|
CrazyLittle posted:You can still do initial setups of UniFi APs using their mobile app. My UDM Pro deployment went OK at my parent's place but man I do not like the amount of warning it tosses up for "High TCP Latency" and other such things. My UniFi setup at my place barely complains about anything, but I am doing only APs here. My construction is 1982-1984, 4 story townhome, my parents is 2005, 2 story massive house. I'm personally blaming the fuckery on the Amazon Fire hardware and me having to change Tx power as a result. That all said though... generally agree with the above but I think I might actually prefer the EdgeSwitch over the UniFi switch, right now. I found the UniFi switch UI lovely for setting up a simple LAG; the EdgeSwitch UI is way more intuitive, I feel, but at the same time, it is not as centralized / organized if you have a lot of switches. I did just have a weird issue occur where after a power outage, the SFP link between my ER-4 and EdgeSwitch did not come back up, allowing me to VPN in but be trapped at my ER-4. Anyone have something like that happen before? Tempted to just go back to a copper Cat5/Cat6 cable because they're 3 feet apart and I don't need anything faster than 1 Gb.
|
#
?
Jul 11, 2020 20:21
|
|
|
|
| # ? Apr 24, 2024 02:05 |
|
|
Is there a simple guide somewhere about setting up a reverse proxy with Nginx and LetsEncrypt? Everything I find so far seems to be geared towards using a pre-built plugin or Docker container where you can just feed it your settings, but I'm trying to do this on a regular Linux desktop. I'm trying to make an Ombi instance public so that friends and family could request stuff to add to a Plex server. Right now I can do that with port forwarding (mydomain.duckdns.org:34567 goes to the Ombi webGUI fine), but I keep reading that reverse proxy is the 'right' way do do something like that. In my limited understanding the process doesn't sound that much different than port forwarding, is it just that a proper web server can secure things with certs/HTTPS? Anyway, I've got everything installed and have a cert/key/whatever created with LetsEncrypt using my DuckDNS subdomain, but I don't seem to be able to actually direct Nginx to forward incoming requests to Ombi, and I'm still a little confused about how external traffic would reach my desktop directly anyway. Do I still need to port forward traffic from the internet to my PC, then have Nginx set up to look for that traffic and perform cert validation before passing it on to Ombi?
|
|
#
?
Jul 11, 2020 23:05
|
|
|
My advice would be to spin up a VM that you aren't hosting yourself; don't let the world into your home network/your desktop if you aren't entirely sure what you're doing.
|
|
#
?
Jul 11, 2020 23:14
|
|
|
Alright, I've been a network engineer for two decades but I'm having a Disco Elysium moment where I've forgotten everything about my past as well as basic concepts like money. I have: 1) Xfinity home (not commercial-grade) ISP 2) self-owned Asus docsis 3.0 cable modem, currently giving internet when plugged directly into laptop 3) HP Procurve 3500yl-48G PoE switch updated to the newest aruba firmware and reset to factory config All I wanna do is make an uplink port on the ProCurve, where I plug the cable modem into Port 48 and the ProCurve grabs an IP address via Xfinity DHCP, then serves that internet out to all the other ports with it's own 192.168.2.x subnet.  What am I loving up? At a minimum I'd think the ProCurve itself should be able to ping 8.8.8.8 after I've set a static route of all traffic to the gateway that Xfinity has been giving to the laptop when it connects with DHCP (the redacted address beginning with 7)
|
|
#
?
Jul 12, 2020 04:29
|
|
|
You want a router.
|
|
#
?
Jul 12, 2020 04:39
|
|
|
astral posted:You want a router. That's what a procurve 3500yl switch is, it's a layer 3 switch. I have two acting as routers for a 500-person office. I just woke up braindead today and can't remember how to configure anything anymore. I want to use this one specifically because it has 48 PoE ports and I want to set up lots of PoE wifi hotspots and security cameras at my house. Not to mention it has a 200-year warranty where they'll express ship me another. Zero VGS fucked around with this message at 04:48 on Jul 12, 2020 |
|
#
?
Jul 12, 2020 04:44
|
|
|
Zero VGS posted:That's what a procurve 3500yl switch is, it's a layer 3 switch. I have two acting as routers for a 500-person office. I just woke up braindead today and can't remember how to configure anything anymore. I want to use this one specifically because it has 48 PoE ports and I want to set up lots of PoE wifi hotspots and security cameras at my house. Not to mention it has a 200-year warranty where they'll express ship me another. Most (but not all) Layer 3 switches don't support NAT; a quick glance at the 3500yl's management and configuration guide didn't seem to indicate your model was an exception.
|
|
#
?
