• Network

    From Spectre@21:3/101 to Anyone on Friday, May 27, 2022 04:18:00
    I think its getting near time to rebuild my network here... I have a variety
    of "units" mostly switches/routers that would suit rack mount but they don't have anywhere near the width for a regular rack nor do I have one.

    Thinking about putting together a timber frame to mount this stuff in,
    probably take Wifi duties off the current router and some of the switch
    duties off it too. The present router has always been underwhelming, the ISP supplied TP-LINK, I think when loaded it gets bogged down.

    Not sure you can still get standalone Access Points, at least I haven't seen one in a long time, and as usual won't want to be forking a lot of money out for it... Or perhaps just a better router full stop. Shrug...

    I'm going to need to decide what to do with my linux box too.. I'm inclined
    not to mess with it, but it won't compile fail2ban... and that would be nice
    to add without having to add even more latency in running it on a system in
    the middle. I s'pose I could turn the router into a dummy, and just run a complete linux firewall instead, but I'm not sure my skill set still covers that particularly well. And it'll have to be handled CLI... no gui on any
    linux systems here. :)

    Spec


    *** THE READER V4.50 [freeware]
    --- SuperBBS v1.17-3 (Eval)
    * Origin: The future's uncertain, the end is always near. (21:3/101)
  • From Atreyu@21:1/176 to Spectre on Thursday, May 26, 2022 15:34:42
    On 27 May 22 04:18:00, Spectre said the following to Anyone:

    I think its getting near time to rebuild my network here... I have a variety of "units" mostly switches/routers that would suit rack mount but they don't have anywhere near the width for a regular rack nor do I have one.

    At my tiny apartment, its:

    - 3 x older Aruba IAP meshing access points but perfect for home use.
    - Connected to a Cisco 24 port gig POE switch.
    - All LAN connections into a passthru Cat6 patch panel.
    - Two HP DL360/380 rack Vmware servers running a handful of VM's.
    - One VM is Pfsense, easily replaced the ISP-supplied gateway appliance.
    - APC managed rack UPS with upgraded batteries and sensor-board.
    - Middle Atlantic PDU for non-UPS power, wall-worts, odds & ends etc.
    - AC Infintiy Cloudplate 2U/3U intake and exhaust units.
    - Upgraded fiber gateway wiring, misc. cable management.
    - IBM R51 runs all BBS, Fido stuff, dialup modem access.
    - Tablo OTA PVR, various external USB drives for movies/tv/music storage.
    - 16U rack cabinet from a chop-shop bargain sale in Montreal.

    Had this for the past several years, more or less. Some of it for longer.

    Atreyu

    --- Renegade vY2Ka2
    * Origin: Joey, do you like movies about gladiators? (21:1/176)
  • From deon@21:2/116 to Spectre on Friday, May 27, 2022 12:56:48
    Re: Network
    By: Spectre to Anyone on Fri May 27 2022 04:18 am

    Not sure you can still get standalone Access Points, at least I haven't seen one in a long time, and as usual won't want to be forking a lot of
    money out for it... Or perhaps just a better router full stop. Shrug...


    So I'm a bit of a Mikcrotik fan - having switched out from running opnsense/pfsense, etc... They are not that user friendly, but once you get your head around the UI (web or cli if you want), it's a set once and forget.

    I used to use the Hex S as my main router (plugged straight into the NTD) but it doesnt have wireless (I used to use the ORBIs for that) - but I sold the ORBIs and bought a RB4011. It's a bit expensive (but way more functional than the ORBI it replaced), but a smaller unit may be the HAP AC2 and/or CAP XL ac (which I think can be that standalone access point).

    Never been a fan of ISP supplied devices - they are normally pretty crappy and limited...


    ...δεσ∩
    --- SBBSecho 3.15-Linux
    * Origin: I'm playing with ANSI+videotex - wanna play too? (21:2/116)
  • From 2twisty@21:3/166 to Spectre on Friday, May 27, 2022 09:41:13
    Thinking about putting together a timber frame to mount this stuff in,

    I did that years ago. Got some metal rack bits so I would have the proper spacing, and tied them together with 2x4s. Made a 21U open rck for about $50. Got the rack bits from PartsExpress.com.


