Search the Community
Showing results for tags 'routing'.
-
Im having a strange issue on a 15GB modded mc server hosted by GPortal. Ive seen other people have the same issue but haven't found solutions other than to call ISP. If that's what I have to do, I will. So basically I can play for hours with no issues at all. But every time a specific person joins my ping shoots up to 120-140 and makes the game unplayable for me. As soon as he disconnects, my ping normalizes back at the average 21ms I get on this server. Everyone else in the server is perfectly fine when he joins, only I'm affected. We all live within walking distance to each other and we all have AT&T, although I have fiber and they do not. I get 947Mbps down, and 945Mbps up. Ive never lagged on any game since switching to fiber until now, but I feel like something strange is going on. What steps should I take to fix this? This is a trace route to the server (hosted in New York and im in Ohio) when the specific friend is NOT online Tracing route to x [x] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms dsldevice.attlocal.net [192.168.1.254] 2 1 ms 1 ms <1 ms 23-125-200-1.lightspeed.bcvloh.sbcglobal.net [23.125.200.1] 3 1 ms 1 ms 1 ms 71.151.93.28 4 * * * Request timed out. 5 * * * Request timed out. 6 11 ms 15 ms 15 ms 32.130.17.75 7 12 ms 12 ms 11 ms cgcil403igs.ip.att.net [12.122.133.33] 8 * * * Request timed out. 9 24 ms 22 ms 22 ms be2766.ccr42.ord01.atlas.cogentco.com [154.54.46.177] 10 20 ms 20 ms 20 ms be2718.ccr22.cle04.atlas.cogentco.com [154.54.7.130] 11 21 ms 21 ms 20 ms be2892.ccr42.dca01.atlas.cogentco.com [154.54.82.254] 12 21 ms 20 ms 21 ms be3084.ccr41.iad02.atlas.cogentco.com [154.54.30.66] 13 * * * Request timed out. 14 * * * Request timed out. 15 * * * Request timed out. 16 41 ms 35 ms 36 ms 5.188.123.193 17 * * * Request timed out. 18 21 ms 21 ms 21 ms x Here is a trace route to the same server only 1 minute after my friend joins. Tracing route to x [x] over a maximum of 30 hops: 1 <1 ms <1 ms <1 ms dsldevice.attlocal.net [192.168.1.254] 2 1 ms 1 ms 1 ms 23-125-200-1.lightspeed.bcvloh.sbcglobal.net [23.125.200.1] 3 1 ms 1 ms 1 ms 71.151.93.28 4 * * * Request timed out. 5 * * * Request timed out. 6 16 ms 15 ms 15 ms 32.130.17.75 7 10 ms 11 ms 11 ms cgcil403igs.ip.att.net [12.122.133.33] 8 * * * Request timed out. 9 22 ms 23 ms 21 ms be2766.ccr42.ord01.atlas.cogentco.com [154.54.46.177] 10 20 ms 20 ms 20 ms be2718.ccr22.cle04.atlas.cogentco.com [154.54.7.130] 11 21 ms 21 ms 20 ms be2892.ccr42.dca01.atlas.cogentco.com [154.54.82.254] 12 21 ms 21 ms 21 ms be3084.ccr41.iad02.atlas.cogentco.com [154.54.30.66] 13 * * * Request timed out. 14 * * * Request timed out. 15 * * * Request timed out. 16 36 ms 35 ms 33 ms 5.188.123.193 17 * * * Request timed out. 18 118 ms 121 ms 124 ms x As you can see my ping is 100ms worse after he joins. One other strange thing I will mention. Yesterday, hop 16 (5.188.123.193) was 37ms 33ms 166ms, and my overall ping was 136ms. Then I turned on my VPN and hop 13 (5.188.123.193) went down to 43ms 43ms 40ms, and my overall ping dropped from 136 to 27 when my VPN was on. If any further information is needed, just let me know
-
Revisiting this old topic I posted about an year ago, but lets try something different. The problem: So I have a motherboard with dual Ethernet ports, each connected to 2 different routers belonging to 2 different ISPs using 2 completely different upstream ISPs. So, one of my connections is fiber but low bandwidth; great for playing games but not great for uploading or streaming. That's where my other connection comes in, it's copper-twin cable but with much more bandwidth. Can I, in anyway, make certain apps use one or the other by manually setting them? Like OBS, Steam, Browsers etc on the copper while games on Fiber? Theoretically it should be possible?