Jul 12, 2020 04:59
|
|
|
astral posted:Most (but not all) Layer 3 switches don't support NAT; a quick glance at the 3500yl's management and configuration guide didn't seem to indicate your model was an exception. Whaaa that's bonkers... I could have sworn there was a time when we had no NAT router and these switches were doing everything. Maybe I misremembered. Is there anything I can buy that's more appropriate for a home network that can do 12+ PoE ports and NAT all on one device? I'd rather not keep stacking more and more poo poo in here. Zero VGS fucked around with this message at 05:07 on Jul 12, 2020 |
|
#
?
Jul 12, 2020 05:04
|
|
|
Zero VGS posted:Whaaa that's bonkers... I could have sworn there was a time when we had no NAT router and these switches were doing everything. Maybe I misremembered. There's also the firewall situation.
|
|
#
?
Jul 12, 2020 05:07
|
|
|
astral posted:There's also the firewall situation. Right OK... again is there a consumer router that exists with a generous amount of PoE ports or is the simplest thing going to be to pair a normal router with an unmanaged PoE switch?
|
|
#
?
Jul 12, 2020 05:10
|
|
|
Zero VGS posted:Right OK... again is there a consumer router that exists with a generous amount of PoE ports or is the simplest thing going to be to pair a normal router with an unmanaged PoE switch? Honestly I'd recommend just adding a plain ol' router (the ER-4 gets recommended a lot in this thread, and it's pretty solid) and let that beast of a switch handle the rest.
|
|
#
?
Jul 12, 2020 05:15
|
|
|
GnarlyCharlie4u posted:What AP's do you have?  movax posted:That all said though... generally agree with the above but I think I might actually prefer the EdgeSwitch over the UniFi switch, right now. I found the UniFi switch UI lovely for setting up a simple LAG; the EdgeSwitch UI is way more intuitive, I feel, but at the same time, it is not as centralized / organized if you have a lot of switches. I mean yeah that's kinda the point *e* GnarlyCharlie4u posted:I'm looking for some honest input, but I'm also all in on Ubiquiti with 3 poe switches a USG and a CloudKey. just so I'm not leaving you hanging - my goal was to put 5ghz everywhere in my house, with a maximum of 2-3 walls obstruction. With my current setup the only time I'm ever reliant on 2.4ghz is if I'm sitting in my car in the driveway, or using gear that simply doesn't have 5ghz... and most of those (iot) get their own SSID, dedicated radio setting, and kitty-jail VLAN. CrazyLittle fucked around with this message at 05:39 on Jul 12, 2020 |
|
#
?
Jul 12, 2020 05:36
|
|
|
astral posted:Honestly I'd recommend just adding a plain ol' router (the ER-4 gets recommended a lot in this thread, and it's pretty solid) and let that beast of a switch handle the rest. Thanks for the advice, yeah the only downside of the beast switch is that the server-style fans are loud as gently caress for home use. I think there's some 200-year warranty HP switches from that era that are 24 PoE ports instead of 48, but fanless.
|
|
#
?
Jul 12, 2020 05:43
|
|
|
OK now I've got my whole network up and running. There was some additional bullshit where you have to cycle the cable modem because Comcast will peek at the mac address of the router instead of the cable modem and refuse to give internet if you do it out of order. Router, switch and wifi controllers are all 1U rack-mounts. Fun to run my home network with some 8 year old decommissioned gear that MSRP'ed for $10000+ back then. Both the router and switch have those absurdly loud 40mm server fans in them, I wonder if there's a way to just unplug all of them and get some larger fans and a shroud to direct air over them instead. The highest amount of PoE ports on a fanless switch swtch seems to be 16 on this guy: https://www.amazon.com/NETGEAR-16-Port-Gigabit-Ethernet-Unmanaged/dp/B07DNT7JCT/ Maybe just that and replace the couple 40mm in the router with some Noctua if I wanna get everything toned down to indoor voices?
|
|
#
?
Jul 12, 2020 08:05
|
|
|
The Catalyst 1000 has a 24 port PoE in the range without a fan
|
|
#
?
Jul 12, 2020 09:55
|
|
|
Thanks Ants posted:The Catalyst 1000 has a 24 port PoE in the range without a fan Ah thanks, I did some digging and there's also a Zyzel if I can't afford Cisco prices, I've used that brand before and it's fine: https://www.amazon.com/24-Port-Gigabit-Managed-Rackmount-GS1900-24HP/dp/B00I0EZPCQ?th=1&psc=1
|
|
#
?