    Not sure you can still get standalone Access Points, at least I haven't
    Ubiquiti. You will have to install the Unifi Controller on a Windows machine, but you only require it for configuration of the APs, or if you're going to do stuff like RADIUS authentication. Once they are configured, you can shut down the UniFi controller software and only use it when you need to upgrade firmware or change settings.

    Nice thing about UniFi is that it's *almost* enterprise-grade gear but you OWN it...No recurring fees like with Cisco, HP, etc. Been using UniFi APs for years and they are great. Give them a look at https://ui.com/wi-fi

    --- Mystic BBS v1.12 A47 2021/12/24 (Linux/64)
    * Origin: The Ratrace Losers (21:3/166)
  • From 2twisty@21:3/166 to deon on Friday, May 27, 2022 09:46:59
    So I'm a bit of a Mikcrotik fan - having switched out from running opnsense/pfsense, etc... They are not that user friendly, but once you
    get your head around the UI (web or cli if you want), it's a set once
    and forget.

    I tried for a month to figure out RouterOS. Failed. Another tech who is way more experienced in Cisco, etc tried and failed.

    Luckily we were really only using them as switches, so we loaded SwitchOS and were able to do what we wanted.

    In short, we found RouterOS to be TOO complicated and SwitchOS to be UNDER complicated. Because of this, the company eventually gave up and replaced them with HP switches that people could more easily configure.

    I WISH I could understand RouterOS, since MikroTik has some very interesting alternatives to conventional enterprise gear at a WAY WAY lower cost.

    --- Mystic BBS v1.12 A47 2021/12/24 (Linux/64)
    * Origin: The Ratrace Losers (21:3/166)
  • From Arelor@21:2/138 to 2twisty on Friday, May 27, 2022 13:42:39
    Re: Re: Network
    By: 2twisty to deon on Fri May 27 2022 09:46 am

    I tried for a month to figure out RouterOS. Failed. Another tech who is wa more experienced in Cisco, etc tried and failed.


    What were you trying to do with those RouterOSes?

    RouterOS is not intuitive but in my opinion it is far from complex. It feels like more of a middle ground, specially if you use their web interfaces (which admitedly I don't use).

    --
    gopher://gopher.richardfalken.com/1/richardfalken
    --- SBBSecho 3.15-Linux
    * Origin: Palantir * palantirbbs.ddns.net * Pensacola, FL * (21:2/138)
  • From deon@21:2/116 to 2twisty on Saturday, May 28, 2022 09:56:43
    Re: Re: Network
    By: 2twisty to deon on Fri May 27 2022 09:46 am

    Howdy,

    I tried for a month to figure out RouterOS. Failed. Another tech who is way more experienced in Cisco, etc tried and failed.

    Out of curiousity, what where you trying to configure?

    I WISH I could understand RouterOS, since MikroTik has some very interesting alternatives to conventional enterprise gear at a WAY WAY lower cost.
    I have an RB4011 that hooks up to my NTD, and provides wifi at one end of my house, as well as the ethernet to my equipment.

    At the other end of the house I have a CAP, which is powered by the RB4011. I dont do anything on the CAP, it gets its config from the RB4011.

    I replaced the ORBIs with it - I did like the ORBIs because I could roam the house without wifi issues (and a single SID), but now I can do that and more.

    As a home "router", it's feature set is way better than what an ISP provides (and I think in most cases at a lower cost), but yeah its too complicated. Hmm... if I was younger and energetic, I'd make a business opportunity out of it.


    ...δεσ∩
    --- SBBSecho 3.15-Linux
    * Origin: I'm playing with ANSI+videotex - wanna play too? (21:2/116)
  • From 2twisty@21:3/166 to Arelor on Tuesday, May 31, 2022 09:58:31
    What were you trying to do with those RouterOSes?

    We were going to use one of them as a core router since we wanted 10GB core. I am not great with routing, but the other guy that spent a month trrying to figure it out is a Cisco/HP whiz....so who knows why he failed to get it to work. Eventually, management was tired of the delay and told him to buy the HP switches.

