/net/ - Networking General

>>57600617

>shills and shitposters
>fags

/g/

>>57600617
i just making home firewall with OpenBSD with my old netbook, and seeder with FreeNAS.

Any good mini computer board recommendation ? *please don't ARM*

I've been wanting to do networking/system admin shit for a while, any good starting places? ie books

>>57600662
Get something like this desu

>https://www.amazon.com/ZOTAC-Quad-Core-Graphics-Barebones-ZBOX-CI323NANO-U/dp/B0179S50UU/ref=lp_13896591011_1_8?s=pc&ie=UTF8&qid=1479655105&sr=1-8

I use LXC for running multiple things. I think jails should work well too

>>57600678
I learnt stuff by first getting myself a nice router and a managed switch. I had got a Mikrotik router. A friend taught me how addressing works and VLANs. I'm using CBT Nuggets torrents to learn further and just poking around on my own

File: e04cdafe.png (644KB, 766x864px) Image search: [Google]

644KB, 766x864px

>>57600772
idk why jails is more better than LXC.

>>57600678

Just google "net+ book meyers" or something to that effect. I really like that Mike Meyers guy.

>>57600843
I like the fact that LXC makes it very easy to use it together with VLANs. Also LXD has a lot of control to control things like disc IO, network throughput etc with cgroups and live migration. Tell me about jails anon. Why do you like them?

>>57600617
bump

Anyone know some good resources for configuring a j1921?

Anyone ever heard of mikrotik?
No?
Oh boy, let me tell you. Don't buy them, ever. Buy ubiquitous, buy Cisco, buy juniper, buy anything that isn't mikrotik.
> On shitting uni wifi with desktop
> Using crappy dongle
> Set up mikrotik ap to bridge wifi to Ethernet with its built in preset just for that
> Ping GitHub.com
> No route to host
I need a shitting VPN whenever I want to go to github, tried multiple resets and other ways of setting it up, don't buy mikrotik

Free bump

Where can I learn more about networking?

WAN technologies have always been a bitch to learn about. As opposed to LAN stuff which is readily available, you don't get any hands-on experience with WAN stuff unless you already work in the telecommunications industry. You can spend money on some routers, WIC cards, and cabling, but even then it'll be just some simple playground configurations that have nothing on what's going on in the real world.

File: 1475157201510.jpg (494KB, 1024x768px) Image search: [Google]

494KB, 1024x768px

somebody please motivate me to learn EIGRP
we use juniper at work (small carrier) but i still want to finish the ccna

File: apu2c4.jpg (143KB, 800x600px) Image search: [Google]

143KB, 800x600px

>>57600617
Waiting for this babe to ship.
Will use it as mail server (calling it project Hillary).
And as a file sync util, just plain SFTP though.

>>57605021
Is Juniper stuff gaining in popularity? If so, is this influenced by the Cisco exploit fiasco from earlier this year? Has Juniper a chance to outplace Cisco as the dominant supplier of networking infrastructure equipment?

Settijg up my Minecraft server took me all night but we are finally playing :p

>>57605040
What is it?

>>57605238
filename nigger
http://pcengines.ch/apu2c4.htm

File: ciena-3916-service-delivery-ethernet-dual-ac-qos-switch-cmmh110cra-170-3916-902-4bbdd1650e33e5f119b3d0ac3d67d7cf.jpg (11KB, 500x350px) Image search: [Google]

11KB, 500x350px

>>57605069
Juniper probably has just as much exploits, but JUNOS is a dream to work on. They thought the CLI through from the beginning, whereas with Cisco it started as a crutch - they were supposed to pull their config via TFTP.
JUNOS also has a lot of nice stuff like config rollback (up to 50 versions), committing and automatic rollback, configuring on a candidate config, such things. Cisco started with this with IOS XR, but from what I heard this is not stable at all and a gamble to upgrade.

Juniper is pretty much focused on ISP and Carrier stuff, I don't think they'll become No. 1. Cisco is being bought because it is Cisco, and no other supplier can trump that. Also, Juniper's support is pretty weird.

I've seen Ciena getting traction the last months though. They are god-awful to configure, but relatively cheap, stable as fuck and you can really virtually assemble each component how you want it - everything is done via virtual switches. There's no community yet so you have to figure out everything yourself and their manuals are quite esoteric. We're replacing our Juniper CPEs with pic related soon, I will cry.

>>57604845
i'm taking this class right now. you should be able to see all the courseware videos + exercises without a login. covers pretty much all the common stuff (TCP/IP, routing, DHCP, DNS, etc.).

one of the professors (McKeown) and his grad student founded a company (Nicira) and sold it to VMWare for $1B a few years back.

oops, forgot link^

https://suclass.stanford.edu/courses/course-v1:Engineering+CS144+Fall2016/about

>>57604793

don't blame it just because you don't know how to use it

>>57605040
i always thought those things looked really cool

>>57604793
>le dhcp
Use brains next time

>>57604903
>WAN technologies have always been a bitch to learn about. As opposed to LAN stuff which is readily available, you don't get any hands-on experience with WAN stuff unless you already work in the telecommunications industry. You can spend money on some routers, WIC cards, and cabling, but even then it'll be just some simple playground configurations that have nothing on what's going on in the real world.

There are ways to learn about WAN tech
BGP is pretty easy https://dn42.net/Home

>>57606099
BGP is a routing protocol. What he was probably talking about is general WAN tech sitting at OSI layers 1 and 2 (i.e. where you normally have Ethernet-related stuff when dealing with LANs).

>>57600662
PC Engines Alix Board.

>>57600662
>>57605040

>>57606099

And even WANs nowadays are mostly ethernet. That statement seems very dated. The more exotic things in "WAN" today would be things like DWDM (which is likely still carrying ethernet).

The days of SONET (oc3/12/48) are pretty much over. T1/T3 is dead. The world is all ethernet now. Kind of boring and sad in a way.

>>57604793
>hating on microtik
yeah nah fuck off m8

>>57606548
So what are currently used technologies which utilize serial links on routers? Are these falling out of use?

>>57606595

Yes falling out of use. They are simply too slow.

A sync serial connection on a CIsco I believe has a max clock rate of 4 mbit ? Some may do 8 mbit. Above that you have HSSI (i.e. 45 mbit T3).

Ethernet is so cheap and so fast - if you are doing any kind of serial or TDM circuits - you are likely in a poor/rural area not well served by fiber or you have a very specific / legacy application.

The reason I said it's kind of 'sad' - at least personally - is I miss working on all the different variations of interface / circuit. It used to feel like an accomplishment when you got some SONET or Frame Relay connection working. Now you plug in whatever speed ethernet service you have and it's "yep there's link, yep I see MAC address from the far side". There's nothing to it.

>>57606548
I know that there used to be a whole clusterfuck of WAN shit (ISDN, X.25, T1, T3, E1, BRI, PRI, ATM, Frame Relay, etc. etc.) which all involved different serial interface cards, cabling, transceivers, DTE/DCE, CSU/DSU, and a whole bunch of other outlandish stuff you have never even seen unless you worked in telecommunications. It was really confusing to make sense of all this.

