brwainer

If these devices are based on an ESP microcontroller (ESP8266, ESP32…) then one quirk is that the provided wireless software consistently prefers the lowest MAC address (BSSID) for the SSID it is using.

Well, the writing only matters if that’s a factory-made cable - the cabling doesn’t matter A or B, what matters is having the same pinout on both ends. But presumably that cable was made in the factory with B on both ends, and if he only reterminated one end… yeah that’s an issue.

Your router should be able to show you what its link speed on the WAN port is. That is how you confirm whether the ethernet is linking at 100Mb or 1Gb.

Because matching up the local UI config and the central app config is a pain. What should happen if you make changes in both at the same time, or while the router is offline?

Ubiquiti Unifi devices don’t have a local web UI either… Meraki enterprise networking equipment doesn’t have a local web UI…. Aruba Instant On doesn’t have a local web UI…. At an enterprise level, I want centralized management of some sort. And consumer stuff is a trickle down of technology from enterprise. But the centralized management is always less customizable than what some router products offer in their direct interface.

Your answer is valid for bog standard consumer routers, but the true meaning of a “DMZ” is a separate zone in between WAN and LAN. Public facing servers are placed in the DMZ. Only devices in the DMZ are allowed to have public IPs, port forwards, etc. Traffic on both sides of the DMZ (to/from WAN and to/from LAN) will be independently firewalled and inspected. For example, from the WAN maybe only HTTPS is allowed to a server, but from LAN SSH and RDP are allowed. And the servers in the DMZ are probably able to make DNS requests to the LAN, and other connections such as specific database servers, but with deep inspection and logging, and most things blocked. In my home I treat my IoT SSID/VLAN like this - IoT can reach my internal DNS and can make connections to the internet, but isn’t allowed anything else in the LAN. Connections from the LAN subnet to IoT are allowed. Maybe this is beyond what the OP is asking for because it seems that they aren’t familiar with VLANs or having subnets with firewall policy between them - but these concepts are required to actually have an IoT SSID provide extra security.

If the router is treating them separately and can apply firewall rules between them (either custom ones, or automatic due to setting it as DMZ, Guest, etc) then the security is real.

If you’re referring to what I think you’re referring to, that is a real product called Seasonic Connect, and it has a matching case called the Seasonic Syncro. Been using both for a year or more. It was cool wiring it up but since then its been a very normal case with a stable PSU.

Yeah so the “poeplus_config” is what matters (the PSE is configuring the PD with its allowed to use) and you have that. So I don’t know.

PoE+ and PoE++ require communication between the PSE and PD via LLDP, this is how they communicate so the PD knows it is plugged into a port that can provide >15W. On this model of AP, I believe LLDP is enabled by default. The switch should also have LLDP enabled by default. More specifically, the power information is known as LLDP-MED, and on the switch it is possible to have LLDP enabled and LLDP-MED disabled, but that would have to be intentional. I don’t think the AP has the same opportunity. To verify the switch port config, run “show lldp config <interface>”. You can paste the output here for me to confirm it for you.

And related to “if it already exists you can’t patent it”, you absolutely can go to the patent office and try to get a patent. There will be a public comments period where anyone who thinks it isn’t new can step forward. This happened recently with a patent for a “hexagon shaped box for dice” that was contested by other makers as not original, and also not sufficiently inventive to even be patentable. And even if you do manage to get a patent, when you go to enforce it you still can have it challenged, although it costs significantly more money to do so after it has been granted.

Having to make those two connections is not unusual - it is because your router doesn't expect the WAN and LAN to be on the same port. If this were something very flexible, like PFSense, Mikrotik, EdgeRouter, and others, then you could have reprogrammed it to have both on one port (one with a VLAN, the other without), which is called "Router on a stick", but this really doesn't give you anything extra.

What you may be looking for is a "thin client" setup, with the related term "VDI". While PXE booting may be a component of the solution, what really matters is that your laptop (client device) boots into a very streamlined OS whose only purpose is to make a connection to a desktop session on the server and display it.

People above have it right - use switches that support VLANs at both ends. Anything labeled “Smart” will do it. As far as uour desire for bandwidth, keep in mind that the ethernet connect will be full-duplex - 1Gbps in each direct, 2Gbps total. So, for example, if nothing else was going on and you did a speedtest from one of the PCs to the internet, you would get 1Gbps download, or 1Gbps upload. Getting switches that have at least one 2.5Gbps port will allow you to connect through the wall at 2.5Gbps, at which point you’ll have basically no bottleneck. By the way, the device you’ve drawn does exist, but it splits up the cable pairs and thus only provides 100Mb ethernet to each of the two channels. They made sense at a time when 100Mb was standard, but not anymore.

This is general advice from someone who is knowledgeable abour wireless but not your particular hardware: 1. Update to the latest available firmware. 2. If this was a unit sold outside the US, make sure the country code is set properly. 3. If no DFS channels are available, it is not possible to add them. The manufacturer must provide test results to the FCC (and other similar groups in other countries) to prove they follow the DFS rules properly, before they are allowed to enable them on publicly available firmwares.

What’s the exact model? Did you reset the configuration? The prior config may have prevented login to the admin from the LAN, or changed the admin port to something nonstandard.

Maybe…. Just maybe…. You should go watch the video released today by LTT. It might be relevant, I’m not sure.

*didn’t* think - meaning that as of writing that sentence, I knew I was wrong. Otherwise I would have written “don’t think” (and I had written that, then changed it when I saw the website was updated)

I haven’t measured the LAN latency but any impact from them is not noticeable for PS and XBOX gaming - I don’t have a PC or AP connected to my MoCA.

Yes they work (very well in fact), but you need at least two of them. The only thing that MoCA 2/2.5 is incompatible with is satellite TV on the same coax system, they both use frequencies between 1000MHz and 2500MHz.

They do offer a VPN called Cloudflare WARP, that is built into the “1.1.1.1 App” for mobile. I didn’t think its available for PC but the website shows that it was added at some point. https://1.1.1.1 https://blog.cloudflare.com/1111-warp-better-vpn/

Beware of anyone providing a free VPN. Running a VPN service is expensive. If you aren’t paying for something, you (your data) is the product that will be sold to someone else.

You may be using this site for legal files, but it is known to often be used for illegal purposes. Your ISP is acting in their own self-interest (proactive protection against lawsuits that claim they are supporting piracy) and/or the interests of media corporations who have paid them to block the site. Therefore, whether you are trying to circumvent things or not, and for a range of other privacy reasons, it is advisable to be using DoH or DoT (DNS-over-HTTPS and DNS-over-TLS). Browsers like Firefox have DoH builtin and are easy to point at Cloudflare or other providers.

There is a company called Storj that does this sort of… you have to set up two separate systems to share your storage bandwidth with others, and to use other’s storage. They pay you in a crypto coin, and you can then pay for your used storage that way. I assume that the pay rate and cost work out so that if you use as much storage as you provide it balances out but I haven’t verified. The reason I know about them is TrueNAS integrated them recently. They are also set up as just a company you can pay in USD for storage you use. There are other distributed storage systems based on cryptocurrency - the one I remember is Sia (don’t confuse it with Chia). I don’t think there is a really easy share-data-with-friends system out there.

Everyone wants to act like they’re a big spender that deserves volume discounts, so a basic 30% is built in - also helps the VAR look like they added value (sometimes they do, sometimes they don’t). What is a substantial purchase to an organization is a small and numerous order to Cisco, the volume discounts really kick in on six-figure orders, or if you sign an Enterprise Agreement (which generally means 6/7 figure annual spend)