You must log in or # to comment.
Nobody wants my info dump. I know way too much about networking and computers. The topics are massively deep, like iceberg levels of deep. One for each topic.
I could lecture for an entire day on the nuance and considerations of picking a Wi-Fi channel, or you can ignore me and just hit “auto” which may or may not take some, or all, of my considerations into account when selecting a channel.
If anyone is keen to hear some generally good advice about home networking, here’s my elevator speech:
Wire when you can, wireless when you have to. Wi-Fi is shared and half duplex, every wired connection is exclusive to the device and full duplex. If you can’t Ethernet, use MoCA, or powerline (depending on what internal power structures you have, this can be excellent or unusable, keep your receipts). Mesh is best with a dedicated backhaul, better with a wired backhaul. Demand it from any system you consider. The latest and greatest Wi-Fi technology probably won’t fix whatever problem you’re having, it will only temporarily reduce the symptoms and you won’t notice it for a while. Be weary about upgrading and ask yourself why you require the upgrade. Newer wireless won’t fix bad signal, or dropouts.
For everything else, Google. That’s how I find most of the information I know.
Good luck.
I’ll be around in case anyone has questions. No promises on when I’ll be able to reply tho.
Dude these type of replies are what had made reddit such a great time sink, even random browsing you may find something incredible in the comments. Thank you
Thanks. I’ve been on hiatus for a bit. I’m around.
I still won’t go back to that place either way
What about the SNMP protocol? And is ARP level 1 or 2? Edit 2 or 3 ofc!
I love low level network stuff, but nowadays nobody needs that anymore.
Well, SNMP is pretty great. There’s three variants in common use, v1, v2c, and v3. I’m a big fan of v2c, because I usually run SNMP over my trusted LAN, and read only, so there’s little or no risks there. I just want all the information! Haha I would consider v3 if I was doing any kind of read/write work with SNMP. To date, I’ve never had to, so I just don’t bother with it. It’s a bear to set up compared to v2c.
ARP is on layer 2/3 of both the OSI model and the 5 layer TCP model. The OSI model has never been implemented in a production network, it’s just a reference to visualize how things operate. TCP/IP and ipv6 generally stop around the OSI model layer 5. 6/7 is handled by the software, in theory, and layer 8 is where you get the most problems, by far.
ARP is considered to be both layer 2 and layer 3, sometimes noted as layer 2.5, because it’s bridging layer 2, which is Ethernet Mac addressing in most networks, and layer 3 which is IP addressing. It almost entirely operates on layer 2 however.
There’s a new, revised version of the TCP model that I’m aware of that blurs the line between what is known as layer 1 and 2 in the OSI model, kind of bundling them together. It’s weird, but something I’ve seen around.
The question I never got an answer to was about Ethernet. I have searched the internet high and low and have yet to find a credible reference that indicates what the real answer is. There’s a white paper but you have to pay to see it, I’m pretty sure the answer is in there, obfuscated by some fancy math algorithm… The question is: how much voltage is used for Ethernet baseband signaling when PoE is not used? What constitutes a “high” signal, and what is a “low” signal? A lot of sources seem to point to 5v and 1v, but never have any references to back up the claim. There are other sites that provide different voltages for high and low too. 5/1 is just the most common that I’ve seen mentioned.
Hey you know your stuff 🫡 well done!
I’m planning on setting up a NAS, so I will be reading into networking aswell. Hopefully I won’t get to frustrated lol
Good luck.
Basic configurations shouldn’t be too stressful. When you get into large segmented networks that use routing protocols, then you’ll have some headaches. I think you’ll be fine.
Thanks!
Yes, the only tricky part for me, I think, will be setting up external access for my familiy.
I did wonder about security though. Is it possible to set this up in a way where my families and my own ISP don’t see what is being shared?
Oh yes. You’re taking about a VPN.
But that opens a whole can of worms. You could go with something more tried and true, like Ike/IPsec, if your routers have that option. Usually that’s the way for firewalls, but it’s a bit hit and miss for routers.
Or you can go with something a bit more modern, like tailscale, wireguard, or zero tier. But then you need some way to put that on your NAS. I’m partial to zero tier, but there’s plenty of good options, even beyond what I’ve mentioned.