>>57604793
My home router/firewall is Mikrotik and I have an AP too. The AP is not very easy to configure with a management VLAN and an another VLAN for access. But the home router/firewall is insanely easy once you get then hold of it. The cost per device is excellent as well, especially for folks in the APAC region.

>>57605651
Sounds Nice. Will enroll myself as well

>>57605310
>JUNOS also has a lot of nice stuff like config rollback (up to 50 versions), committing and automatic rollback, configuring on a candidate config, such things
I've never used a Juniper device but I hope I do exactly for this reason

>>57606099
>https://dn42.net/Home
That looks seriously nice. Will explore more later. Thanks

>>57606653
>I miss working on all the different variations of interface / circuit.
I guess the very thing that you're missing is precisely what is so confusing for >>57606695.

So what is being used on routes now in place of serial WIC cards? Just 10 gigabit fiber/copper interfaces? Are multiple such interfaces routinely bonded to achieve even higher-speed links?

>>57606821
>So what is being used on routes now in place of serial WIC cards? Just 10 gigabit fiber/copper interfaces? Are multiple such interfaces routinely bonded to achieve even higher-speed links?
Not him but isn't there 100g today used for things like peering?

File: 1472165249202.jpg (140KB, 723x621px) Image search: [Google]

140KB, 723x621px

Can anyone suggest some web pages that I can frequent to keep learning about networking? Not necessarily sites to take courses (I am currently in school), but rather sites that are kind of dedicated to the topic. Thanks!

I guess I'm making a 'IOT' device per request of a relative. The ESP01 (ESP8266) is pretty awesome.

I'm just wondering if I'm being stupid for thinking I should be doing partially all my programming on it. It's a very good CPU and storage isn't a big deal. It's also supposed to be a very small device so the size is advantageous. I can't use something like an arduino, except maybe some of the smallest iterations.

>>57607574
I follow ServeTheHome, Packet Pushers and my friend's blog at anuragbhatia.com

>>57607700
Sounds cool anon. Will there be any kind of networking on it? I think IPv6 addressing will help a lot when IOT devices start popping up

File: 2.jpg (62KB, 700x525px) Image search: [Google]

62KB, 700x525px

>>57607751
Yes he ESP01 is a WiFi module. I intend to connect to a home network and provide interfacing data and some control features. It's not a big project. Not planning to have any real production it's just a personal request. But with the price of these things and the expense of IOT generally if I get it feature filled enough I might.
This was ~2$. Not bunk price. So if I could get away with this and some powersupply module I'd have a very easy time making an attractive price.

>>57607820
Noice. I'd isolate it with VLANs as far as possible.

All these commercial plug and play IOT devices being put into production without any regard to security has me worried.

>>57607869
Yeah. Security would be secondary for something like this though. Just not something the consumer is concerned about.

>>57605626
>i'm taking this class right now. you should be able to see all the courseware videos + exercises without a login.
>without a login
Not the case

Are Gigabit Ethernet speed starting to be a bottleneck for home users? I mean it's pretty common now for home server users to have several TB of data. Doing an incremental/differential backup job doesn't take much time however what say when your server fails and you have to do a full restore of 8TB+ of data? Your looking at several days then. Some say so what better several days than several years to restore from source copy (DVD/CD/Blueray/torrent site,etc) That is even if you can restore it, torrents die and discs get damaged. But say you have 20TB, do you really have time to watch it restore unattended without risk of something fucking up?

>>57606653
What about MPLS?

>>57608242
click on "Explore course," then "Courseware"

>>57608461
Some OEMs make 10 Gbit routers with WiGig.

I know this is probably for naught, but does anyone have a *full* PDF of Cisco's Introduction to Networking Companion Guide?

>>57608461
I personally do link aggregation. Run trunk over that. Most heavy traffic is on L2 since I've put most things in the same VLAN so routing capacity of around 700 Mbps is adequate.

>>57610968
I'd like this too

>>57610968
>>57611357
try here, it's where pajeet and ranjid exchange their cisco files
http://certcollection.org/forum/forum/3-cisco-shares/

>>57611630
>You've exceeded the maximum number of pages views (3) you can open as a guest. To remove this message and become a member please register a free account or login. It will only take a few moments and you'll be able to view board normally.
lol
It does have good content tho

File: 1409018717671.jpg (4MB, 4800x6912px) Image search: [Google]

4MB, 4800x6912px

How do I make network maps like this but without the weeaboo shit?

>>57611724
just register to a throwaway

>>57611759
Visio

or try https://www.draw.io/

File: Crossover1.jpg (64KB, 400x300px) Image search: [Google]

64KB, 400x300px

I need only one crossover adapter to turn a regular ethernet cable into a crossover right?

Are there any wireless adapters for Windows that allows you to freely change the Mac address?

>>57611886
Yeah but nowadays you shouldn't need them at all - look into Auto-MDI(X). It's mandatory for Gigabit.

>>57611986
Will it negotiate if the host is 100/10?

Clients are all Gigabit

>>57612029
Depends on if the 100/10 host will negotiate

>>57606451
The Alix boards are a bit outdated now, might as well get the APU2 boards.

>>57611759
I found this easy to use and it's free...
https://www.yworks.com/products/yed

>>57600617
bump

>>57604793
but, in my country, mikrotik is very cheap and very useful.
im using RB450.

I really wish I had a managed 16p gigabit switch so I could do some learning with VLANs and junk.

File: En3b_DKA1bA.jpg (254KB, 1200x1800px) Image search: [Google]

254KB, 1200x1800px

what do you guys use to emulate networks?

I tried gns3 with dynamips but emulating a switch with a router is kinda hacky desu

>>57601380
because, there is a lot interesting tools made for jails and lots kernel tunables. like ezjail.

>>57615197
just making little network example.

>>57615197
I run Cisco VMs on ESXi since they are pretty comfy

>>57611357
>I personally do link aggregation. Run trunk over that.
So... first you run one logical connection over several physical ones, and then change that single logical connection for multiple ones (trunk)? Doesn't that kinda return you to where you were in the first place in terms of performance?

>>57611886
>Crossover Wiring Guide
>568-B

The caption is bullshit. Obviously a crossover cable is neither strictly 568-A nor strictly 568-B, as it has one type of wiring on one side and the other on the other side.

friendly bump

Where can one find a VOIP provider for their home server setup? I have the software but I don't know which providers to go with.

>>57617115
Look at FreePBX and Asterisk. I have PBX in a flash setup on my VPS and that communicates with some soft phones

>>57617115
>>57617609
Oh VOIP provider? I personally use Flowroute. It doesn't proxy SIP traffic through their servers so helps with latency if you aren't in the US

Hey /net/

Any season Security or sysadmins here?

What are some good practices for securing edge devices? And whats the best practice for exposing services over DMZ?

>>57617750
Deny input, forwards unless needed. I use NAT a lot and do destination NAT(also called as port forwarding). Use some kind of tunneling like OpenVPN as much as possible

>>57608461
I don't think 1Gbps is a bottleneck for regular, day to day home use. Also, what are you assuming the restore is done from? Are you working from the assumption that each home user has a normal server and a specialized backup-only machine and would restore from that? If anything, home server restores would be more likely to be done from something like external drives.