-
- networking
- isp
-
(and 3 more)
Tagged with:
-
I have tasks on computer networks but some of them do not know what to answer, I was looking on the internet but there are none. And I'd like to know. Which of the following routing protocols provide default auto-sum? a) RIPv1 b) RIPv2 c) EIGRP d) OSPF What is the default route? a) is the route to which all uploaded packets match b) is the route of the main router c) is the route chosen by the specified routing protocol d) neither of the above Based on which table entries do routers send information to different subnets? a) switching table b) a translation table c) routing table d) arp table What is the network command used for in RIP configuration? a) for subnet broadcasting b) for creating static routes c) to run the RIP process d) none of the above Which command is used to check the RIP version in use? a) router (config) #show ip interface brief b) router (config) #do show ip protocols c) router (config) #show protocols d) router # show ip protocols Why is authentication being set up on routers? a) to encrypt the transmitted routing tables b) to encrypt the updates sent c) to ensure consistency of transmitted data d) to protect the network against unauthorized transmission of table updates What is the name of the neighbor router in EIGRP that is used to forward packets to the target network and has the best matrix. a) an admissible successor b) default barama c) successor d) neither of the above Give a command that can change the ID given to the router? What is router-id [identifier] for? Can we change the wideband value by issuing the command?
- 2 replies
-
- routing
- routing address
-
(and 1 more)
Tagged with:
-
Hello everyone, Recently I encountered an issue with my laptop trying to access my LAN devices, servers and switches. When I go to the IP of my NAS '10.0.0.20' I get hit with firewall blocked this type message in chrome. I allowed all of the IPs I am going to be using in windows defender firewall and bitdefender but I still get the same issue. Also I have tried my lan desktop and my brothers wifi enabled laptop and they do not have issues accessing the servers so. I have also tried pinging a device on the router and it comes back as "General Failure" (I checked my DNS server because I thought it was that and I flushed it in cmd and changed it to 1.1.1.1 to make sure that nothing setup with my DNS servers and VLANS were messing with it because I have subnet blocking enabled for the one wifi network)
- 1 reply
-
- windows 10
- lan
-
(and 3 more)
Tagged with:
-
DMVPN is mentioned in the official CCNA guide and also in the CCNP (specifically Routing and Switching I'm talking here) but it isn't really listed to configure in the exam topics for the CCNP route. The exam blueprints state you need to 'Describe' but if you've ever attempted a Cisco exam before then you might know, that doesn't mean you might get a question related to the configuration side. We are going to be looking at a simple lab with some theory behind DMVPN without the encryption, but a basic explanation what DMVPN is: DMVPN (Dynamic Multipoint VPN) isn't a protocol within itself, but is crafted by the various protocols used together to achieve what DMVPN does. It allows us to create a hub-spoke like topology with spokes being able to dynamically form a VPN between other remote spokes and the Hub. The protocols that create DMVPN: -Multipoint GRE -NHRP -A dynamic routing protocol (common: EIGRP or OSPF) IPSec is also a common protocol used but it isn't actually a requirement (although it is preferred since running plain GRE isn't the best idea...). Technically you don't actually need to run a dynamic routing protocol and have static routes but again it is very common to see a dynamic routing protocol. Before moving onto a basic introduction to configuration and the design, DMVPN can scale very large (thousands of remote sites) and not only allows our spokes with dynamic IP addresses to participate in the design but also the configuration is very effective instead of creating static tunnels for loads of remote sites. The single hub topology design This topology will use the internet as the underlay to transport our packets, although we will create an 'overlay' using multipoint GRE to carry our site traffic (10.x.x.x) using EIGRP. In DMVPN, we use the terms 'underlay' and 'overlay' a bit similar to GRE over IPSec where IPSec is used as the protocol to transport GRE otherwise we will have no protection. GRE is normally used to transport different traffic since IPSec itself can only carry unicast traffic, it you want to take advantage of multicast and other types of traffic then you can encapsulate with GRE and then send it over the IPSec tunnel as a unicast packet. In our case, we could even just use IPSec without GRE and just define the neighbors in our routing protocol so our updates and hellos etc.. are sent via unicast