    Unfortunately, management was so turned off by the lack of results (and lack of support from MikroTik, that was a complete shit-show), that they even replaced the units that were just acting as switches as well, despite the fact that in that role, they were working fine.

    To my knowledge, they still have 3 of those 10GB units sitting on the shelf because they could not get anyone to buy them on eBay.

    --- Mystic BBS v1.12 A47 2021/12/24 (Linux/64)
    * Origin: The Ratrace Losers (21:3/166)
  • From Warpslide@21:3/110.2 to Atreyu on Thursday, June 02, 2022 17:06:37
    *** Quoting Atreyu from a message to Spectre ***

    - Tablo OTA PVR, various external USB drives for movies/tv/music
    storage.

    We have one of those as well. It's amazing how hot the damn thing gets, but it works really well. We get about 29 stations after filtering out the religious ones, though FOX29 & CITYTV seems to cut out more than the other stations do.

    We have a stacked antenna, one pointing towards Buffalo and the other
    pointing to Toronto.


    Jay

    ... WARNING! Removal of this tagline prohibited by law!

    --- Telegard v3.09.g2-sp4/mL
    * Origin: Northern Realms/TG ∞ tg.nrbbs.net ∞ Binbrook, ON (21:3/110.2)
  • From Warpslide@21:3/110.2 to 2twisty on Thursday, June 02, 2022 17:26:49
    *** Quoting 2twisty from a message to deon ***

    So I'm a bit of a Mikcrotik fan - having switched out from running opnsense/pfsense, etc... They are not that user friendly

    I tried for a month to figure out RouterOS. Failed. Another tech
    who is way more experienced in Cisco, etc tried and failed.

    I recently started a new job and inherited 9 locations all using
    RouterBOARDS (1100AHx2) with RouterOS (none up to date) on them as the main connection to the internet and all VPN'ed together. Never touched MikroTik gear before and Deon is right, it is NOT user friendly.

    I've been poking around at these for a couple of weeks trying to wrap my head around them, luckily I've found the "Safe Mode" button so haven't gotten into trouble yet.

    In short, we found RouterOS to be TOO complicated and SwitchOS to be
    UNDER complicated. Because of this, the company eventually gave up
    and replaced them withHP switches that people could more easily
    configure.

    This is probably the direction we'll go as well. We're getting quotes from various vendors, but it seems nobody has anything in stock at the moment, so we'll probably be stuck with these for the next little while. Thankfully it appears firmware updates for these seem to be pretty easy (all of these are still on old versions of v6).


    Jay

    ... Whosoever diggeth a pit shall falleth therein

    --- Telegard v3.09.g2-sp4/mL
    * Origin: Northern Realms/TG ∞ tg.nrbbs.net ∞ Binbrook, ON (21:3/110.2)
  • From deon@21:2/116 to Warpslide on Friday, June 03, 2022 15:09:30
    Re: Re: Network
    By: Warpslide to 2twisty on Thu Jun 02 2022 05:26 pm

    This is probably the direction we'll go as well. We're getting quotes from various vendors, but it seems nobody has anything in stock at the
    moment, so we'll probably be stuck with these for the next little while. Thankfully it appears firmware updates for these seem to be pretty
    easy (all of these are still on old versions of v6).

    So I can confirm that firmware update are in fact super easy. Going up or down...

    I loaded the latest 7.2.1 on my RB4011 - but it kept rebooting every ~4 hrs or so. I eventually reverted it back to 7.1.2 and now on 7.1.5 (so the problem is with the 7.2.x series).

    MK support were pretty good, and actually want me to test a new firmware to see if it addresses the problem - but I havent done it.

    I also just found https://github.com/herrbischoff/country-ip-blocks, so wrote a little tool to enable specific countries to connect to my network, and de-duplicate/merge the network addresses - so instead of loading 63,000 or so IPv4 cidr's it de-dupes down to about 48000. I'm about to enhance my tool to do the same for IPv6..

    The router performs pretty well, (although it is a home network, so its not that busy I guess). My telnet and smtp probes have dropped to almost nothing... :)


    ...δεσ∩
    --- SBBSecho 3.15-Linux
    * Origin: I'm playing with ANSI+videotex - wanna play too? (21:2/116)