>>57617627
>Flowroute
Thanks. In order to make an account you have to give them a phone # --- is there a way around this? I want to get a phone number with them; I don't have one.

>>57615187
>>57615187
look into vIOS or Packet Tracer

>>57617952
>tfw 10G internet connection at work bc we're an ISP
I believe somebody actually hid a seedbox in the office

>>57615335
Yes you are restricted to 1 gbps per connection but you just have to make sure that there is no choking when 2/3 users try to push packets. Routing between VLANs is capped at 700 Mbps anyways
Only way around it is either 10g(which is expensive) or MPIO if you are using something like iSCSI

>>57615187
Managed gig switches are not very expensive. I think there is a TP-link one for 20$ on Amazon too

>>57618006
>>bc we're an ISP
What are the upload/download ratios you are seeing? Do you run BGP? Are you peering? Which region and is it wireless?

>>57617986
I got mine from them

>>57618088
we're a business ISP and carrier, so the ratio differs wildly - some customers put servers at their end and have a high upload, some are just doctors whose assistants idle on facebook and have mostly 4-10 mbit.
we run BGP at the edge and peer with about 15 other ISPs at the DE-CIX. there's another *-CIX being built right now and we're part of it.
Bavaria, no wireless - we got a 10G ethernet backbone and a shitton of fibres into every building in the city because it's the business of our parent company to dig up streets and put pipes and cables in them.

>>57618220
Very nice. Do you do PON or AE for the fiber connectivity? Allowing running servers can be challenging as there is good chance of getting DDOSed. I've seen cases of 100 Gbps DDOS on IPs being announced by an ISP recently because of something similar. I think they had to run a GRE tunnel to a DDOS filtering service and announce IPs there or something. Good idea to have at least one upstream with DDOS protection from transit provider. Very good thing that you are peering

If you can can you tell me your ASN. I'd like to know more about your network since I'm planning to start a small ISP as well

>>57606653
So you mean that DSL, ISDN, T1/T3, SONET, X.25, Frame Relay, ATM etc. are all dead now? If so, what is the significance of MPLS?

I have recently started working with a Mikrotik router for a small ISP and will be setting up a HTTP cache server with Squid.

Any other advices/techniques to save up bandwidth and increase overall net speed

>>57618398
MPLS is still being used in my country by telecos rather than a pure IP network to run things like 2G. Also a lot of enterprise customers need MPLS

>>57606695
The thing is that all that WAN stuff isn't really so much IT or computer science but just telecommunications. An electrical engineer will probably know much more about that than the average CS graduate, or even someone who has just an A+ cert.

File: 1448394494027.jpg (57KB, 700x524px) Image search: [Google]

57KB, 700x524px

>>57618354
AE. Allowing servers is part of our business, after all we have two data centers too. Also, it is the only way to make money as a small ISP - the 20 bucks a month that private customers expect for top-tier service will never get the money back you spent just from managing their account.

I don't think my employer would appreciate their ASN being advertised on a cambodian cartoon exchange, sorry.
Also I'm just the resident Junior and don't know nearly as much as I pretend to. Best of luck though to your ISP!

>>57618398
We actually still got ISDN, E1 (european equivalent to T1), Sonet as legacy circuits as we do telephony too. But it's another department, I don't know jack shit about it - see >>57618443. We got one elderly guy who knows this stuff and when he dies, we won't know what to do with it.
We abuse MPLS labels as third VLAN Tag in situations where we need to connect a far-away customer to our data center and the intermediate carrier (aka the big pink T) is already doing Dot1Q tunnelling - our Junipers would start shutting down q-in-q access ports that receive L2TP frames because it would need to translate the dest mac addresses again and then they get scared.

>>57618425
maximum MTU

>Not welcome
>>shills and shitposters
>>fags
Wrong board nigga

>>57618425
HTTP caching servers are a bad idea. Ask Google for GGC or peer with them. Peer with as many providers you can. Very little value to HTTP caching servers these days

>>57618643
Sounds nice. Thanks Kraut bro.

>I don't think my employer would appreciate their ASN being advertised on a cambodian cartoon exchange
I understand

>>57611886
The only thing I've needed a crossover cable for was a ancient Siemens Gigabit VOIP phone that only supports 10mbit half duplex (seriously). Everything supports autonegotiation, all 100mbit cards I've encountered supported it.

>>57618088
Yes but they require a telephone to make an account. I do not have a telephone; that's why I want an account.

>>57600617
May I rage about wireless devices (looking at you, Android)?

If you setup a wireless network with multiple APs wigh the same SSID and password then it should be possible to roam between them. Android is specially sticky. If you have a really weak signal and data isn't even being transmitted because it's so bad and you're next to an AP with a strong clear signal then switch to that one!!!?!

Wireless wiyh more than one AP is such a mess. Theory is that it should work but in reality it's a mess.

>>57619828
>All this autism and still forgot to put the question mark inside of the brackets

>>57605040
>Firmware: coreboot
Living the tinfoil dream

>>57619828
Works for me™. Maybe a controller based WiFi solution could help?

>>57619440
Ah. Maybe try contact them or use a relatives phone or something to make your account. It isn't used for anything if I remember properly

>>57608461
Yes and no. My Gigabit always maxes out when copying big files around, it's a real bottleneck in that sense. Do I care if it takes a minute more to copy some 10GB file from one box to another? Not really, it's not like I do that all day long.

Anyone who could suggest me a place to start? I'm mainly interested in home servers.

>>57619897
It doesn't belong into the brackets. Not even in retarded American punctuation where a comma goes into the quotation marks even if it has nothing to do with what is being quoted.

>>57618643
>maximum MTU
How about jumbo frames?

I'm a TA for an undergrad networking course, any cool ideas for an in-class demo?

>>57620142
Integrate IPS/IDS in a way that can manage high throughput and redundancy at the same time while maintaining the lowest possible latency within the network and minimal packet loss.
HINT: it's all about layering

>>57620073
Use LXC for multiple containers on Linux. Bridge eth0 to br0 and connect br0 to LXC. Then you have have loads of mini servers on a single box with IP configured by your routers DHCP server
For host choose any old system. You can even run stuff on ARM. I have a dual CPU Xeon and 48 GB RAM to run ZFSonLinux and IP cam transcoding/saving and Plex. But any cheapo 100$ x86 mini systems should suffice. Depends on requirement really

How to set the directory for SFTP on debian

>>57620303
how is babby formed

no but seriously you're gonna have to be more specific, you mean like a chroot?

>>57620250
Unfortunately I only have about 15/20 minutes to cram it all in. So let's tone it down

>>57620303
https://devtidbits.com/2011/06/29/implement-a-sftp-service-for-ubuntudebian-with-a-chrooted-isolated-file-directory/

So easy with these instructions

I've done some light networking, but mostly just technician work. Does anyone know where I can get a better understanding of things like VDI, etc?

>>57621200
I got a VMware Workstation for desktop key which normally costs like 200$ for like 3-4$ on Alphabay. For virtualising on a spare system look at Proxmox. It is free, open source and is packed with features. I think ESXI also has a free option. Xen and the solution by Redhat(don't remember the name) is also nice

>>57621287
Thanks! I already have VMware experience from previous job contracts. I'll look into Proxmox for my spare machines and mess around.