Jul 12, 2020 11:02
|
|
|
I did an internal mod on a Dell powerconnect to slow down the fan. Essentially I used a fan controller to slow down the 40mm and it mostly worked. I mean it worked, the fans were slower, but the sensor wire was still going so the switch thinks the fan is too slow. I also replaced the loud 40mm deltas or sunons or whatever with scythe fans (I'd probably use noctua now). Since dell decided to gently caress with the pinout for no reason I had to be mindful not to connect it like a normal fan, but since I rewired it all it was fine. I basically recreated this with a 7805 but I'm sure there's probably better off the shelf versions these days: https://ptarmiganlabs.wordpress.com/2013/08/22/one-dollar-variable-fan-controller/ If I had to do it again I'd consider a dc to dc buck converter to just lower the voltage to the fan since there's so many $2 ones on ebay. I'm using one of those to run some 12V stuff on my 24V 3d printer.
|
|
#
?
Jul 12, 2020 11:50
|
|
|
astral posted:Spectrum offers good DOCSIS 3.1 modems (well, technically eMTAs) and they're free to lease. They come in model numbers that look like E31_2V1, where the blank indicates the actual brand (hitroN, Ubee, Technicolor). They're all pretty solid. I am definitely in the minority but my leased gigabit modem from Spectrum sucked. Always overheated. I replaced 2 of them, had techs come out, no one could tell me what’s wrong. I put a fan blowing on it and within 10 min it’d be back online. I went the Netgear modem route and have had no issues at all, and it’s been drat hot in the house. Try the free one of course but if you drop connection regularly you might want to spend money sellouts fucked around with this message at 06:31 on Jul 13, 2020 |
|
#
?
Jul 13, 2020 06:28
|
|
|
sellouts posted:I am definitely in the minority but my leased gigabit modem from Spectrum sucked. Always overheated. I replaced 2 of them, had techs come out, no one could tell me what’s wrong. I put a fan blowing on it and within 10 min it’d be back online. What model was it?
|
|
#
?
Jul 13, 2020 06:36
|
|
|
E31T2V1 So, the Technicolor one. I don't know what it was before that but it did the same stuff. Might have been Ubee? I bought the CM1200.
|
|
#
?
Jul 13, 2020 19:01
|
|
|
Hey all, I'm in the market for a new modem and router. We have one of those crappy all in one ones, and I'm looking to replace it. We have a unifi AP already that will be on the network as well. Budget is around 200 all told
|
|
#
?
Jul 13, 2020 22:51
|
|
|
sellouts posted:E31T2V1 So, the Technicolor one. I don't know what it was before that but it did the same stuff. Might have been Ubee? Wonder if it was a bad batch or something, because that definitely shouldn't be the normal experience. Glad you were able to find something that worked though. iospace posted:Hey all, I'm in the market for a new modem and router. We have one of those crappy all in one ones, and I'm looking to replace it. We have a unifi AP already that will be on the network as well. ISP/Connection speed?
|
|
#
?
Jul 13, 2020 22:57
|
|
|
Just a quick question here. I have a pihole and an old 10/100 switch. I've run out of gigabit ports so I'm looking to move stuff over to the slow switch like my printer and other slow things. Can the pihole do without gigabit ethernet or will it slow down the whole network?
|
|
#
?
Jul 13, 2020 22:59
|
|
|
tuyop posted:Just a quick question here. I have a pihole and an old 10/100 switch. I've run out of gigabit ports so I'm looking to move stuff over to the slow switch like my printer and other slow things. Can the pihole do without gigabit ethernet or will it slow down the whole network? All raspberry pis before the 4 run the ethernet over the USB2 bus. So they won't get more than about 300mb/s even on a gigabit network. Edit: I realize that doesn't answer your question. DNS traffic isn't huge. I doubt if it'd have much of an affect.
|
|
#
?
Jul 13, 2020 23:02
|
|
|
astral posted:ISP/Connection speed? D'oh, knew I forgot something. Spectrum, I think 300 mbps.
|
|
#
?
Jul 13, 2020 23:04
|
|
|
Wacky Delly posted:All raspberry pis before the 4 run the ethernet over the USB2 bus. So they won't get more than about 300mb/s even on a gigabit network. Did the RPi 4 SOC finally have an integrated Ethernet MAC, or did it just move Ethernet to USB 3.0? Forgot off the top of my head (and what industry that SOC was originally intended for).
|
|
#
?
Jul 13, 2020 23:04
|
|
|
iospace posted:D'oh, knew I forgot something. Spectrum, I think 300 mbps. Definitely lease a free modem from them (the all-in-ones with wifi cost $5/mo to lease so don't get those); then you can use your entire budget on an ER-4 (+switch?) or go for the cheaper option of an ER-X (+switch?). They can fedex you a self-install kit that has a free-to-lease modem and a bunch of cables. You probably have to mention the self-install thing or else they'll want to send someone out to plug things in.
|
|
#
?
Jul 13, 2020 23:09
|
|
|
Wacky Delly posted:All raspberry pis before the 4 run the ethernet over the USB2 bus. So they won't get more than about 300mb/s even on a gigabit network.
|
|
#
?
