Thread replies: 10
Thread images: 2
Thread images: 2
File: net_diag.png (67KB, 1033x778px) Image search:
[Google]
67KB, 1033x778px
hey /g/uys,
i need some help from network/linux experts. first please take a look at the picrel.
short introduction:
currently i'm connected to my roommates router - in 192.168.0.0/24. well, it's "ours", but i'm not its admin. sometimes there are some network issues, and the only way he's able to fix it is to disconnect *my* network cable. it's an old router, we have 4 computers connected over wire, and at 8 devices over wifi. at least that's what i'm aware of. besides, sometimes the weather gets hot here, and i guess the router might be overheating. so in my opinion the issues are router's fault. but he says that it never happened before i moved in. and it's not because of that he's constantly changing something as well.
so i figured out, that i'll connect all my devices through a separate router - in 10.31.0.0/16. so his old shitty router has less devices to serve, and maybe won't choke anymore. besides, i also saw that he has wireshark installed, so he might be spying on us all.
anyway, first i need help with configuring 10.31.0.1, so it looks like a regular computer in 192.168.0.0/24. i don't need to access computers in the /24 from my network, i only need the internet. so is it enough if i configure my router to get it's address from dhcp? or do i need to do more configuration? i'm not a total noob, i was able to successfully install and use gentoo for few years in the past, so i think i'll understand what you'll write or link me to. i just want to be sure that *i* won't cause any network issues by bringing up my router.
>>
secondly, i have a 4$/mo vps, which i use for irc. i'd like to start using it as a vpn server for tmy router, and later as a dns server for "my" networks.
i wrote "networks", because i want to create 10.16.0.0/16 at my parents after i achieve first two "milestones". for learning purposes, to see what can i do with it. i'm thinking of pxe server with automated windows installation image, so i won't have to drive to my parents every time my father "catches botnet". so a local fileserver to keep documents on would be nice as well. if we're talking about storing files, maybe a media server? i don't know.
as i wrote before, i am most interested in separating my devices in the "nested" (how do you call it?) network.
>>
>>61045976
Assuming you have a standard SOHO router, yes. Given that most have two virtual interfaces for WAN and LAN with a bridge between, you can request a DHCP address WAN-side and as long as you set the router name accordingly your roommate will never know.
Interestingly, this method will still give you access to the /24 segment as long as static routes are set up properly.
Port forwarding works much the same, you'll just have to do it twice - once on each router.
Routing all traffic through a VPS VPN-style is possible, its just gonna cut your speed way down. Without routing through PPTP/L2TP, you could run SSTP with ssh socks binding.
DNS over VPS is totally plausible and a great idea - you can rig DNSSEC and drop out information leakage
>>
What's the make of that router? Also, why the fuck use a /16 for like 2-3 devices?...
But yes, you can connect the first router to WAN and use NAT.
This probably won't solve the problem of having a shitty router tho.
>>
>>61046475
Blue board nigger.
>>
>>61046776
firstly, thanks for the reply and the info
regarding cutting speed. my vps is 100mbit/s symmetrical, and local link is 30 megamyths/s (dsl on an old cable). i guess cutting the speed is because of encryption, right?
i wasn't thinking of dnssec, because i planned it only for the inside of my environment. but i guess that's a wrong approach, after all, i want to learn
>>61046808
i don't remember, and i don't even want to bother. but if you want to suggest alternative firmware, there's nothing for it - checked some time ago.
/16 because it's used in most companies, and i'd like to have experience in managing those.
>This probably won't solve the problem of having a shitty router tho.
but at least i'll have an argument that it's not my computer's fault
>>61047068
are you really offended?
anyway, thank you all for the input, i'll be keeping /g/ up to date on the topic, maybe prepare a manual, who knows.
>>
File: tmp_636-1497312856960-1999075251.jpg (33KB, 534x566px) Image search:
[Google]
33KB, 534x566px
>>61046475
Thanks mods for doing your jobs. I literally just got fired on the spot for that coming up.
>>
>>61047121
>Cutting speed is due to encryption
In general, no. The speed loss is typically the latency involved in establishing a TCP handshake through a server cross-continent.
It may work fine for you, just give it a shot and see how noticeable the lag/speed gets
DNSSEC is a great call inside or outside the network. An internal DNS server will cache all requests made inside the record TTL and will server directly from the cache. You'll significantly diminish the total DNS requests made to external servers this way. Additionally, you can do router-level adblocking with this method. Just apply local blocklists to dnsmasq.
>>61046808 is right, there's not a whole lot of point to a /16 on a home connection unless you're creating hella VMs. DHCP fills up incrementally so you're unlikely to hit addresses on the 10.16.1.0/24 subnet without removing the record-purge approach
>>
>>61047244
>>61047121
>10.1.16.24
My mistake, should be 10.31.1.0/24
>>
>>61047121
I'm not offended, just stating the obvious.
Ill give you a TL;DR.
Just setup your Router to get DHCP, enable the firewall on it, and you're pretty much setup.
Thread posts: 10
Thread images: 2
Thread images: 2