>>57608461
>Are Gigabit Ethernet speed starting to be a bottleneck for home users?
Yes, I have a Catalyst 3750E and have the 10GbE ports connected to my ESXi box for inter-VLAN routing

>>57621287
>I got a VMware Workstation for desktop key which normally costs like 200$ for like 3-4$ on Alphabay.
You do realize there is a keygen for it?

> I think ESXI also has a free option.
And keygens for ESXi and vCenter

>>57621287
>>57621347
here are the keygens you fags
https://my.mixtape.moe/flfpgc.zip

>>57621421
nice malware faggot

>>57621421
I too collect malware. Didn't have this one yet, thanks.

>>57621421
>>57621389
Ehhh.. Enjoy your malware my internet friends

File: 1.jpg (632KB, 786x1024px) Image search: [Google]

632KB, 786x1024px

I'm looking at building a home server for streaming media and storage.
Planning to run FreeNAS on it, I've only ever built desktops, are these good parts for a server?

http://pcpartpicker.com/user/cregg/saved/d7YgsY

>>57622094
You'll need ECC memory for ZFS if you don't like your data getting corrupted. Make sure CPU/motherboard supports it as well.
Use mirrored USB for install. Some USB sticks don't support BSD so Google before you buy. You can use SSD for read cache if you like but not really needed and you can add it in later afaik.

Get the best power supply you can afford. I highly recommend Seasonic.

Also I've bad terrible luck with Seagates. Spend a little more and get a WD Red drive. I use WD Greens with changed firmware/changed timeout value for CRC error in my HBA but I don't recommend you go down that route. Also look at the guides on FreeNAS forums. Incredibly helpful.

>>57622355
>memeFS
Hang yourself

>>57622355
>>57622392
yeah why does everyone keep recommending ZFS

it's for datacenters

>>57622420
No it's a shit file system overall that uses too much power and causes excessive writes over its operation. Self-healing files are a meme that isn't an issue for 99.9% of the time and don't actually work as intended.

>>57622420
>>57622392
Is there a point to not using it? What would be better?

>>57622355
I think the RAM was ECC, I'll double check and redo some of it, thanks for the thorough answer

>>57622420
>>57622392
Because snapshots, hash collision checking to make your data isn't corrupt, fast, very very reliable and mature, excellent inbuilt volume manager, easy way to setup read/write cache, completely open source and free. There is no real alternative to it really.
The only real alternative to it for software RAID is Btrfs and it has problems like this. >https://phoronix.com/scan.php?page=news_item&px=Btrfs-RAID-56-Is-Bad

File: 1434802891304.jpg (27KB, 638x693px) Image search: [Google]

27KB, 638x693px

I have 3 ESXI clients on a LAN with a Windows 2012 R2 Server and they're in the correct subnet (static addresses) and the ESXI clients can't ping the Windows Server even though they're on the same LAN.

ICMP traffic is disabled natively through the windows firewall so I put a rule in to enable it.

Network discovery is on, the NICs on all PCs work properly.

>tl;dr No clue why my ESXI Clients can't communicate with my Windows 2012 Server even when on the same LAN.

>>57622580
check arp table for an entry. maybe add static route through the gw if it isn't there

File: Screen Shot 2016-11-21 at 5.20.17 PM.png (951KB, 3360x2100px) Image search: [Google]

951KB, 3360x2100px

>>57621588
>>57621550
>>57621520
>I'm too retarded to run keygens in VMs
pic related, they work fagets

>>57622650
Thanks, I'll give this a shot.

(It's not just ICMP traffic that doesn't reach the server or so forth, I can't SSH to the Server either, I can't do anything with it.)

>>57622531
>There is no real alternative to it really.
HAMMER2, some day.

>>57605069
As a Networking team member at a global Corporation we refuse to move to Juniper because of the tangle it would be to switch all services over, our contract with Cisco just keeps renewing and we buy buy buy.

>>57622355
Spindle speed important for server hard drives?
I hate slow writes on my desktops but idk how server will handle it

>>57622874
Generally 5400 rpm drives are better than 7200 rpm for a NAS. Lower power usage, quiter, less heat generation, lower cost.
The WD Red drives are perfect. Get them.

>>57623014
Got it.
Thanks anon

File: 2011 Thailand Floods, RIP HDD PRODUCTION.jpg (43KB, 600x450px) Image search: [Google]

43KB, 600x450px

>>57622874
>>57623024
Honestly 5400 RPM is enough, 7200 RPM drives were mass-produced before the Thailand floods. The floods disintegrated the production market so get whichever is cheapest.

>>57622661
Fuqin nice! Ignore the other faggets VMWare has always been smooth.

>>57623262
>tfw hdds would be at most half as expensive if not for the fucking floods

>>57622874
Professional SCSI/SAS drives are 10k/15k RPM, if that's a hint.

>>57623376
But they aren't used for a NAS. Different drives for different applications.

>>57623413
It depends on what you're doing with the NAS and if you need the IOPS. If you're using as it a NFS datastore for a vSphere cluster then you want 15k RPM disks because IOPS are important.

>>57623451
True. But I doubt he's going for that kind of setup.

>>57600678
Get your CCNA certification. It's difficult, but it's worth it.

What do I need more to upgrade a home network in a 10+ computer household?
>more capable 10-G router+backbone
>second NAS with a newly segmented network
>media server for streaming movies to reduce NAS workload
>UTM gateway server with proxy functions built in
>get rid of all the computers and replace them with tablets, cloudbooks, and a giant server to run 10 instances of Citrix Xen off of

>>57623662
What is connecting at 10G?

>>57623780
I was thinking of splitting the network into two or three VLANs and using a router on a stick method, but with a 10G interface for the trunk ports.

>>57623998
again, what is connected to the 10g ports

>>57624056
A router on one end and a switch on the other. It may include another switch with a 10G uplink.

>>57624105
Just get a layer 3 switch instead of having a discrete router

>>57624166
A layer 3 switch with 10G ports are about $300 more expensive than a layer 2 switch with a single 10G uplink. It's not like all of my computers are going to use the entire 10G bandwidth with their shitty SSDs.

>>57624186
If you dont have anything connecting to the switch at 10g besides the router, and you're doing the routing in the switch then the router and the 10g ports become pointless.

And switches with 10g ports can be had for under $200

>It's not like all of my computers are going to use the entire 10G bandwidth with their shitty SSDs.
You didnt mention this before. So again, what is connecting at 10g

>>57624312
>So again, what is connecting at 10g
Several 1G vLANs at once, like several average-sized dicks going into a massive cunt. And yes, you still benefit from a much faster bandwidth trunk port with packets from multiple vLANs passing through it at once.

>>57624186
Mikrotik has a router which can do 12 Gbps throughput for 400$
2xSFP+ and 24x 1g switch for 300$
Sounds reasonable desu. Put more stuff in the same broadcast domain unless you really need to route that much stuff. Have fun anon!