Jul 13, 2020 23:12
|
|
|
movax posted:Did the RPi 4 SOC finally have an integrated Ethernet MAC, or did it just move Ethernet to USB 3.0? Forgot off the top of my head (and what industry that SOC was originally intended for). I think they just moved it to USB3.
|
|
#
?
Jul 14, 2020 00:11
|
|
|
Wacky Delly posted:All raspberry pis before the 4 run the ethernet over the USB2 bus. So they won't get more than about 300mb/s even on a gigabit network. I guess I’ll switch it out and see! That’s what I thought too. I don’t know exactly what dns does but it can’t be that much overhead, right? And yeah, always running pihole plugged in.
|
|
#
?
Jul 14, 2020 03:27
|
|
|
tuyop posted:Just a quick question here. I have a pihole and an old 10/100 switch. I've run out of gigabit ports so I'm looking to move stuff over to the slow switch like my printer and other slow things. Can the pihole do without gigabit ethernet or will it slow down the whole network? You can definitely do Pi-hole on 10/100. I run it on that and it runs perfectly fine with PiVPN and PiAware running as well.
|
|
#
?
Jul 14, 2020 03:50
|
|
|
tuyop posted:I guess I’ll switch it out and see! That’s what I thought too. I don’t know exactly what dns does but it can’t be that much overhead, right? DNS is the entirety of what the pi hole does. When you type google.com into your browser, your computer sends a DNS request to the specified IP (in this case the pi hole) asking what the IP of google.com is. If the pi doesn’t know, it’ll send out a request to its authoritative DNS servers (eg quad nine or opendns). Those servers will then say I don’t know where google.com is, but I know where the .com domain servers are, let me direct you to them. The .com servers will then know where all the subdomains (eg google) are and direct your request to those servers, who will be able to answer your computer’s original question of where google.com is. Your computer will receive a reply saying google.com is 8.8.8.8 or whatever. Pi hole does some other cool stuff, like blacklisting. Eg virus.com is known bad on this list, so it won’t give your computer the location, and just drop the request. Hope that helps!
|
|
#
?
Jul 14, 2020 05:52
|
|
|
movax posted:Did the RPi 4 SOC finally have an integrated Ethernet MAC, or did it just move Ethernet to USB 3.0? Forgot off the top of my head (and what industry that SOC was originally intended for). Dedicated RGMII path, USB3 comes from pcie. The original SoC was for phones(which is why it had only one usb port).
|
|
#
?
Jul 14, 2020 07:26
|
|
|
Apologies if this is the wrong thread for this question, but here goes: Is there a significant difference in quality between Intel and Realtek Ethernet on modern motherboards? For instance is Intel I225-V 2.5Gb Ethernet substantively better than Realtek RTL8125B 2.5Gb Ethernet? If it's like  more to get a mobo with Intel instead of Realtek is it worth it?There seems to be a lot of generic prejudice against Realtek and in favor of Intel, but not a lot of evidence one way or the other, other than the general tendency of motherboard makers to only put Intel on higher-end products.
|
|
#
?
Jul 15, 2020 15:22
|
|
|
For most day to day probably not. If you were building a box with TrueNAS/FreeNAS or pfsene, yes.
|
|
#
?
Jul 15, 2020 15:34
|
|
|
If you beat up your nic the difference between Realtek and Intel will become readily apparent. If you use it like a normal desktop user it doesn't matter at all.
|
|
#
?
Jul 15, 2020 16:03
|
|
|
sean10mm posted:Apologies if this is the wrong thread for this question, but here goes: Realteks don't let you set up multiple vlans on a single wire and don't support teaming. Most motherboards that are not rock bottom quality will give you at least one intel or aquantia nowadays, just realteks(esp nbase-t) are rare.
|
|
#
?
Jul 15, 2020 17:16
|
|
|
So what's the current preferred software router/firewall? Anyone running something like pfSense or ClearOS as router but in a VM instead of a SBC?
|
|
#
?
Jul 16, 2020 22:57
|
|
|
Combat Pretzel posted:So what's the current preferred software router/firewall? I don’t have experience doing it but a friend of mine runs his network router as a vm running IPFire. He seems to like it okay - though I think he’s looking to move to an SBC.
|
|
#
?
Jul 16, 2020 23:03
|
|
|
|
| # ? Apr 24, 2024 02:05 |
|
|
IPFire, looking into that one, too. Currently downloading OPNSense to try. Doesn't appear to have ARM images, so  --edit: IPFire has a huge chip on their shoulder in regards to Wireguard. 
Combat Pretzel fucked around with this message at 23:16 on Jul 16, 2020 |
|
#
?
Jul 16, 2020 23:06
|
|