Jump to content
Search In
  • More options...
Find results that contain...
Find results in...


  • Content Count

  • Joined

  • Last visited


This user doesn't have any awards

About eece_ret

  • Title

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Your AMD workstations should support any NIC you please regardless of SFP, SFP+ XFP, RJ45, as long as it has a compatible internal interface (PCI, PCI-Express) and your target OS has drivers for said NIC, you should be fine. The part of this question, and I think the root of your question that I ponder. Does AMD support PXE boot? Usually that boot rom is in teh NIC for PXE situations. Ive never seen it done with AMD though, which then begs teh question. It should work, but does it?
  2. Meraki.... A Cisco company.
  3. Look at Fortinet SDWAN stuff. Pretty much exactly what you are looking for.
  4. When talking PFsense routers.... A Core i7 4790 is pretty fast and current. Also... As Im sure you are aware its not always, Gigabits/Second... But Packets Per Second, the packet payload will dictate throughput. Hence IMIX comparisons. IF all you are doing is pushing jumbos, sure, that will be 1/4 the PPS of std 1500byte packets. If however you are doing a lot of real time applications with small packet sizes.... THings get interesting.
  5. OK, if you cannot change the Fortigate. Then you need more than one WAN IP otherwise you WILL be traversing their FW. If Traversing the FW is OK.... Simply create a new interface and tag that to Corp2. IF THAT is a bridge too far. Stand up a FW and double NAT, but that will be an issue down teh road. In teh end, you REALLY need some very small changes on teh FGate to support your needs.
  6. If its a FG 80e. Id create three VDOMs. WAN VDOM, Corp1 VDOM and Corp2 VDOM. WAN VDOM peers with Corp1 and Corp2 via Intra VDOM links and takes care of the WAN IP and NAT functions. Then tag the VLANs for the CORP1 and CORP2 vlans though the intermediary L2 infrastructure and present on a per port basis as is correct for the office space. The FortiGate will control flows between CORPX and WAN as well as block (or permit if desired) Corp1 <->Corp2 flows.
  7. Looks like teh creators got HOOOKED up at their homes. also, upgrading to a 100GBPS ISP connection. Sweet lemonade!
  8. To really get use of your 10G. Id be looking at vyos or tnsr, on fast-current, x86 hardware. Id be looking towards something Xeon-D based. Use Intel NICs from X540 series, PHY layer to suite your needs (SFP+ would be most straight forward)
  9. Just wanted to say a very big thank you to LTT merch store. All too often when I shop for shirts, the models are waifs, which often pushes me away as, I am not a waif, by a few inches LOL. Its great to see LTT merch store has such a variety of folks, all shapes and sizes. Makes it way easier for the rest of the world not built like a waif. Thank you!
  10. IPSEC is prety straight forward. Create your phase 1 phase 2 configs on all the routers. Create your VTI tunnel interfaces, setup all teh static routes. Once complete, all devices in remote subnets will be able to talk over teh IPSEC overlay network back to your place. If you create the static routes on teh remote sites to include the other remote sites you can transitively route between teh remote sites.
  11. To me this very much sounds like a candidate for pfSense Site to Site IPsec. Utilizing IPsec and simple static routing you can create a HUB/Spoke design with your home as the hub. This will allow for your use cases without need for remote client configuration (form the IPSEC on teh router, connected devices have access to teh tunnel without software or config) If you want a mesh style network where all nodes can route to each other AND your place, then you woudl probably want to look at some dynamic routing protocol on all the routers so when the ipsec tunnels come up the remote site subnet will automatically become available over that tunnel link. Also static routes with mesh gets really nasty really quick (NXN static routes where N is number of sites)... pfSense. Its free, it works. Just needs an old x86-64 capable PC> At your remote sites, DD-WRT/Tomato etc, would work as well as the IPSEC and BGP stack is there and would work with pfSense on the other end.
  12. Often these gaming routers utilize QOS, Quality Of Service. This would work in conjunction with your application to set the TOS bits on theIP packets to alert the router to the preference for that packet. The router then moves this packet to the head of the queue. They also tend to have better hardware in the form of more CPU (higher clock rate, more cache/RAM etc etc) to process more packets per second as well as process the packet more rapidly through the forwarding pipeline.
  13. Specifically for Consoles and other non conformant devices....
  14. Enquire with your IT support crew to see if your campus supports "MAC Authentication". This is a strategy whereby the WiFi controller will authenticate utilizing the non 802.x conformant device MAC address as username and password to the backend radius server (802.X usually backended with radius). Then institution would then have you register your MAC with some local Authentication DB (LDAP or whatever) for the radius server to validate against. This is how we do it at teh University I work for.