>>57624455
again, if all you're doing is intervlan routing, pretty much any 1g gig enterprise class layer 3 switch will have a fabric fast enough to do it at wire rate and the 10g ports are pointless.

>>57624490
>Mikrotik has a router which can do 12 Gbps throughput for 400$
And it is retarded because it is doing routing in software rather than hardware. You can get a old Cisco 3560G can do 32gbps for far less.

>2xSFP+ and 24x 1g switch for 300$
And a Cisco 3750E with 2x 10gig X2 ports and 48x 1g ports and 2x 64gbps stacking ring ports for around $200

Stop recommending Mikrotik shitboxes.

>>57624541
Let me ask you this, why are 1G fiber NICs more expensive than 10G SFP+ NICs?
That's the major reason why I want to switch to a 10G backbone. A fiber 1Gbps connection and SFP uplink switch will cost me about the same as buying a 10G NIC and a SFP+ port switch.

>>57624541
Used Cisco devices cost a bomb in my country. Very old EOL used FE router from Cisco costs 200$ here.
It doesn't matter if there is an ASIC or not for routing unless you really want to do line rate. Do you seriously think you can exceed 12 Gbps of bandwidth between broadcast domains?

>>57624606
>Let me ask you this, why are 1G fiber NICs more expensive than 10G SFP+ NICs?
because no one uses them anymore and they were all thrown in the trash. not that this is relevant because you dont have SFP NICs in your computers.

>That's the major reason why I want to switch to a 10G backbone.


> A fiber 1Gbps connection and SFP uplink switch will cost me about the same as buying a 10G NIC and a SFP+ port switch.
what the fuck are you even talking about? you said all your PCs were connecting at 1gig, not 10gig

>>57624608
>Used Cisco devices cost a bomb in my country.
then import them. here in the US they're cheap as shit and you're not the spurg who thinks he needs 10g ports

>Do you seriously think you can exceed 12 Gbps of bandwidth between broadcast domains?
yes

>>57624675
I want the fiber connection to be my trunk port. Nothing more. Stop being so needlessly convoluted.

>>57624675
>import them
Sadly the customs department is very restrictive. I can import through friends coming from in the US tho. I think I may look at 10G once things like cost for the NICs goes down. Too expensive right now

>>57624721
>I want the fiber connection to be my trunk port. Nothing more. Stop being so needlessly convoluted.
Again the trunk port is pointless if youre doing the routing inside the switch.

>ike cost for the NICs goes down
theyre around $30-$40 on ebay

>>57624731
see

>>57624750
>>ike cost for the NICs goes down
>theyre around $30-$40 on ebay

You don't need 10G unless you are backhauling a shit ton of ports or you are running a server cluster at home for some reason.

OR you somehow have a 1+ gbit internet pipe. In which case you are seriously lucky, and also retarded.

>muh warez
Shut the fuck up kid

>>57624765
Noice. Will definitely have a look. Cheers

>>57624750
But I'm not doing the routing inside the switch. Why are you so obsessed with that concept? I only said that I would be putting multiple vLANS inside the switch. That does not mean that I'm going to allow the switch to do the routing. I have zone-based firewalls and OpenVPN features I want to preserve through a better router.

>>57624797
Suck my nuts. I'm doing it because I want to increase the concurrent bandwidth limitations on my existing network. Something somewhere on my network is causing packet loss once eight of the computers start transferring files and doing back-ups and I suspect that it's my router. This is a perfect time to upgrade and expand the network. Again, suck my nuts.

>>57624894
>something is causing packet loss
>go to 10g instead of finding the fucking problem

fuck you are dumb. ive got 26 vlans that converge on a single 1gig link and the only congestion is simply hitting the cap when transferring large files, which isnt nearly often enough to warrant trying to look smart by wasting money on upgrading

>>57624894
>That does not mean that I'm going to allow the switch to do the routing.

>I have zone-based firewalls and OpenVPN features I want to preserve through a better router.
Thats not what a router is, and you can do layer 3 ACLs in hardware on a Cisco switch. And what the fuck are you doing with OpenVPN tunnels at 1gbit/sec on your intranet?

>Something somewhere on my network is causing packet loss once eight of the computers start transferring files and doing back-ups and I suspect that it's my router.
what is your current hardware you tard. let me guess, some single armed consumer grade shitbox

File: Screen Shot 2016-11-21 at 8.07.46 PM.png (138KB, 1176x740px) Image search: [Google]

138KB, 1176x740px

>>57624968
>you can do layer 3 ACLs in hardware on a Cisco switch.

>>57624940
Don't you fucking think I spent a better part of a month trying to figure out what was causing the packet loss? I've already ruled out the switch since it can handle all the computers in the LAN copying the same 10Gb porn folder to each other at the same time. I created two separate networks with the router attached and boom! Packet loss under the same condition between 4 pairs of computers

>>57624968
I know what a fucking router is, go and find me a layer 3 switch that can do zone-based firewall, packet filtering, supports OpenVPN, has a built in firewall+IPS, and doesn't cost over $1300 for the damn thing.

File: security-asa-5585-x-firepower-ssp-60.jpg (32KB, 720x400px) Image search: [Google]

32KB, 720x400px

>>57625016
>go and find me a layer 3 switch that can do zone-based firewall, packet filtering, supports OpenVPN, has a built in firewall+IPS
thats not what a switch or router is, and as I said Cisco switches already support layer 3 ACLs. And you clearly have no idea what hardware is even capable of. If you want a IPS at 10gig you get to buy something like a Cisco ASA 5585-X SSP-60 which costs around $150k.

>>57624968
>what is your current hardware you tard
A Supermicro C2550 motherboard, a pair of Samsung 8GB DDR3 ECC RAM, and a 64GB flash drive mounted on the motherboard. The NIC is integrated in the Avoton's SoC.
The switch is some Zyxel POS 24-port I scored for $50.

>>57625086
This is like talking to a brick wall. I'm not saying that's what a switch or a router is you fucking moron. I'm saying those are the features I'd like to PRESERVE during the upgrade. You fucking moron. Jesus fucking Christ you don't even listen.
>expecting a home IPS covering an entire LAN network
Nigga you surely jest. I have trouble breaking 100MB/s running the IPS on the WAN connections alone.

>>57625199
>The switch is some Zyxel POS 24-port I scored for $50.
If you dont even know the model number then how the fuck are we supposed to help you

>This is like talking to a brick wall.
Its not my fault you're too retarded to understand how to design a network. Run OpenVPN and whatever fucking IPS software you want in a VM, route all internet access through that VM, and do all the intervlan routing in the switch. There you go tard.

>>57625245
>If you dont even know the model number then how the fuck are we supposed to help you
Gee, I'd love to know what fucking model it is too. The serial number and name has been eroded to the dusts of history, it came without documentation, and is as dumb as the dumb switches come. It looks like this
http://www.zyxelguard.com/GS1100-24E.asp
It's not the GS1100 since this switch was made before 2008 when I bought it off a guy who had it for 6 years back in 2013.

>Run OpenVPN and whatever fucking IPS software you want in a VM, route all internet access through that VM
I don't need the VPN to go on the internet from my LAN, that VPN is for accessing files from my NAS. Stop assuming things.