instead of multicast, that bypasses the learning and fun we'll see in this post! Multipoint GRE Why not use typical GRE point to point tunnels? Firstly, this defeats the whole purpose what DMVPN achieves, it allows us to manage our design with ease and dynamically form tunnels with remote spokes and with the HUB. If we have a static tunnel configuration, think about it we need X amount of tunnels configured on the HUB depending how many spokes are in our design and then a tunnel from the spoke to the HUB, and then finally a tunnel from SpokeX to every single other spoke that exist if you need Spoke-Spoke communication without traffic traversing through the HUB. Multipoint GRE allows a single tunnel configuration to then dynamically form tunnels without the need of loads of 'interface tunnel x' in the configuration. It can take the configuration of the single interface and then use NHRP to dynamically form tunnels to other routers. NHRP Next Hop resolution protocol is the protocol in DMVPN which makes it possible for spokes to register their public IP address according to their tunnel interface IP address whether the public facing interface is static or dynamic. Everyone explains NHRP like ARP but on the internet instead of within a local LAN. The protocol works as a server-client model where clients would point to a server to register their address (more specifically their NBMA aka Non Broadcast Multi Access). We will look at NHRP in more detail not only with configuration but also verification commands and more theory when we actually see outputs. Dynamic Routing Protocol As I've mentioned, a routing protocol isn't actually a requirement for DMVPN although as you may know, a dynamic routing protocol makes routing more scalable when working with a large amount of subnets/networks. We will be using EIGRP in this example. IPSec There are many design guides and generic guides on the web which show different methods such as using an IPSec profile directly in IOS or even having a firewall which offloads the resources for IPSec tunnels and then a router performing the GRE/NHRP etc.. In our example, I won't be using IPSec since the ipsec configuration is straight forward to lab but also very easy to setup using preshared keys, it gets more interesting when you begin to introduce a PKI server for certificates and IPSec enrollment instead of using keys/shared secrets... Basic configuration Starting with the basic configuration of all the routers so you can follow along: Starting with a basic check, we can ping each spoke from the HUB: HUB#ping 1.0.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 1.0.0.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 5/5/6 ms HUB#ping 2.0.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2.0.0.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 4/5/6 ms HUB#ping 3.0.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 3.0.0.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 5/5/6 ms Firstly, lets start with some basic tunnel configuration. What we need to configure, an overlay which will use the 192.168.254.0/24 network for the tunnels to communicate. Lets go ahead and actually configure some other important commands on our HUB which will also act as the 'Next Hop Server aka NHS' for NHRP. HUB Configuration (Phase 1) interface Tunnel0 ip address 192.168.254.1 255.255.255.0 no ip redirects ip nhrp map multicast dynamic ip nhrp network-id 10 tunnel source GigabitEthernet0/0 tunnel mode gre multipoint tunnel key 1 ip nhrp map multicast dynamic On the hub, this command serves to map multicast packets to the mappings that are created within the NHRP database. ip nhrp network-id 10 This is similar to the tunnel key command, where we can identify specific NHRP networks but this must match on all routers, this is required in a NHRP configuration. tunnel key 1 The tunnel key command in a tunnel configuration mode allows us to define which tunnel specific packets belong to, this is important when we have multiple tunnels on the interface and as a best practice I like to specify this even with a single tunnel configuration. Spoke Configuration (Phase 1) interface tunnel 0 ip address 192.168.254.