Trimson Grondag 3 posted:

I’m sure you won’t be ..…. mist

Sniep posted:

it's amazing to me the benefits of fiber, not just the synchronous data transfer rates, but also the LATENCY (Local fiber 1g/1g vs. local Cable Modem 150/10)



too bad I'm not a cs:go player or something

outhole surfer posted:

don't get me wrong, i'm all for unions, but the poo poo pulled at event centers is wild. thousands of dollars to to both the event center and union to bring in your own gear, attendees getting screamed at because they moved a chair from one table to another. presenters getting screamed at because they dare plug a laptop into an outlet. ugh.

post hole digger posted:

its really weird that this speciifc thread that no one really posts in anymore is such an epic rereg guy fixture

fresh_cheese posted:

the existing alternative being stupid dns games and local /etc/hosts overrides

apparently i was wrong because ospf is hard or something.

fresh_cheese posted:

yea see but when you can use an ip address that gives you rdma to the target, or a different ip address in a different subnet because its a different L2 domain for vanilla ethernet - how do you know to choose the rdma capable non routed link?

fresh_cheese posted:

node1:
routed ip: 10.20.30.10
rdma not routed ip: 192.168.0.10
routes:
10.20.30.0/24 direct
192.168.0.0/16 direct
default/0.0.0.0 via 10.20.30.1

node2:
routed ip: 10.20.30.11
rdma not routed ip: 192.168.0.11
routes:
10.20.30.0/24 direct
192.168.0.0/16 direct
default/0.0.0.0 via 10.20.30.1


are you sayin i should add these routes to the above?
node1:
10.20.30.11/32 via 192.168.0.11
node2:
10.20.30.10/32 via 192.168.0.10

and automate the management thereof as i place virtual machines on hypervisors and them move them around?

congrats you just reinvented ospf more or less.

fresh_cheese posted:

the most basic basic bit of info is that there are two different networks.

one is very very fast, but only gets you to neighboring virtual machines in the hypervisor. thats 192.168.0.0

the other is the network that talks to the rest of the world. thats 10.20.30.0

re your question: yes. how do you let application code get the benefit of the fast network to adjacent peers while maintaining connectivity to remote peers that are unreachable over the fast network? and also do so across an environment running dozens/hundreds of hypervisors that contain these little island networks? and do so in a way such that you can start up a virtual machine on any one of those dozens of hosts and theyll just figure it out to get to the local peers with the fast network while still having access to everything else via the real network.


without going so far as ospf - split horizon dns was the next least bad option. a dns service on the fast private network responding to all requests for locally fast attached hosts with the 192.168 fast ip, and forwarding all other requests to external dns to supply 10.x normal IPs. its a colossal pita to automate the maintenance of those per hypervisor zones though as you move virtual machines around.

Nomnom Cookie posted:

have you considered making a home lab with a 6 raspberry pi kubernetes cluster, a dual socket sandy bridge VM host, and triple-NUC san. cause then you could run all the weirdo network protocols you want without bothering the people at work about it

Jabor posted:

deez nats

unknown posted:

Failover servers with different configs.

Captain Foo posted:

lol Comcast

shackleford posted:

Progressive JPEG posted:

wanted something that could serve as a wireguard gateway and also run arbitrary docker containers

Kazinsal posted:

yeah, they're great if you want to fart iSCSI at a VMware cluster or whatever and also don't want to be allowed to set it up, janitor it, keep it up to date, install security patches, or troubleshoot it yourself

Progressive JPEG posted:

separately in networking news i moved the dhcp serving for the home router off of systemd-networkd just because its so goddamn barebones. specifically it doesnt retain the client ids at all, so if you check the list of leases (itself a bizarre encoded blob buried in a dbus entry) it's just got macs paired with their assigned IPs. not very useful if you want a client list that any router from the last 25 years would provide. separately and more generally, it feels like networkd specifically has fallen into the sendmail trap of adding functionality/fixes that everyone would want/need but leaving everything disabled by default.

now running isc-kea in docker with postgres backend (why not - the router has 32GB mem after all) and its working pretty good so far, modulo the isc-provided docker image lacking preinstalled tools needed for db-init - gave up automating that and just wrote down the manual steps if I ever need to do it again:

code:

$ docker run -it debian /bin/bash
# apt-get update && apt-get install -y curl && curl -1sLf 'https://dl.cloudsmith.io/public/isc/kea-2-5/setup.deb.sh' | bash
# apt-get install -y isc-kea-admin postgresql-client
# kea-admin db-init pgsql --name kea --host <postgres_ip> --user <user> --password
<then discard the container>

i'd like to assemble some kind of periodic sync for fetching the leases from kea-agent's http api and putting them into /etc/hosts or thereabouts so that they show up on local dns provided by adguard home. the kea-stork thing looks interesting in terms of being able to extract prom metrics but no rush on that, could also diy an exporter against kea-agent APIs pretty trivially

Skinnymansbeerbelly posted:

my ISP

quote:

According to the indictment [PDF], Aksoy began plotting the scam around August 2013, and the operation ran until at least April 2022. Aksoy used at least 19 companies and about 15 Amazon storefronts, 10 eBay ones, and direct sales—known collectively as Pro Network Entities—to sell tens of thousands of computer networking devices. He imported the products from China and Hong Kong and used fake Cisco packaging, labels, and documents to sell them as new and real. Legitimate versions of the products would've sold for over $1 billion, per the indictment.

The DOJ's announcement this week said the devices had an estimated retail value of "hundreds of millions of dollars" and that Aksoy personally received millions of dollars.

quote:

The indictment said that some fraudulent devices were real Cisco products that were "typically older, lower-model, or less expensive Cisco products, some of which had been sold or discarded" but were modified to appear newer or like a higher-grade model. Tactics included pirated software and modding the hardware with "unauthorized, low-quality, and unreliable components," including ones meant to circumnavigate methods for checking for software license compliance in order to authenticate the device.

abigserve posted:

There's another company out there that's been selling dodgy, inferior Cisco products for the last decade.