Researching this becomes a mine field without the right vocabulary, because having a “VPN” is such a broad definition that there’s a lot of commercial VPN solutions, designed to give you operational security when browsing the Internet, which are completely useless at securing traffic between computers on different LANs over the Internet. Services like PIA, NordVPN, surfshark, proton VPN, Express VPN… So many others. They’ll secure your traffic to the Internet itself, not between private locations connected by the Internet.
I don’t know what hardware you’re specifically using as a router at each location or what works with what. I know ubiquiti has some VPN features in their gateway products, and that could make quick work of the problem. Just food for thought I guess.
Thanks so much for taking the time to answer! I’ll look into those options
every wired connection is exclusive to the device and full duplex.
That doesn’t seem quite right in reality, since the moment you have multiple devices connected to one switch and both sending data to the router, they’re sharing the connection. Switches can handle multiple connections at the same time way better than an AP, being able to receive from multiple devices at once, but the bandwidth will ultimately still be shared between the devices.
I see what you’re saying and this is a good inquiry. The reality is that most networks are what we call North/South traffic exclusive. In this context, we use “North” to describe towards the Internet, “South” to be from the Internet, and east/west to be LAN to LAN traffic.
Networks that are primarily or exclusively North South, your contention will always be your ISPs committed speed (the speed they’re allowing you to use). So most of what’s South of that is pretty trivial, as long as it can keep up with, or exceed the speed of the North connection.
That changes if you do any East/West traffic. Whether that’s a home lab, a home server, or even just a NAS, or computer to computer file sharing… Once that traffic is more than a trivial amount of the network traffic, then you see a lot of benefit from wired connections to your computers. The switch backplane can handle a lot more bandwidth than any individual port, and the only way you’ll see that bandwidth is if some traffic is going somewhere other than your router, or the Internet.
To say most home networks are North/South heavy is obvious. Business networks frequently have servers and other LAN resources that are frequently utilized. So East/West traffic is usually non-trivial.
To spin an example, if your ISP is providing a 100mbps committed rate, and you gave full gigabit ethernet inside and at least 802.11ac wireless, with almost all traffic going to the Internet and back, you’re going to see little difference between Wi-Fi and Ethernet. The only major change moving from Wi-Fi to Ethernet is that your ping time will be more consistent and lower overall. It won’t be a huge change, something in the range of 10s of ms, but it’s literally the only thing you’ll notice a difference with.
Another example where it will make a big difference is if you have a NAS or home server, where you have files stored. Compared to a file storage service like drop box or Google drive. The LAN specific traffic will move at line rate, or the speed of whatever storage the data ultimately rests on, whichever is slower. In that context, the East/West traffic benefits greatly from Ethernet, and the full duplex connection between the two devices.
It’s all subjective to how you are using your network. You’ve made a good point, so thanks for that. Have a good day.
Also, don’t use the wifi routers provided by Cocmast. Cocmast uses them to provide their xfinity-branded wifi, so as their customer you are literally sacrificing bandwidth and paying their electric bill. I assume all cable companies do this but Cocmast is the only one I know about for sure.
ISP provider doesn’t matter. Put your ISP modem into bridged mode and get your own router.
ISPs usually don’t buy good, or reliable stuff for their clients, they buy whatever gives them the marketing buzzwords and costs them the least. Usually, they’re great at doing modem things, not so good at anything else. Bridged mode just limits them to just doing what they’re good at.
Why use the ISP router at all? If your ISP uses IPoE or can provide you the PPPoE connection details, can’t you use any router you like?
Yes and no, usually the ISP router is also the modem, converting from either VDSL, DOCSIS, or some flavor of GPON, and most people don’t have the knowledge or patience to figure out how to do a modem delete for their ISP.
Having the ISP put the modem in bridged mode usually nullifies the instability of it. Bridged mode turns the ISP modem router thing effectively into just a modem.
You can improve communication by removing it entirely, if you can sort out the modem delete, but unless there’s a pretty clear demarcation between the line handling gear and the ISP router, you might be up a creek.