>>57625421
>I don't need the VPN to go on the internet from my LAN, that VPN is for accessing files from my NAS. Stop assuming things.
Why are you running a VPN tunnel for communication between computers on your LAN? What kind of retarded configuration do you envision?

>>57625468
You know what, think before you ask stupid questions.

>studying for network+
>don't have anything to practice on
this is gonna be a doozy

how often do you people really have to subnet IRL

File: Screen Shot 2016-11-21 at 8.53.41 PM.png (1MB, 3360x2100px) Image search: [Google]

1MB, 3360x2100px

>>57625485
>i dont understand how to configure a network
>all i have are shit boxes
>plz anon decipher my giberish and spoonfeed me everything
>if you cant understand what retarded things i'm going to say i'm going to throw a tempertantrum
you still have zero reason to have a 10gig switch, but i do

>>57625567
So what if I don't need 10Gbps to all of my desktops? If I can afford a 10G NIC and a better web-managed switch with 10G ports, then why the fuck should I not. It's my fucking money.

And why the fuck hasn't it crossed your cum-addled fucking mind that I'm only using the VPN to connect to my NAS from OUTSIDE of my home network?
>b-b-but muh SFTP

>>57625512
If you do VLANs then you have to subnet, as each VLAN is a separate logical layer 2 network and you need to route between them in layer 3.

Get Packet Tracer and practice on that if you don't have appropriate hardware (even if you did I guess for starters it's better to just fuck around in a simulator).

>>57625626
>web managed
>plz anon command lines are far too complicated for my simple mind

>And why the fuck hasn't it crossed your cum-addled fucking mind that I'm only using the VPN to connect to my NAS from OUTSIDE of my home network?
because you said you didnt need this:

>>57625421
>I don't need the VPN to go on the internet

and since you do, what i said before still holds true on how this could be easily setup you tard

>>57625512
>how often do you people really have to subnet IRL
anytime you have to deal with routing

>>57625512
How do CompTIA certificates compare to the Cisco ones?

>>57625714
>anytime you have to deal with routing
Yep, route summarization is essentially subnetting in reverse (aka supernetting).

>>57625730
No one cares about CompTIA certs

>>57625714

>because you said you didnt need this:
When? I said I didn't need the VPN to use the internet from inside my home network. Nor am I using a VPN to forward connections from my home network. I'm not using it for any other purpose than to connect to the NAS from the outside world.
>i said before still holds true on how this could be easily setup you tard
Except it fucking doesn't. Why would I expose a VM to the outside world on a DMZ port? Give me a single good reason why that would be a good idea.

>>57625730
If you mean Network+ vs CCNA, the former is less deep and more general, while the latter goes deeper (with the latest objective revision some former CCNP stuff like basic BGP was added) and is focused on working with Cisco hardware. Choosing between the two, CCNA is the clear choice to make 99% of the time.

>>57625772
>I said I didn't need the VPN to use the internet from inside my home network.
And you clearly do if you want to connect from the Internet to it.

>I'm not using it for any other purpose than to connect to the NAS from the outside world.
How many times are you going to contradict yourself in a single post?

>Give me a single good reason why that would be a good idea.
So you can connect to the VPN from the Internet you tard. How the fuck would this in anyways be a bad idea.

>>57625744
Ah

>>57625774
Thank you. I'm planning to take the CCENT exam soon

>>57625512
It's easy la. Pickup a prosumer grade router like Ubiquiti EdgeRouter or Mikrotik or an old Cisco and a managed switch. A year back I didn't know what internal IPs were. Today I can setup a router with VLANs and NAT on a Raspberry Pi. Once you get tthe concepts right you can figure stuff out on any router. Haven't even taken a course. Just Googling and playing around with stuff

>>57625843
I already bought a cisco catalyst switch from eBay for like $20
I just don't have a DB9-to-8P8C cable to connect to it so it's just been sitting around collecting dust

>>57625730
2 reasons to do CompTIA certs:

1) you're a broke uneducated nigger and you need a way to get your foot in the door to the IT industry

2) you're doing IT for the government and they literally will fire you at the end of your probationary period if you don't get your Sec+

learning the net+ exam objectives first will make the CCNA a bit easier, but don't actually take the test if you have to pay for it yourself

>>57625874
There is often a reset procedure you can do to it to wipe its config and then i think you should be able to telnet in to it. What is the model?

>>57625887
if I shouldn't take the net+, should I take the CCNA or CCENT

>>57625912
catalyst 2950

Is there a threshold, either in terms of storage capacity or number of drives, that make it more practical to have a dedicated NAS instead of just adding drives/TBs to a desktop?

>>57625808
Alright, there seems to be a severe misunderstanding here of basic terminology. But first
>How the fuck would this in anyways be a bad idea.
Vulnerabilities. As in "compromise the host machine thanks to no vNIC detection on the host machine" vulnerabilities.
>And you clearly do if you want to connect from the Internet to it.
Let me redefine what I meant since your dumb ass wasn't able to understand the basic concept. Laptop => VPN Tunnel =>Internet => VPN concentrator => NAS
Not Laptop => VPN Tunnel =>Internet => VPN conc. => Internet
Not Local => VPN Tunnel => Internet
And not Local => VPN Tunnel => NAS/Local
Yes, it's still connecting to the Internet, but that's whole the fucking point of having a VPN, you anal retentive cocksleeve. That is a fucking given if you're hosting a private VPN service. Don't be so motherfucking pedantic about basic concepts.

>>57625874
Get one then if you can find it then

>>57625887
Thanks for making it clearer. I had heard about the CompTIA cert a lot online but wasn't quite clear on how important it was

>>57625926
Take the two separate tests. There are some people that are bad enough dudes to pass the 220 exam without ever having worked as a network tech before, but generally that exam is reserved for people already in the industry that just need to renew their certification.

I'm taking a CCNA practice test and it seems to be the exact same shit as the Network+ stuff I've been studying for with a bit of cisco proprietary bullshit sprinkled in

>>57625912
He needs to connect a terminal emulator with a console cable and then drop to rommon mode while booting to change the config register so the config doesn't get loaded, then reset/edit the config file (any passwords etc.).

>>57626117
if I get the CCENT will people laugh at me for having it along with the A+ on my resume?
I have no prior experience and I'n only 19, I just want to get my first job in the industry so I can get experience

>>57626117
General networking knowledge is the same no matter what brand of equipment or software you're working with. The "proprietary bullshit" is absolutely necessary if you want to be proficient at working with Cisco devices though.

File: prod_white_paper0900aecd80617171-1.jpg (162KB, 519x431px) Image search: [Google]

162KB, 519x431px

>>57625926
Try this hold down the Mode button for 10 seconds utill all the lights near the mode button go off then follow this and see if it works

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3560/hardware/quick/guide/3560gsg_08.html#wp49930

>>57625946
>Vulnerabilities
You're running a firewall you tard. Block access to the unneeded ports. Do you even understand how OpenVPN is running in whatever shitbox appliance you are using? It is running on a fucking linux install, effectively the same thing as a running it in a VM with linux.