(x) 255.255.255.0 !Spoke-1 .10, Spoke-2 .20 and Spoke-3 as .30 no ip redirects ip nhrp map 192.168.254.1 20.0.0.1 ip nhrp network-id 10 ip nhrp nhs 192.168.254.1 tunnel source GigabitEthernet0/0 tunnel mode gre multipoint tunnel key 1 Let's capture some packets! If I shut down the tunnel interface on Spoke-1 and turn it back on, this looks like the things thing that happens relating to NHRP, which also reflects the configuration we have done. Let's look into the NHRP packet itself and then see what conversation is going on. We'll look into the interesting stuff without getting into too much depth: Firstly, Spoke-1 sends a NHRP Registration request (to 20.0.0.1 which is the HUB), you can see this request holds some information which will build the NHRP database we will see shortly. Spoke-1 actually announces its own NBMA address and the protocol address (in our case its our tunnel: 192.168.254.10, destination to 192.168.254.1 the tunnel interface on the HUB). These NHRP requests will be sent every 1/3rd of the Hold timer which by default is 7200s (found under the 'Client Information Entry'). The client expects a reply and will keep sending out NHRP requests double time (from 1, 2, 4 etc.. to 32... that is the theory for those CCNP exam takers!) Next, we receive a reply from 20.0.0.1 (HUB), which looks like: If we take a quick look at RFC2332, its states that Code 0 is indeed a successful register with the NHS. The next 2 packets were actually a repeated request/successful request which we won't dive into because they look the same as the above 2 request and reply NHRP packets. With all the spokes configured, this process happens fairly quickly in our lab environment and we can now see a populated NHRP database which can be found using: HUB#show dmvpn Interface: Tunnel0, IPv4 NHRP Details Type:Hub, NHRP Peers:3, # Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb ----- --------------- --------------- ----- -------- ----- 1 1.0.0.1 192.168.254.10 UP 00:16:59 D 1 2.0.0.1 192.168.254.20 UP 00:15:08 D 1 3.0.0.1 192.168.254.30 UP 00:14:54 D HUB#ping 192.168.254.10 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.254.10, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 6/6/8 ms HUB#ping 192.168.254.20 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.254.20, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 6/6/8 ms HUB#ping 192.168.254.30 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.254.30, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 6/6/7 ms Do you think we would be able to ping Spoke-1 (192.168.254.10) from Spoke-2? Spoke-2#ping 192.168.254.10 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.254.10, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 6/12/25 ms The answer is yes! Although something happens behind the scenes. How could Spoke-2 possibly know how to get to 192.168.254.10? What happened was Spoke-2 actually send an NHRP request to its NHS (192.168.254.1). Because we have mapped the public IP address 20.0.0.1 to reach the HUB/NHS we can instantly send a request for 192.168.254.10. You can see above, we sent our NBMA and the Tunnel address, but the destination is 192.168.254.10. We are going to practically be asking, what is the NMBA address for 192.168.254.10? Now this is the part where NHRP gets interesting, try to see if something looks different below: If we just explain a quick overview, we send an NHRP request for 192.168.254.10 to 20.0.0.1 (which is our NHS). When the request hits the NHS, it will actually send it to the NMBA which is registered in the NHRP database (being 1.0.0.1). Spoke-1 (1.0.0.1) actually replies with its information (NMBA and Tunnel address 192.168.254.10). If we do a traceroute from Spoke-2 when the NHRP table is cleared on Spoke-2, have a look at the results that prove this: Spoke-2#traceroute 192.168.254.10 1 192.168.254.1 9 msec 192.168.254.10 7 msec 6 msec Spoke-2#show dmvpn Interface: Tunnel0, IPv4 NHRP Details Type:Spoke, NHRP Peers:2, # Ent Peer NBMA Addr Peer Tunnel Add State UpDn Tm Attrb ----- --------------- --------------- ----- -------- ----- 1 20.0.0.1 192.168.254.1 UP 00:27:00 S 1 1.0.0.1 192.168.254.10 UP 00:00:23 D Spoke-2#traceroute 192.168.254.10 1 192.168.254.10 8 msec 7 msec * If the entry is not in our NHRP database, then the first few packets/traffic will traverse through the HUB until we receive the reply with the NBMA address of Spoke-1. This is the dynamic part of DMVPN already in action, because we learn the address to send traffic to if we want to directly communicate with that Spoke. When we start advertising our networks from the spokes, this will change and then we can start talking about the different phases that can change the flow of traffic and how routes are propagated throughout this DMVPN design. We are going to configure EIGRP to setup a relationship which each neighbor but also advertise the loopbacks into EIGRP. router eigrp 1 network 10.0.0.0 0.255.255.255 network 192.168.254.0 0.0.0.255 We can put a more granular network statement to chose what participates into EIGRP but let us keep it simple and sweet. We'll look at the phases in DMVPN which can change our traffic flow and how we learn routes. Before moving on, we can come across an issue with EIGRP neighbor flapping with the tunnels, we must include a command in our tunnel configuration on each spoke which allows us to map multicast traffic to the NBMA address of the Hub. interface tunnel 0 ip nhrp map multicast 20.0.0.1 Confirming EIGRP neighbors on the HUB: HUB#sh ip eigrp ne EIGRP-IPv4 Neighbors for AS(1) H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num 2 192.168.254.30 Tu0 14 00:02:02 12 