The other caveat is that with a modem delete, you won’t get help from the ISP. You have to revert to their gear before they will troubleshoot your connection. To them, that modem router is their demarcation line, so it must be in the path somewhere, or they get pretty grumpy about it all.
But, if you have the skill and the aptitude to do it, you can cut ping times by quite a bit. On my VDSL line, when I did a modem delete, replacing whatever lowest bidder modem router my ISP gave me with a Cisco 1911, and a VDSL2 line card, I got my, already quite reasonable ping times (somewhere around 10ms? Or so, to the local datacenter), down to about 4ms. Over VDSL2. That’s crazy good. Nearly FTTH speed.
I did something similar when I was on FTTH for a bit, I got a fiber ont SFP transceiver that could be reconfigured, programmed it with the MAC and other critical information from my ISPs device, and used that in my own router. Which also cut ping times from ~5ms? To ~2ms maybe? So, yeah. There’s benefit to it, but it requires specialized expertise most of the time. If you have an easy path to a modem delete with your ISP, then it’s a no brainer.
Disabling the routing in your ISPs combo router/modem, is essential for any mid sized household that values their performance.
Sorry, what is a “modem delete”, and how does all of this work if you just don’t choose to buy a router from your ISP at the time you first order an Internet plan from them? Like, it’s included there as a standard option with most ISPs, and they have instructions that at the very least seem simple (usually just making sure you have PPPoE with the right connection details, or IPoE set) to use.
I wired my house with cat6 when I moved in. The overall setup looks like 10G fiber to the house -> 2.5G capable router -> 2.5G capable NAS running *arr stack. Also off the router is a single cat6 run downstairs -> 8 port 1G unmanaged switch, which is connected to my desktop, work dock, parters dock, TV, and backhaul run to the back of house wifi extender. The desktop, both docks and wifi extender are 2.5G capable. The TV is 100M. This has been extremely reliable. I plan on upgrading the switch to a 10g capable one at some point, and then the router. Since the switch is unmanaged, is there a good way to know when it is the limiting factor and I should update it?
What’s the pros & cons of a managed vs unmanaged switch? Or of just running multiple cables out of the router? (Assuming your router has sufficient ports.)
My router only has four downstream ports, and due to the layout of my house I only want to run one cable from the router to my home office anyway. If it had enough ports and the house was laid out differently I wouldn’t have bothered with the switch.
Unmanaged switches are usually quite a bit cheaper and just work. You plug everything in and that’s it. Managed switches need configuring and cost more. I paid $25 for my 8 port 10/100/1000 switch, while the managed version is about $120. With a managed switch you can do things like turn individual ports on and off, traffic limit and monitor per port, and other fancy networking things that I’ve never bothered with.
Ah that’s interesting. Thanks!
What does 10/100/1000 mean?
That’s that speed the ports are capable of. 10/100/1000 megabits per second. Most things with an Ethernet port nowadays are 10/100/1000 capable, and 2.5Gb is becoming reasonably common.
Weirdly, Roku and other smart TVs are often only 100Mb capable since 4k streaming only requires about 60Mb and if you are squeezing pennies a 1Gb port is a bit more expensive.
10Gb is just starting to get available for high end consumer devices.
So is it some ports support 10, some support 100, and some support the full 1000? Or how does it work with the three different speeds?
All of the ports support all three speeds. When you first plug in, there is a quick round of negotiations where both sides basically say “Here are the speeds I can work, what about you?” Then they go with the highest that both support.
Yay!
Should I learn iptables or is it more sane to use a front end like ufw?
I have an RPI with dual Ethernet between my modem and consumer router so I don’t have to depend on the obsolete and limited consumer router software. I’m using OpenWRT at the moment but curious if you have other recommendations. I like the Luci gui so if I switched to headless Debian or something then I’d still want a luci equivalent.
I’m self hosting with docker and I want to set up a wireguard vpn container that joins a network with a select set of containers. So I’d have containers that are accessible only by actual LAN users and then others that are in this isolated group that only the VPN (i.e. WAN people) can access. I thought that’s what docker was all about! But by default it seems all authenticated VPN peers just get to be on the LAN. Sure, they can’t get at containers on a different docker bridge network, but they get to access the host itself! This is why I asked about iptables above, but it’s daunting. Any ideas on how to achieve “two levels of trust” for self hosted services?
