacement from Amazon to see if it fixes my disconnection while downloading problem. Unless maybe you think I should just rent one from Comcast and make it their problem?
|
# ¿ Jun 4, 2012 23:47 |
|
|
# ¿ Apr 29, 2024 07:27 |
|
Probably, but MAC addresses are only unique to ethernet (and 802.11), and by the time we run out we'll probably be using something else (yeah that's what they said about IPv4, but layer 2 standards change faster than layer 3). That is still a poo poo ton of MAC addresses, but there's also the caveat that old MAC addresses can never be re-used. Once they're assigned to a device they're never reclaimed, even if that device is destroyed.
|
# ¿ Jun 6, 2012 21:11 |