mercutio: maybe botnet? ant: mercutio: how can you tell that it's linux initiated? mercutio: ant: i can't for sure, but it looks likely..
14600 window size, and 7 window scaling
openbsd and freebsd are using 10 initcwnd now too but won't use such a high window scaling usually
actually 7 seems pretty high
a lot of attakcs are kind of dumb because they just hack boxes.
and if you do a hard block they'll keep trying etc too.
and lots of places allow spoofing ip addresses still, so an intelligent syn flood would just randomise the soruce ip address, which would make it harder for forgotten to block
which is fortunate :)
there's actually heaps of abuse possible on the internet of today.. a lot of it's kind of luck that people are doing a lousy job of breaking things.. ant: mercutio: haha, "intelligent syn flood" sounds like a oxymoron to me ;) mercutio: well a part of me wonders what someone dedicated could do
syn floods can still be pretty destructive ant: but they're so easily mitigated
some months ago i had a server which was synflooded every few days, actived syn cookies -> problem solved
i still don't know why anybody would want to dos that server though. i didn't run any public services... up_the_irons: it pains me that so many networks do not do rpf checks and drop those packets to the floor mercutio: up_the_irons: it's probably similar to the reason people still use xp
"it workos"
err works..
and wow up_the_irons .. you're up .. late ***: pyvpx has quit IRC (Ping timeout: 246 seconds)
pyvpx has joined #arpnetworks
awyeah has quit IRC (Ping timeout: 246 seconds)
awyeah has joined #arpnetworks awyeah: ..... ***: ameise has joined #arpnetworks
ant has quit IRC (Quit: Leaving)
ameise is now known as ant
ant has quit IRC (Client Quit)
ant has joined #arpnetworks mnathani: How do I maximize wifi performance on my network? My wired Router is a Mikrotik, the Wireless Access Point is a Cisco Aironet AIR-LAP1142N-A-K9 connected to a Catalyst 3750 Switch. Presently they are all on the same subnet. Would moving the Wireless AP to its own subnet increase performance? brycec: No. mnathani: how about reduction of broadcast traffic from the LAN segment brycec: If anything, adding routing to the equation is going to reduce performance
True, but that's relatively minimal.
Incidentally, I just did that - fresh VLAN and all :D
But for sanitation, not "performance"
Typically performance runs into radio issues long before network bottlenecks mnathani: the mikrotik dhcp server should be able to hand out addresses in another subnet? brycec: (no idea)
"should" but that's purely opinion-based mercutio: mnathani: what kind of bandwidth are you getting atm over wireless? mnathani: 13 megs down, 5 megs up
WAN bandwidth is 35 down, 5 up brycec: Ouch mercutio: megabits? brycec: Yeah, almost certainly you have wifi issues, not network issues.
oh (/me assumed megs = mbps) mercutio: how far are you from access point? brycec: 13MB/s is reasonable, 13Mb/s not so much. mercutio: well 13 megabytes/sec is about what you should be able to get from wireless n 300 one room over
but if you had 35 megabytes/sec internet you might be trying to get as much as possible
i think it's probably megabit though mnathani: pretty close to the AP BryceBot: That's what she said!! brycec: too close to the AP? BryceBot: That's what she said!! mnathani: megabits brycec: BryceBot: no BryceBot: Oh, okay... I'm sorry. 'too close to the AP?' mercutio: my cellphone does about 30 megabit with wireless g, my tablet about 35 megabit with wireless n. but the tablet is single stream. brycec: I get 300-450Mb/s :D (802.11ac) mercutio: i get like 60 megabit with wireless ac
bbut it's quite a lot of distance
i need more wireless n devices. brycec: Not bad mercutio: i have tripple stream ap. brycec: Same mercutio: i can't even find any triple stream clients. mnathani: wired desktop for instance; 29.56 megabits down, 4.91 megabits up brycec: I bought a card for my laptop, but stupid lenovo has a whitelist... mercutio: i have a cheap card that i'm using somewhere else
but it's too far away for good performance
going to swap it out and have wireless ac client down here it hink
i dunno why i care though, i have fast local network here :)
it's just nice not having cables go across room.
i suppose there's where ac is good. brycec: mnathani: There's a lot that could be affecting your wifi speeds. Start with what rate is your client connected/negotiated at?
What kind of adapter does your client use?
How many wifi networks are around you?
How many other wifi clients are on your network?
What types of adapters and speeds are they connected at?
(eg. Back in 802.11b, the slowest connection on the network dictated the network speed) mercutio: channel selection is often the first place to start.
it's usually good to go down to 20 mhz at least at first too.
esp with dealing with low speeds like that.
well that's as far as 2.4 ghz goes.. brycec: So many questions, so little mnathani mercutio: heh mnathani: sorry, was trying to figure out the channel selection from the web interface mercutio: usually people try channel 6 first, as most routers default to channel 1.
but 6 is so often used.
because of that.. brycec: I've seen 6 and 9 as defaults BryceBot: That's what she said!! mercutio: here channel 9 seems to often work well, but i think US has some limit on channels or osomething brycec: BryceBot: no BryceBot: Oh, okay... I'm sorry. 'I've seen 6 and 9 as defaults' mercutio: i'm using unifi router.
i hate how you have to start controller mnathani: Surface Pro 3 shows Speed: 144 Mbps mercutio: is that 5 ghz? mnathani: 2.4 Ghz mercutio: heh that cisco ap looks like my ap mnathani: Active Radio Channel
2412 MHz Channel 1
Channel Width
20 MHz mercutio: i'm using 9/161
yeah change that mnathani: Active Radio Channel| 5200 MHz Channel 40 | Channel Width 20 MHz mercutio: if you have android device i find wifi analyzer is good for checking out channels from different locations. mnathani: first one was 2.4 and second was 5 ghz mercutio: you can probably do 40 mhz on 5 ghz too brycec: Wifi Analyzer ftw mercutio: i have 80 mhz on 5 ghz it seems.
so i assume 802.11ac is 80 mhz mnathani: is it the farpro one?