Sorry this took me a bit to get to. Hello!
I’m hoping that not all of that is running on a single pi. I mean, it can, but you might hit limitations when everything is engaged with doing things. I just feel like, that’s a lot for one raspberry Pi…
Anyways, iptables are good to have a general grasp of, but they’re generally GNU/Linux specific. There’s other routing implementations that run on Linux, and hardware appliances generally have their own bespoke, vendor specific stuff. One project I’m aware of is free range routing. There’s a lot more, but this is one that I know of. Using FRR, vs iptables, they’re very different beasts. But you shouldn’t need FRR, it’s a monster in terms of memory use and designed to operate in ISP class networks. You don’t need it. I’m just using it as an example of what is out there.
The best advice I can give about this is that learning the concepts behind routing is more valuable than any specific product. Knowing the difference between an RIB and FIB, and how to structure routes, priorities, costs, etc… All very important. Can you learn that with iptables? Sure, and probably more, since iptables can also function as a low end firewall.
The important thing is that you learn the meaning behind what you’re doing in whatever routing platform you are working with.
I’ve worked with so many different ways of handling routing and firewall work that I get annoyed when vendors come up with dumb marketing terms that leak into the device user interface, for a very common routing, firewall, or VPN technology. I don’t care whether I’m on a router or firewall that’s custom and running open WRT, ddwrt, opnsense, or one from Cisco, Sonic wall, watchguard, Fortinet, Palo Alto, or any of the dozens of other vendors. A VPN is a VPN. IKE and IPsec don’t change because it’s vendor x or y. Don’t start calling the IKE identifier something else.
… Sorry, rant.
Anyways, I don’t really see the vendor’s interface as anything more than a code I have to convert into the industry standard protocol information that everyone uses. It’s a filter by which that vendor portrays the same options that everything else has. Some have quirks. Some are more straight forward. But they all have the same options in the end. Allow the traffic or don’t, do it by port and protocol or by IP. Apply content filters or don’t, use Ethernet, DHCP, pppoe, or something else like ATM or ipx/SPX for signaling. Who cares.
If you understand the concepts, the skills are transferable, no matter what platform you end up using, you’ll know what needs to be done, you’ll just be stuck figuring out how you do it on this platform.
Thank you so much for your response!
I feel the same way. I was looking into a Udemy course for those Cisco exams (not to take the exam, just to learn) and I was discouraged that the content is so vendor specific.
Do you have a recommendation on “neutral” learning? I have access to a fair amount of Udemy of that helps. Also happy to read static text, though preferably written as more of a tutorial than just a raw RFC or man page.
I could do the various incarnations of the Doctor in Doctor Who. An example info-dump from memory without looking stuff up:
So the first Doctor was played by William Hartnell, and later Richard Hurndall and David Bradley after Hartnell passed away. Second Doctor was Patrick Troughton who (tangent incoming) originally pitched playing the second Doctor in black-face which thankfully got nixed. Third Doctor was Jon Pertwee, Fourth was Tom Baker who is still the longest-running Doctor by episode count, Fifth was Peter Davidson, Sixth was Colin Baker, Seventh was Sylvester McCoy although (tangent 2) he also played the Sixth Doctor for the regeneration because Colin Baker got fired and refused to film his last scene so the Sixth in that scene is just McCoy in a wig. Eight Doctor was Paul McGann who was the longest-running Doctor chronologically even though he’s only been in one full episode (the 1996 TV movie) because the show didn’t come back until 2005. He’s done some cameos in the show since though. Ninth Doctor in canonical order is John Hurt, although he was added in retroactively during the 11th Doctor’s tenure so he’s referred to as the War Doctor instead of the Ninth. Tenth Doctor canonically is Christopher Eccleston, who is referred to as the Ninth Doctor because of the aforementioned retconning. Then it gets complicated. David Tennant is the Eleventh, Twelfth and Sixteenth Doctor because he regenerated into himself and then came back again later on, which we’ll get to in a bit, but he’s referred to as the 10th and 14th Doctor. Thirteenth Doctor is Matt Smith, who’s referred to as the Eleventh. He was also supposed to be the Doctor’s final life because Time Lords are only supposed to have 13 of them, but then he got a new cycle of regenerations because it would be silly