Jump to content
Search In
  • More options...
Find results that contain...
Find results in...

brwainer

Member
  • Content Count

    3,084
  • Joined

  • Last visited

Awards

1 Follower

About brwainer

  • Title
    Veteran

Recent Profile Visitors

3,465 profile views
  1. The DHCP server in Cisco Routers doesn’t do any checks for whether an IP is in use, it only uses its own leases list. It doesn’t even check if the router’s IP is in the range. Many alternative DHCP servers do an ARP and/or Ping check on IPs before it offers one. And many DHCP clients (including all iOS devices) will do the same before accepting an IP offer. But you shouldn’t rely on this, and in Cisco Routers you should always put in an exclude for any static IPs in use, including the router itself. I don’t believe you need to put in an exclude for the network and broad
  2. “Speed” is based on two factors. 1. How fast the connection is between the router and the VPN server 2. How much additional latency is added. Neither of these can be predicted, you just have to try it and see. I agree that the MPTCP project that @Alex Atkin UK shared may be a good fit for you, it just needs you to rent a VPS instead of paying for a standard VPN service.
  3. This is literally what I said to do: You may see downtime of up to a minute depending on how quickly the router realizes the connection has dropped and starts reconnecting.
  4. You may or may not have “every apartment on the same IP” as it varies by provider. There are many small providers that service only the MDU market and don’t operate like the big traditional ISPs, most importantly they probably don’t have enough public IPs for every apartment. If you’re getting a private IP (10.x.x.x, 172.16.x.x - 172.24.x.x, 192.168.x.x) or CGNAT IP (100.64.x.x - 100.127.x.x) then your ISP is sharing public IPs between multiple users. If you aren’t sure, you can share the first half of the IP you are actually getting. What may be more important in a DOS/DDOS attack
  5. Since this is newand was included with the house (I’m assuming Lennar) I recommend contacting Lennar and/or Ruckus to RMA that. Ruckus equipment has a limited lifetime warranty, basically covers anything other than lightning or water damage. What’s happened is it has lost its firmware files, both primary and secondary, which are basically the operating system. But the bootloader seems fine. Nothing the ISP tech did would have been able to cause this. I remember seeing a note in a firmware release that certain versions can cause this type of corruption.
  6. The only way I see to do this is to have something, either your router or a server, maintain a constant VPN connection to elsewhere, and route all traffic through the VPN connection. The VPN should reconnect if the ISP its using goes down, and the outside applications will only see the public IP of whatever you’ve VPN’d to. If you actually want to try to use the additional bandwidth of the other ISPs while they are up, then you’ll need to either pay for a service or do a lot of custom work to enable this. Basically both ends have to be constantly monitoring all three possible conne
  7. Do a ping test to 8.8.8.8 and 1.1.1.1 - this will essentially tell you how close the nearest datacenter is. But the distance, and number of routing hops, can be drastically different between DSL and Cable at the same location which may be more impactful than any inherent difference.
  8. The other way not discussed so far is that DSL can sometimes have better latency. But I haven’t seen a rigorous testing of this in a long time (over a decade) and the phone companies aren’t even claiming it any more, so maybe that advantage is gone now.
  9. Very few VPN services give you a static IP reserved just for you and allow port forwarding back to your network. Sure they exist, but they aren’t going to be the regular cheap kinds which are set up for a completely different use case. Depending on what your IsP charges for a static IP, it may be cheaper to rent a VPS (virtual private server - basically a VM in the cloud). You can get them as low as $5/month including a public IP. Then you can make a site-to-site VPN connection to the VPS, and set up routing and port forwarding to your home network and servers. Note that you’ll hav
  10. If you want to have your own domain, and point that at some place, then yes you need to have some DNS server somewhere be “authoritative” for your domain, meaning it is the one true source of information. And again, frequently there will be two-four. This can be provided by the company you buy the domain from, or it can be someone else, or you can even host it yourself. The reason to host local DNS for your internal clients to use for lookups is either because you want to have internal/private domain names (servers within a company or a house), you want to filter the DNS responses,
  11. There are definitely people that will love to talk to you about these on the Ubiquiti (unofficial) Discord: https://discord.gg/ui Other than that, I recommend searching on eBay, and specifically choose the "Sold Listings" option. The UAS-XG used is going for $1000-$1200, I purchased one for about $950 last year.
  12. 1. Yes, except instead of having to mirror a switch port for it to see traffic, it will see the traffic of the router interfaces you choose to monitor. 2. AFAIK there is no limit to the rules, but there may be limitations of what can be done from the UI 3. You could find exploit example code and run it, to try to hack yourself? A distro like Kali Linux might help here. E.g. go to a friend’s house and try to run exploits against a server you’ve made a port forward to (Kali -> PFSense -> Server) In general many people prefer Suricata because it has better performance,
  13. If you only have one DNS and it goes down, then the computers using it are effectively offline completely. So inside a private network you should always run two DNS servers - and if Active Directory or similar is being used, you want more than one domain server anyway, because like backups “two is one and one is none”. Outside of a private network, or even for some very large companies, a specific DNS IP, like 8.8.8.8 for Google, doesn’t actually go to a single server but rather to dozens or hundreds or thousands of servers across the globe, using a method called Anycast. This is p
  14. The tone/meaning of this question is unclear. Was this a rhetorical question, presented from the perspective of a noob, as an inside joke for people who know the answer? Or is this a serious question that you are asking as a noob?
  15. A proper ethernet cable has 4 pairs of wires, but for 100Mb (plenty for even a 4K camera) you only use 2 pairs. So there are splitters/combiners that let you use the 4 pairs in the cable for two devices. This also requires using “Mode A” which puts power onto the same pairs as the data, instead of “Mode B” which uses the spare pairs in the ethernet cable.
×