> As in "compromise the host machine thanks to no vNIC detection on the host machine" vulnerabilities.
you're just spewing terms you dont even understand now

>Laptop => VPN Tunnel =>Internet => VPN concentrator => NAS
and i already addressed this you tard. since you dont understand how to setup basic intervlan routing you're throwing a hissy fit, thinking new hardware will somehow fix it, and want me to give you babys first guide to routing

>Yes, it's still connecting to the Internet, but that's whole the fucking point of having a VPN, you anal retentive cocksleeve.
>That is a fucking given if you're hosting a private VPN service.
No its not you tard, there are other uses such as pic related

>Don't be so motherfucking pedantic about basic concepts.
Its not my fault you know jack shit about networking anon

>>57626327
>Try this hold down the Mode button for 10 seconds utill all the lights near the mode button go off then follow this and see if it works
after doing this you can skip to the hold down the mode button for 3 seconds part, as the 10+ second one is the reset to defaults

I have a CCNA book from 2004. Should I even bother using it or should I try and find a more recent book?

>>57626391
Not a CCNA but iirc a lot of old stuff has been dropped from the CCNA like serial lines. I'm sure you can find a torrent of something more recent

>>57626391
>>57626416
Nevermind, I found this year's version of the book. Downloading it now.

>>57626416
Yea, a significant part of the book is outdated, ISDN was dropped a longer while back while Frame Relay was dropped in the last revision just a few months ago. Though, if he needs a physical book and that one is the only one he has, it's better than nothing for starters. Up to date resources will certainly be necessary at some point though.

>>57626446

>350 pages into 700 page network+ book
>into the trash it goes

>0 pages into ccent/ccna book
I hope it's worth it.

>>57625843
Why CCENT? Go straight for CCNA

>>57625943
No.
The reason for a NAS are the other features (usually the superior filesystem if you're a Windows user)

>>57619440
check bugmenot.com

>>57630220
nevermind i interpreted that incorrectly.

Just wondering if there's some type of software that I can install to analyse my home network? Download speed seems to constantly be fluctuating up and down and I want to figure out what the fuck is going on.

I've turned off all devices in the house and tested the speed on an array of devices in different configurations but it seems to be a really shit speed compared to what we are paying for. Paying for 1MB/s getting 0.3MB/s (Australian), have a feeling it might have to do with congestion on the physical network in the suburb; is there any way I can confirm this?

Also, is there anyway I can get some software to analyse all the downloading/uploading going on in the background of Windows 10 and cull all those services? Unrelated but something I've been wanting to look into for awhile

>>57604845
MIT opencourseware. Just google it.

>>57630287
Connect your connection directly to a single laptop and check. Most probably it's your ISP being shit. Are you sure it's "1 MB/s" and not "1 Mbps"?

>>57630408
My main PC is connected via ethernet straight to the router and I've been checking consistently, this has been an ongoing problem for at least 3 months I'd say.

And yeah we are definitely paying for 1MB/s, more like 1.2MB/s at best actually. Like I said before it seems like a congestion problem on the actual network infrastructure within the suburb. About 4 months ago they started working on implementing NBN in our suburb and ever since then it has been doing this which sort of reinforces it's the shit local network.

So fucking dumb, during the first month of construction of NBN I saw tons of people along the sides of the road installing fibre and what not; but in the last 3 months I haven't seen one person doing a fucking thing.

My guess is they've replaced a bunch of the copper with fibre but left just enough copper in the area to give a somewhat stable connection until they actually get around to finishing the whole fibre network. And when a bunch of people want to go on the internet (about now, dinner time) they have to restrict everyone's speeds due to the congestion on the half assed fucking network.

This is a prime example of why the fuck everyone hates the NBN in Australia and why it is just a fucking failure. The most information I can get on when our house will be connected with fibre is that "the build has been commenced in your area," no finish date, no estimated time, fucking nothing.

We pay a fucking ridiculous $140 per month to get a 1MB/s copper connection + our phone line connected, and they can't even fucking give us that. Fuck this third world shit

>>57630500
>We pay a fucking ridiculous $140 per month to get a 1MB/s copper connection + our phone line connected
WTF that's crazy. I live in a small city in an actual third world country and I pay much much much less than that for a much more stable connection. Call your ISP up and find out what's wrong. Often just the backbone is converted to fiber and then it is copper from there.

>>57630759
Yeah, it's not a meme when people talk shit about Australia's retarded internet. Calling my ISP gets me sent offshore I'm pretty sure, or at least to your classic Indian tech support trouble shooter.

They tell me to run speed tests, give them the results and then say fuck all on their end besides; "we can send a tech support out to your house because it must be a problem within your own network."

>>57630822
Kek. Tell them you want to speak to their seniors or something and that your neighbors have the problem too

>>57630886
Yeah, I might ring up tomorrow and just be a cunt until I get answers.

Have a quick skim of this if you want to kek even harder at a 'first world' country's inability to plan, build and improve infrastructure: http://www.abc.net.au/news/2016-03-01/manning-what-went-wrong-with-the-nbn/7210408

I converted an old laptop into a CentOS LAMP stack webserver. I had a ton of fun setting it up, learning basic Linux stuff, and just playing around with hosting a website on it.

What else can I do with it? Any suggestions on an appropriate next step?

>>57630927
Oh my god. Our interwebs is a bigger mess but somehow it all works. Most of the country is on terrible ADSL 1 Mbps connectivity from a state run provider. However there are so many private players who subcontract to smaller players in cities. The result is 100 Mbps using FTTH in larger cities for like 25-30$. Not bad at all. The only problem is that all the fiber is illegal and hanging on overhead poles.

>>57600617
bump

Where do I go to learn more about making and securing a home server?

Right now I'm just running a Lubuntu distro on an old emachine. I mean, it gets the job done, but I feel like I could do something to get the job done right.

>>57631943
If you are using NAT then access from the internet is denied by default. If using IPv6, deny forwards from outside the network
Explore subnets, VLANs etc.

Can I just buy a switch, hook it up to my router and buy a couple of 4 bay NAS devices and hook em up? Should it be a managed or unmanaged switch?

>>57632751
Yes. That will work. Unmanaged should work but managed is nice. I had a managed switch being used in unmanaged mode. I had no idea how nice managed devices were until someone had a look at mine and introduced me on how to use them.

Is plex any good for streaming to my android for free?

>>57633192
Yes.

File: 7cXElwi.jpg (642KB, 786x1071px) Image search: [Google]

642KB, 786x1071px

>an actually useful thread on /g/

color me surprised

>>57631214
Try playing around. You'll have lots of fun. Have a look at LXC and Linux containers. Also try using Nginx instead of Apache2.

>>57633240
>that noise

Fucking disgusting

Is there a FAQ/101 for hosting a server out of your own computer?

My father has a logic that reads temperature, humidity and stuff like this. and this is connected to our modem and he'd like to make it so that he could check all this from outside network (it is a small text web-page that updates the readings) - he'd like to connect to the logic from outside network so I guess he needs to host a server on the logic as a side-rpocess

I can the web page in our local network, but I don't really know what to even google to solve the problem or what my problem exactly is.