1506 0 5 1 192.168.254.20 Tu0 13 00:02:07 624 3744 0 5 0 192.168.254.10 Tu0 11 00:02:16 9 1506 0 6 EIGRP issues If we have a look at the routes that the HUB has dynamically learned via EIGRP: HUB#sh ip route eigrp 10.0.0.0/8 is variably subnetted, 11 subnets, 2 masks D 10.10.1.0/24 [90/27008000] via 192.168.254.10, 00:05:46, Tunnel0 D 10.10.2.0/24 [90/27008000] via 192.168.254.20, 00:05:38, Tunnel0 D 10.10.3.0/24 [90/27008000] via 192.168.254.30, 00:05:30, Tunnel0 There is an issue that can occur because of the default behaviour with EIGRP, if we take a look at the routing table for Spoke-3: Spoke-3#show ip route eigrp 10.0.0.0/8 is variably subnetted, 6 subnets, 2 masks D 10.0.0.0/24 [90/27008000] via 192.168.254.1, 00:06:29, Tunnel0 D 10.0.1.0/24 [90/27008000] via 192.168.254.1, 00:06:29, Tunnel0 D 10.0.2.0/24 [90/27008000] via 192.168.254.1, 00:06:29, Tunnel0 D 10.0.3.0/24 [90/27008000] via 192.168.254.1, 00:06:29, Tunnel0 We can see routes behind the HUB (eg. loopbacks) that can successfully be reached via the Tunnel interface, the issue is with routes from other spokes. The default behaviour with EIGRP is to not advertise a route out of an interface which it was received on (eg. Tunnel 0), this is a very good example of Split Horizon which is also apart of RIP and how that protocol works. We can simply solve this with an interface command on the HUB: interface tunnel 0 no ip split-horizon eigrp 1 Looking back at the routing table for Spoke-3: Spoke-3#show ip route eigrp 10.0.0.0/8 is variably subnetted, 8 subnets, 2 masks D 10.0.0.0/24 [90/27008000] via 192.168.254.1, 00:09:07, Tunnel0 D 10.0.1.0/24 [90/27008000] via 192.168.254.1, 00:09:07, Tunnel0 D 10.0.2.0/24 [90/27008000] via 192.168.254.1, 00:09:07, Tunnel0 D 10.0.3.0/24 [90/27008000] via 192.168.254.1, 00:09:07, Tunnel0 D 10.10.1.0/24 [90/28288000] via 192.168.254.1, 00:00:12, Tunnel0 D 10.10.2.0/24 [90/28288000] via 192.168.254.1, 00:00:12, Tunnel0 DMVPN Phases The phases are kind of steps during the DMVPN process when you have: Phase 1) Only Hub-Spoke traffic Phase 2) Spokes can then dynamically form tunnels with other spokes, no need to go through the HUB (firstly initial traffic will go through HUB because of the NHRP request) Phase 3) Spokes can dynamically reply to a NHRP request and spokes can work together without the HUB to initiate traffic between them Phase 1 During phase 1, our traffic will ALWAYS go through the HUB because although we have turned off 'split horizon', the HUB will advertise the routes from other spokes via itself. The next hop IP address in the routing table will show the HUBs IP address as shown below: (Notice all routes are reachable via 192.168.254.1) Spoke-1#show ip route eigrp 10.0.0.0/8 is variably subnetted, 8 subnets, 2 masks D 10.0.0.0/24 [90/27008000] via 192.168.254.1, 00:49:16, Tunnel0 D 10.0.1.0/24 [90/27008000] via 192.168.254.1, 00:49:16, Tunnel0 D 10.0.2.0/24 [90/27008000] via 192.168.254.1, 00:49:16, Tunnel0 D 10.0.3.0/24 [90/27008000] via 192.168.254.1, 00:49:16, Tunnel0 D 10.10.2.0/24 [90/28288000] via 192.168.254.1, 00:40:05, Tunnel0 D 10.10.3.0/24 [90/28288000] via 192.168.254.1, 00:40:05, Tunnel0 If we simply use a command on the HUB, we can allow the routes to be pushed out without the HUB adding itself as the next hop to reach the network. This is also moving the DMVPN into phase 2 where direct communication between spokes don't need to transverse the HUB all the time. interface Tunnel0 no ip next-hop-self eigrp 1 Before looking into what this does, now we will take another look at the routing table: Spoke-1#show ip route eigrp 10.0.0.0/8 is variably subnetted, 8 subnets, 2 masks D 10.0.0.0/24 [90/27008000] via 192.168.254.1, 00:00:21, Tunnel0 D 10.0.1.0/24 [90/27008000] via 192.168.254.1, 00:00:21, Tunnel0 D 10.0.2.0/24 [90/27008000] via 192.168.254.1, 00:00:21, Tunnel0 D 10.0.3.0/24 [90/27008000] via 192.168.254.1, 00:00:21, Tunnel0 D 10.10.2.0/24 [90/28288000] via 192.168.254.20, 00:00:21, Tunnel0 D 10.10.3.0/24 [90/28288000] via 192.168.254.30, 00:00:21, Tunnel0 We can now see, 10.10.2.0/24 via 192.168.254.20 and 10.10.3.0/24 via 192.168.254.30. This command will not make the HUB advertise the routes via itself. Back to Phase 3, the spoke itself can reply directly to a request because currently the request is being sent to the HUB and then the HUB is forwarding that request towards the destination. Here is an example of a basic packet capture when Spoke-1 tries to ping 10.10.3.1 (Spoke-3): You can see, the original source (1.0.0.1 - Spoke-1) is sent towards 20.0.0.1(HUB) and then, 20.0.0.1(HUB) sends it to 3.0.0.1(Spoke-3). To make this into Phase 3, we can simply add 2 commands on the hub and then a command on each spoke: !HUB interface tunnel 0 ip nhrp redirect ip nhrp shortcut !SPOKES interface tunnel 0 ip nhrp shortcut Its 3:34AM and I need sleep (said this an hour ago...) so will update this when I get some time tomorrow...