to end the show because of some arbitrary plot point from the 1970s. So then Peter Capaldi was the Fourteenth (or First if you want to start counting again from the new cycle, which nobody does) and is called the Twelfth. Fifteenth (or Second) was Jodie Whittaker, who in the show is called the Thirteenth. She then regenerated into David Tennant again (hence him also being the Sixteenth/Fourteenth) for a couple of specials, and then he split into two separate Doctors, the other one being Ncuti Gatwa who is the Seventeenth or maybe co-Sixteenth or maybe Fourth but is referred to as the Fifteenth in the show. He then (SPOILERS if you haven’t caught up to the last episode) regenerated into Billie Piper, who played Rose Tyler previously in the show and also a sort of sentient bomb called The Moment and who might not even be the Doctor at all, we don’t really know yet. There’s also all the Timeless Child stuff which throws off the numbering even further, and Jo Martin who plays the Fugitive Doctor who is possibly some sort of pre-First Doctor Doctor but the show never really explained it. There are also some other pre-First Doctor Doctors shown in flashbacks and things in The Brain of Morbius and The Timeless Child, but who knows if they’re even real or not. There’s also another David Tennant who is a sort of human clone of the Doctor who lives off in some parallel universe, and another Tom Baker who is a character called the Curator who seems to be some far-future retired version of the Doctor who revisits some of his old faces.
I could go on but you get the idea.
click
I’m sure you were very good, but I doubt that you had that good a name memory as a five-year old.
I taught myself how to read as well, so I ain’t the dullest of pens either but somehow I just doubt you could’ve rattled off that many correct names and titles as a five-year old. Although, it might just be projection from my almost 40-year old weed-smoking soon-to-be-some-serious-memory-problem having ass. If so, apologies.
never read the ‘wall of text’. that’s for the bots
Sadly phone scams are the 3rd most profitable bussinesses in the world. They aren’t going anywhere unless we give up having a phone or our phone carriers do their fucking job on actual scam prevention
While they do make a lot of money i dont think they are even close he third most profitable businesses in the world.
Third ‘legal’.
Not that the top five should be considered any more legal than a drug dealer.
Except now they record your voice and use it to train voice ai and scam you harder. My coworker’s ex-husband got a call from their “daughter” distressed “kidnapped” needing money for ransom. Sent it and called the ex-wife. Daughter was sleeping at home.
I wonder if they do. That seems like a lot of effort to go to for the average person for a scammer.
It seems easier to have a generic voice, rely on the fact that phone audio quality isn’t great to bridge the gap, and use a shotgun approach.
Some places do, since there were a few high profile attacks, but they were nearly all targeting organisations by pretending to be the CEO or something.
Once it’s automated it’s the same either way. Probably something even vibe code could pull off.
Actually makes me wish I had kids, this is brilliant.
I’ve been getting a lot of spam calls lately. Eventually said fuck it and screwed with them as much as possible. The best times were where I had something to do that didn’t require much brainpower but had to be done. I eventually was able to keep them on the phone for up to a half an hour by pretending I was following their instructions until they realized I was bullshitting them. Everything from the internet being slow (and going on a rant about “ever since I moved to [made up town] I’ve had to deal with this shitty Internet, and they promised it to make it better X years ago”) to fake accents and changing my voice, or sometimes just not having a clue if I have an iPhone or Android and getting walked through how to figure it out. Once they figure out I’m bullshitting them they get furious. Absolutely hilarious.
Unfortunately for the fuckery with the scammers I don’t have as much brainless stuff to do at the moment. Though I still do fuck with them, I keep it short. Some things they really hate:
-
go into the bathroom, and when they’re explaining their stuff flush the toilet so they can clearly hear it
-
answer in a voice like you’re getting off. Instead of “yes” answer “Oh God yes”. At a fitting moment say “Oh God I’m going to cum”
-
go really far away from the microphone and speak softly, and when they ask you to speak louder tell them you’re already speaking loudly, something must be up with the line. They’ll most likely turn up the volume. Once the conversation goes to their scam and they’re not thinking about it anymore, scream as loud as you can into the microphone.