>>57633760
>I can the web
I can open and read the web page from our local network (and this is the web page that the logic has in itself).

>>57633760
>>57633792
Port forward/destination NAT port 80 or use OpenVPN

Im still learning how to subnet. Explain it to me like im completely retarded (which I happen to be)

>>57633827
Thanks, I'll read up on those.

>>57633192
>networking

>>57633760
Most likely you have a dynamic ip address, so you need some kind of DynDNS solution - a DNS entry on a public server that gets updated from your router (or from within your network) whenever your ip address changes. Some are free, some are shit, some are both - I don't know from the top of my head.

Then you'll need to port forward from your router to your web page.

File: R8PpQKP.jpg (104KB, 432x736px) Image search: [Google]

104KB, 432x736px

>>57633832
You usually get a network handed out to begin with - either from your network admin, from your ISP, or from whomever you buy it from. Let's say we have got 172.16.0.0/12 (yeah, that's a RFC 1918 range, but lets keep it simple)
If we think in Binary, that network address is

10101100.00010000.00000000.00000000

The number after the slash tells you after which bit the border between network bits and host bits is. With /12, the border is here:

10101100.0001|0000.00000000.00000000

The network bits tell you which network we're dealing with, the host bits tell you which host we're dealing with. Because we got 20 host bits and each bit can have two states (1 and 0), we've got 2^20 possible addresses in this network.
Now you must substract two adresses: The first one with only zeroes in the host part because that is the network address with which routing decisions are made and the last one with only ones in the host part because that is the broadcast address used to address all hosts on the range. 2^20 - 2 = 1.048.574 => This network has a lot of host addresses.

Who in their right mind would ever put so many hosts in a single network?
That's where Subnetting comes in - we split the network into multiple networks so we can use our addresses sustainably.

If you increment the amount of network bits by 1, the number of resulting networks doubles and the amount of host bits halves - remember, we're dealing with base 2. So if we split our given network (172.16.0.0/12) in half, we get two networks because the 13th bit can be 1 or 0:

10101100.0001|0|000.00000000.00000000

, or (172.16.0.0/13)

10101100.0001|1|000.00000000.00000000

, or (172.24.0.0/13)

Now we only have 2^19 - 2 = 524.286 addresses. Still much, but not as much anymore.
Let's take the 172.16.0.0/13 subnet and subnet it further.
We repeat this process until we have enough subnetworks or just enough host addresses left.

File: tumblr_og8bdqOFfl1thaej7o1_1280.jpg (148KB, 600x800px) Image search: [Google]

148KB, 600x800px

>>57634813

Or we take the short approach:
If you know how many networks you need (lets say 9), we use the next bigger power of two (which is 16) and calculate how many bits we need to reach that power (2^X = 16, X = 4). X is the number of bits we need to add to the number of network bits.

10101100.00010|000.0|0000000.00000000

Now we're subnetting accross the dot! Don't worry, just fuse the octets together to calculate and then split them apart again when you need the decimal form.
The new address would be (172.16.0.0/17).

If you know how many hosts need to be in a subnet, add two for network address and broadcast address (and don't forget the Gateway, it needs its own address!) and take the next higher power. Calculate how may bits you need to reach that power with base 2 using above method. Then you know how many bits need to stay host bits - take 32 as total amount of bits and substract your known host bits.

>>57634828
How the fuck did that happen? Did a female ninja have a skirmish with a green tentacle monster in a server room?

File: havefun.jpg (72KB, 450x337px) Image search: [Google]

72KB, 450x337px

>>57634876
It's a valid way to fix pic related

>>57634828
You might ask yourself: What's the first address that I can actually use? What's the last?

The first address is the one after the network address - just add one to it.

10101100.00010000.0|0000000.00000001

, or 172.16.0.1/17.
The last address is the one right before the broadcast address - just substract one from it.

10101100.00010000.0|1111111.11111110

, or 172.16.255.254/17.
Afterwards, the broadcast address follows:

10101100.00010000.0|1111111.11111111

, or 172.16.255.255/17.
And after that, the network address of the next network follows! It's like when you add 999 and 1 - the one flows over to the new digit.

10101100.00010000.1|0000000.00000000

, or 172.17.0.0/17.

>>57634876
you really think things get removed when there is a upgrade happening?

just cut the cable and hide it in the double floor/ceiling

generations have done it ...

File: 14516513_324958364562885_4193383366328359177_n.jpg (29KB, 649x524px) Image search: [Google]

29KB, 649x524px

>>57634945

makes more sense now, thanks a ton. I missed some important classes due to illness and I felt like I had some holes in my general knowledge when I got to the subnetting part. Thank mr anon i good compotor worker now

File: subnet.png (212KB, 773x998px) Image search: [Google]

212KB, 773x998px

>>57635260

what's the difference between a router, a layer2 and a layer3 switch?

>>57635311
A router does forwarding decisions based on L3 addressing (= checks destination IP agaisnt routing table and sends it to best match) routing table is filled via connected networks, static routes and routing protocols, if no match is found router drops the packet
A L2 Switch does forwarding decisions based on L2 addressing (= checks destination address against CAM and sends it to only match (= the newest), CAM is filled by looking at source MACs, if no match is found Switch floods the frame

>>57635363
and layer 3 switches can do both

>>57634876
hardware upgrades or moving to a different facility nigga

>>57600617
bump

>>57633339
Mostly what I've been doing! I'll give those containers a look and I have been thinking about moving to Nginx. Is migrating a tough process or is it pretty straightforward?

>>57606548
>The world is all ethernet now. Kind of boring and sad in a way.

No but seriously fuck you. You have no idea how much of a pain in the ass all of that tech was to keep running.

I managed to move two frame relay connections and a couple of T1 lines into a single big Metro Ethernet delivered MPLS line and it's so much better.

Not only is it impossible for the ISP to fuck around when it comes to outages (much easier to tell if it's L1/L1/L3 on eth) but It's all a lot faster and easier to manage.

>>57622580
it's the VLANs dipshit

Meshnets are the future

>>57635378
Yup. You don't need to roas as the l3 switch has an svi interface for every vlan and can route between them on its own.

>>57635363
>if no match is found router drops the packet
>what is a gatway of last resort and ttl

>>57639113
Depends. I can't stand or use Apache2. Nginx is so much easier for me.

Newfag here.
Is there a way to set up an open wifi that people are required to like or check in on facebook to access it? Is that a thing or am I being rused?

>>57641095
I think you need some kind of a RADIUS controller. Ubiquiti/Mikrotik devices have one. I think there are managed online ones as well. hotspotsystem.com looks nice but I haven't used them and I'm not endorsing them. Chillispot, Nodogsplash, Pfsense are also open source solutions but they may not do exactly what you are looking for.

File: photo.jpg (80KB, 501x504px) Image search: [Google]

80KB, 501x504px

>>57622808
>cisco

>>57641587
kek
as someone whose close relative has a very high post in cisco sales this image is very accurate

>>57640634
The Gateway of last resort is a route to 0.0.0.0/0 and therefore can be matched. If you don't have such a route, packets will be dropped

>>57605216
what?
it's literally install java > download server.jar > run it

>>57600617
bump