-
Guys i have a pair of the devices at home and want to set up a connection to another house. Upon connecting each device to my laptop i can see they come pre-configured and they communicate on their own network (smth like 192.168.88.2 and 192.168.88.3). Does it matter if they are in the different range than what i use at home? (192.168.100.0/24) Also they are set in Bridge mode, does that affect or i need to change their whole configuration? Anyone with more expertise in this field can offer advise, i never used RouterOS, i just tried it with WinBox.
-
Site A is Main Office Site B is Satellite Office Both sites running latest version of PFSense. IPsec Site to site bridge in place. Customer has white listed external IP of Site A for access to supported equipment. I would like to route all traffic bound for Customer.Domain.Com from Site B through tunnel and out to customer from Site A. If i called the Customer they would just add Site B's ip address to their white list, but I would like to learn correct way to selectively route traffic like this. Is this a new Phase 2 for the VPN? A firewall rule? etc. Any help would be appreciated. not sure if this is the best place to post to but im not getting answers on reddit or negates forum. Thanks. -StanFabInd
-
- networking
- vpn
-
(and 1 more)
Tagged with:
-
Hi all, I've already annoyed quite a few people with this topic on Reddit but I never came away with an answer that either worked or was simple enough for me to understand. I have 2 broadband connections into my home and I would like to use them as a single connection. From my research, I understand that I cannot speed up a single-threaded download with multiple broadband connections. What I've heard is possible through routing, is to utilise both broadband connections for separate devices, effectively increasing bandwidth across the network as a whole. I actually had this working at one point, using an ASUS DSL-AC68U router, with one of the RJ11 cables going straight to the router with the second connection coming in on ethernet port 1 from a router provided by my ISP. From there it was just a case of setting up load balancing in the dual wan settings on the router's web interface. Unfortunately, due to some odd behaviour with devices connected via ethernet on that router, it has been demoted to a glorified WiFi adapter in an area of the house where my powerline adapters don't work so well. I have a server running Ubuntu Server 19.10 that doesn't really do much apart from backups at the moment so I'd like to use it to do whatever the ASUS router was doing, preferably using the 2 onboard ethernet ports for my broadband connections and then the 4 port network card to connect to clients. All of the hardware is up and running but I'm looking for some help with the config on the router side of things. Cheers, Josh
-
I am working on a home project to experiment and create a more secure network. I believe I have most of it planned well, but I am confused on the DNS and Gateway settings. On my Gateways I've set the IP to their next hop from the device they are currently on. If there is a mistake. please help me figure out what I need to change for this to work properly. As for DNS I couldn't find an exact answer on google or forums regarding the use of a DNS IP that is on a different network. I'm not sure if all 3 separate networks can use the same DNS 192.168.2.3/24 (Located on the Fanless i5 ESXI Mini PC), or if a DNS "must" reside within that same network that the computers are in. This is the reason why I added 2 Pi-Holes for both the First Network and the Third Network (The Second Network is the IPSec network between both locations). So I would like a reassurance check as to if my DNS/Gateways are correct or if I need to change something. Another concern I have is that if only 1 Pi-Hole is needed at the very beginning of the network, will the IPSec Tunnel in between cause any issues in filtering dns requests? That was too specific to find a google answer, and I'm unaware as to how IPSec affects the Pi-Hole filtering, if at all from the network on the right side. Thank you for taking the time to review my design, and I look forward to your suggestions. By the way, IPSec must be implemented on the design as is. Other hardware and servers are excluded from this scope if they aren't relevant to the project.
-
Hey everyone, I just finished installing a multiple monitor setup. When I played a video on my left monitor, sound came out from my main monitor. I was wondering if there is any way to automatically route the sound signal to the monitor that is playing the video? If no options are available for windows, is there any free application that lets us do that? Thanks a lot.
-
I've been getting into networking a bit recently, but I'm pretty new to the field so I have a few questions: Is it possible to use a HP Procurve 1700-24 switch as a cabled router? Which IP range(s) can you use for internal subnetworks and the like? ie.: 10.0.0.x, 192.168.x.x, etc. And how does one configure subnetworks on non *nix machines? Thanks in advance :^)
-
I've decided it's time to start learning some networking. So I'm going to build a pfSense router from an old Dell Optiplex (or similar). I was looking at the Level1 videos about it and I understand that what he had (an i5 Optiplex) is very much overkill. But should I really go with something as simple as a Core Duo or Pentium instead? What would be the best "bang for the buck" when it comes to buying a retired business-class computer for this project? TIA
-
i have seen addresses like 203.115.200.2/29 and 203.115.200.1/29 used to connect routers. which class does these addresses fall into and how can you calculate subnet masks for these?