-
“How would you like to get fucked in the ass?” (Works best with men, considering those men often seem to be pretty prejudiced)
-
in a crazy voice: “HEY, WHAT DO YOU WANT, I’M TAKIN A SHIAAAAT”
-
"You say you’re from [insert company they’re pretending to be from]? Shit, your ex was right, you are a liar!
-
"you work for [insert company they’re pretending to be from]? Is that what you tell your mother?
-
“Hey [insert their fake name they gave you, the way they pronounced it], if you’re going to use a fake name, at least learn to pronounce it right”
-
if you recognize the name from an earlier call, reference what happened in that earlier call and rile them up further about it
-
when they’re about to hang up: “don’t be a chicken, don’t hang up! I have a bet going with my friend here, if you hang up, I win!”
-
after getting insulted because you told them you know they’re not who they say they are: “you’re insulting me, which means I’m right, thank you!” [Proceed to laugh loudly]
Anyway, I have more, it’s just not popping into my head at the moment. But creativity is the key here, and it’s fucking entertaining.
Only robots are calling me 😭
Usually the robot asks you to press a number, as soon as you do that you’ll be talking with a “representative”
Nah they are getting way smarter, you have a whole conversation before they even have a human (or another robot!) call you back another day.
-
what? actual human calling? sounds like something an ai would say.
I am 34 and i have never received robocalls before this year, in which I’ve already gotten a dozen or more calls. I think it has something to do with me living in Denmark. New hot scam just dropped in Denmark.🤪
they destroyed landlines with constant auto-dialing calls. when you pick up they either play a recording or in early days switch to a live scammer in a boiler-room somewhere. i moved my landline to google voice and silence is golden. get emailed transcripts of talking or it’s a few seconds of silence. brave new world
I saw a video saying that it was just a matter of tele companies just verifying and blocking callers, but that they had no incentive to do so.🤷 Google voice sounds so awesome. A shame it seems like it’s only available in the US
it was complicated moving the number since they only accept mobile numbers. had to move to a burner AT&T phone, then to google voice. been 20 years so far. nothing but spam there now. you can pick from available numbers. maybe VPN would work. expect google will just end the service one day. https://voice.google.com/
When I was in graduate school, I used to call the 700 Club’s prayer hotline and talk about my dissertation. To their credit, those people were remarkably patient and would only occasionally attempt to steer the conversation back in the direction of Jesus and his need to have some of my money. “Oh, I don’t have any money. Anyway, it turns out that there’s a perfect correlation between the giving of dowries and engagement in plow-based agriculture.” Completely true but for some reason they didn’t really care.
I want to hear more about relationships in plow-based agriculture.
First you pay the dowry, then you get to plow
You’re thinking of brideprice, which is basically the opposite of dowry.
Have you heard about our Lord and saviour Jesus Christ, and his need of your money?
A drop of water falls in an endless, still lake. The ripple spreads out, leaving a circular wave spreading out endlessly. Tiny disturbances create their own ripples; one side travelling with the main ripple, causing wonderful interactions in the wavefront; but the main ripple grows faster than these disturbances spread across it.
The beings of the ripple look across the main ripple, seeing the disturbances as their interactions propagate across the main ripple. Looking back far enough to the earliest disturbances, one thing becomes clear; the entire ripple comes from one drop, and most of the ripple is moving away faster than a disturbance can propagate.
An expanding universe where every point of the universe started from the middle is pretty easy to conceptualize with the right analogy.
The disturbances propagate at the same speed as the ripple, unless it’s some crazy nonlinear ripple.
It’s the weak point of the analogy, surface gravity waves like you’d get in a shallow lake do have nonlinear behaviour though.
Maybe a more accurate description would be to describe the wavespeed of the medium having tiny variations that cause extremely small, close range kinks where the wavefront crosses past itself, relating speed through time vs speed through space as the radial and tangential propagation of the wavefront. But that’s a less clean analogy, and the lake ripple is still good for describing how an entire universe can appear to be in the middle no matter where you look, despite originating from (suspectedly) a singular point.