- 7 replies
-
- ip address
- routers
-
(and 2 more)
Tagged with:
-
I've recently set up a small DNS server in my home network. I'm about to buy a network switch, but I was wondering how connections between PCs on the network and the server would be routed. My router would be connected at 100mbps to the new switch (It's an older router). The switch would be connected to some PCs and the DNS server, as shown below. Would connections between the PC and the DNS server have to go through the router? The DNS server is configured with a DHCP reservation, rather than a normal static IP, if that's an issue. A stupid and quick mockup I "drew" of the relevant parts of the home network: DNS Server PC |________________| | Switch | <------ 100mbps | Router/DHCP Server
-
Hey all Back again with yet another networking question This time there is the setup I have a linux router, doing portforwarding using IPtables. External client logs into internal server using ssh on routers external IP What im looking for is a graceful way to close the connection Not block it, just close it. Currently I am adding a forward drop to the top of the tables list, and that breaks the connection, but it doesn't drop it properly, and as soon as I remove the rule, the connection just pops back up What im wanting is for when I drop the connection, the client drops properly and has to re connect to the server, rather than just auto connecting (If that makes any sense?) And yes I know there is a timeout, (putty will timeout if no connection is made within a certain time), but I want it to work for everything, even if the timeout isn't set on the client side Thanks again for any help, and fingers crossed there is a good way of doing this
-
i kind of find it interesting, and id like to try it out. dosent need to have like 6 bazilion layers or the best auto router in the world, just maybe 3 layers or whatever. have nothing in perticular id like to design or anything i would want to actiually bring to production, just to play around mainly and see if i can come up with something neat. was thinking about designing a VRM i guess? could be pretty fun but idk. im not clueless about this stuff, but im nothing above and amatur with minimal experience. well if anyone know anything id love to try it out
-
Hi, I have 2 PC's on 2 different subnets. My goal is to be able to have the PC's communicate with each other by creating a static route. I have already established a route between both routers and both routers can ping the WAN and LAN ports of the other. However, I cannot ping any devices behind the routers; either of the 2 PC's. I have checked firewall settings to ensure they are not blocking ping request and have tried multiple different tests. Does anyone have any tips or ideas on what might be happening or what I am doing wrong? Any advice is appreciated, Thanks.
-
how do i start? my internet plan- 24 mbps up, 24 mbps down im getting really high ping the past few weeks. around 150- ish ms to mumbai servers (im in pune, india) which is around 150km away from me. ive attached screenshots of the pings taken with a routing tool. the ping is worse when i connect it with Switch >> router >> pc instead of switch >> pc (dial up pppoe) here is a copy of tracert for the official mumbai csgo server my main pc has a gig port that came with the motherboard ( asus b360m-a) and yes, ive updated all the drivers and even reinstalled windows completely. theres another problem that when i do switch >> pc my lan link gets limited to 10mbps full duplex and wont go up even if i force 1gbps full duplex. however if i do Switch >> router >> pc i get the advertised speeds on speedtest.net but i can barely load websites apart from google or youtube. my isp is a piece of shit and im going to change it when my plan expires. i hope someone here can help me fix this issue so i can play a game without losing my shit. also, the ping gets better late night but its still unplayable.
- 4 replies
-
- ping
- you broadband
-
(and 3 more)
Tagged with:
-
Android Pie severed the ability to have notification sounds (sounds other than a call ringtone) play over the device's speaker when corded/bluetooth headphones/vehicle are connected. So if say you have headphones connected, any notification (other than a call) is inaudible if the headphones are not in/on ear. There is no support channel I can find to submit this OS fail to Android, and I have started this petition, but in my limited circle, it hasnt gotten very far yet. http://chng.it/4WV6Dsdr I have likely oversimplified the explanation of the ramifications of the issue here. It is a major productivity killer. Does anyone here have suggestions? I have not been able to root my device, nor do i really want to go there and do that.
-
So im trying to set up OPNsense with 3 LANs, a gateway, a vpn, and 4 interfaces. bce0 - WAN : DHCP from cable modem : will soon be upgrading to gigabit internet, currently just 300/75 bce1 - LAN : 10.10.1.1/24 : TV's, Roku's, "Smart" devices, WIFI 1 bce2 - PIA : 10.10.2.1/24 : Servers, Desktops, Laptops, Cell Phones, WIFI 2 bce3 - MAN : 10.10.0.1/24 : Switches, IPMI (ILO, DRAC, BMC), UPCs, Tape Library I want every device accessible to each other but..... PIA should only be able to access the internet via VPN LAN - WAN MAN - no internet access, I can get the interfaces configured and DHCP working on all the networks, but when it comes to the firewall im completely useless. I've been using pfSense guides and just general poking around to get this far. Opnsense's firewall is a lot different than pfSense's, and ive always just let the firewall do it own thing in the past with a simple 2 interfaces 1 WAN, 1 LAN config, with NAT. All the guides like to post the firewall rules like so: IPv4 * LAN net * * * * Default allow LAN to any rule and i dont understand the syntax , or they tell you to use manual NAT and copy the entries to the other interfaces. When i switch to manual NAT all entries are gone. Any thoughts on how I should set up the firewall???? The modem can do NAT, do i need it on Opnsense? Or how to connect the PIA-VPN to the PIA network only and still have access to the rest of the LAN's. Ive gotten the VPN connected in Opnsense just not to a network. Let me know what you whan screenshots of..............
-
I have currently got two modems (one of which I'm going to be using purely as a router, so I will consider it a router), the modem will have internet access while the router will (for the most part) be a separate network. I want the devices connected to the routers network be able to receive an internet connection from the modems network. I'm using the second network as kind of an experimental home network (where I can mess with stuff without risk of cutting off the internet connection for myself and others). Is there away I could do such a thing? This might be a slightly noobish question but networking isn't really my strong suit. I was thinking that a solution could possibly be port forwarding all ports on the router to the modem, but then it's not really a separate network is it (I wouldn't think devices would then be able to communicate of the router would they? All traffic would be forwarded to the modem if I forwarded all the routers ports woulden't it?). Also, I might only be able to read your comments for a few hours, because I'm currently at a friends house using their wifi.
-
Currently I have 2 routers, The router downstairs, which doesn't have wireless capabilities deals with the DSL connection (built-in modem) and the VOIP phone, and the router upstairs is now basically a switch and a wireless access point. What I would like to do, and I have been trying to do so for a couple of hours now, is use the upstairs router as an actual router and thereby create a different subnet for all of the computers and wireless devices. So the idea is that the downstairs router will be on 192.168.1.x and the upstairs one will connect to that with one port, and then on the other side it will use 192.168.2.x to connect to all the devices in my network. I've done some research, and I have found out that apparently what I'm trying to do is called a LAN-to-WAN cascading setup, which means you connect an ethernet cable from the first router to the WAN port of the second one. Here's my problem; the WAN port of the second router, is a DSL port. Does anyone know a way of using an ethernet port on the "inside" of a router instead, so bascially make one of the ethernet ports be the WAN port? Or perhaps can the DSL port be used for ethernet since it is an RJ-45 jack? Thanks in advance for any replies!
-
Hi So i From Hungary and i have a Telekom subscription wich is have internet(1000mb),iptv and a landline phone but this is not the point. My problem is i have a Huawei HG8245H and a Dlink dir 842. And i need to use static route to use devices in both network. On the Dlink i did that but if i connect to the Huawei's network i cant reach the devices on the Dlink's network so i need to do a static route on the huawei too and i looked up the internet and on the router setting there is a route category and i have no such thing. I really need to do this somebody know how to enable this feature?
-
Hello everyone, For the past couple of weeks on and off I've been forced to use a very unsteady internet connection. Still I do like my net games so I've been using a connection tethered from my phone (sad I know) which is somehow way more reliable even if average latency is a bit higher (up to 10ms). The problem is I have a data limit on my mobile device so I can't just use it for the more bulky stuff since it will run out immediately. My solution so far has been to switch between the two whenever I need to, but it's getting kind of tedious. Recently I've been thinking about setting it up so I can just keep my laptop connected both ways at all times. I'm pretty sure that all I need to do is add a couple persistent routes to my routing table and use metrics to force system to use the one I want for every task. Sadly I'm no expert on the subject and I'm kind of stuck wondering how to figure out net destinations of my game's packets, so I'm loooking for someone with more knowledge on the subject than myself.
-
Hey guys, I need help with a problem regarding routing, there is a warehouse which is 100 meters by 40 meters with a 15 meter tall ceiling. i need to place a router in it. However, only a few workers would be in the warehouse at the same time. I'll need complete coverage, as any worker would need to update the stock database. I'd also prefer the band-width to not be too high as i wouldn't want workers streaming videos and playing games. I need to make sure that there is minimal interference from fork-lifts and ladders. Could you recommend me a few spots to place my router? and a channel for each spot? to ensure maximum coverage, minimal interference? Thank you Nadun