I found 2 on android brycec: mnathani: Yes, com.farproc.wifi.analyzer
At least that's the one I use mnathani: brycec: thanks mercutio: wow i'm at -17 dBm
i was trying to find the name brycec: Nice, mercutio mercutio: for some reason here channel 6 is the most overloaded. brycec: Ceiling on my meter is -37dBm mercutio: i could probably go up a bit
well things generally work pretty well until like -60dBm to -80dBm isn't it? brycec: I'm so lucky at work - there's only my neighbour and my wifi nets
He's on ch1, I'm on ch11 mercutio: i think it's like -40dBm across the house.
why does it say my ap is disconnected. grr.
weird i can still set it to channel 10 m0unds: lots of older routers/aps wont change channels to avoid interference
2.4ghz is a mess by my house. people with isp provided wundernat devices with wireless radios integrated stuck in front of the user's own wundernat box they got at best buy
bleck mnathani: the wifi analyzer app says better channel : 14, but is that one I can really use?
my aironet AP doesnt seem to have that as an option brycec: 14 is not "legal" in the United States... Don't know about .nz mnathani: in Canada here brycec: same diff >.>
<.,
14 is not allowed in North America
or, well, anywhere but Japan in 802.11b mode
mnathani: Should probably open preferences and only leave channels 1-11 marked as available mnathani: http://imgur.com/XCOSo6B -: brycec throws up a little mnathani: that's my WiFi analyzer results
I live in an apartment building brycec: Evidently
It's no wonder your performance is shit davantalus: Looks like 4 is your sweet spot huh? brycec: There really isn't a "sweet" spot in something that crowded. 5 could be slightly better, but not worth changing imo mercutio: is it 10mhz per channel?
omg worst graph ever
i'm nto even sure where i'd go there
is that the room where you need stronger coverage? brycec: "When two or more 802.11b transmitters are operated in the same airspace, their signals must be attenuated by -50dBr and/or separated by 22 MHz to prevent interference." mercutio: if that's the same room as your ap, you're pretty screwed :)
are you the dark blue mnathani ? mnathani: yea mercutio: yeah going down one channel /may/ help a little
but you're actually pretty good from that position
but if you want to add anything more... mnathani: moving from channel 1 to channel 6 seems to have helped brycec: tl;dr Your best bet for performance improvement is to move to 5GHz mercutio: oh yes it would have. brycec: ^ mercutio: nah he's acutally pretty fine
you don't have to worry about -80 dBm
the signal strength of ~ -35dBm is strong enoguh to fight it pretty well.
at least in his current location. if he moves closer to those access points he may have issues.
where 5 ghz may not reach too. mnathani: I am on channel 5 for 2.4 Ghz and channel 161 for 5 Ghz -31 dBm and -37 dBm respectively mercutio: i find "outside" to often be the biggest struggle to get to work well.
mnathani: i find 5 ghz often gives lower signal strength, and can even give worse speeds, but it doesn't randomly get bad.
so is often more consistent in quality.
like i've seen random dropouts with 2.4 ghz where it's working well.. working well.. screwed... working ok.. working well.
and 5ghz cuts that out
i think like when youir neighbours are "idle" it may interfere less. mnathani: http://imgur.com/Kr2XdC9
updated mercutio: i still have problems outside here on other side of house
but even with close ap it was screwed, so i think it's the walls/buiilding
yeah that's no better i think
i use iperf for testing myself. BryceBot: That's what she said!! mercutio: it's a bit of a pita though.
on laptops etc you have to run iperf -s
then on a linux box do iperf -c <ip of laptop>
oh actually do "iperf -s -i 1"
and it'll show per second break down
because download performance matters more than upload performance normally for wireless devices
i still want to try doing 2.4/5ghz at once
using 2.4 ghz for upload, and 5ghz for download. to see what speed i can get
if you do half duplex udp pushes over wireless speed can be quite a lot hjigher
oh and for web performance using a proxy can help with wireless too, as it clusters stuff together more ***: SpeedBus has quit IRC (Ping timeout: 245 seconds) up_the_irons: mercutio: indeed i was up late last night ***: SpeedBus has joined #arpnetworks brycec: Hopefully, that means you were up late partying :D ***: carvite_ has joined #arpnetworks up_the_irons: just hanging out in #arpnetworks-de with ant until the whiskey came out and I could no longer speak German... ;) m0unds: whiskey, EH?
whiskey sounds good, i'm gonna have to raid my liquor cabinet up_the_irons: Wild Turkey 101... technically Bourbon. Pretty much my go to whiskey and what I ask for if I'm out somewhere... m0unds: i'm a big fan of blanton's mercutio: i like mckenna
but it's not classy ***: zhangxiaobao has joined #arpnetworks zhangxiaobao: hello, can anybody reach 66.220.18.42, he's ipv6 tunnel server in lax? mnathani: Pinging 66.220.18.42 with 32 bytes of data:
Request timed out. zhangxiaobao: thanks
now it seems i can ping it, but the tunnel is not working.. mnathani: Username: zhangxiaobao << Liested as latest Sage Cert
s/Liested/Listed BryceBot: <mnathani> Username: zhangxiaobao << Listed as latest Sage Cert brycec: zhangxiaobao: It's known to be down https://tunnelbroker.net/status.php -: brycec is so happy not to rely on lax1 anymore :D brycec: (Nothing against lax1 specifically, just happy not to rely on a tunnel for my VPS
) zhangxiaobao: thank you! missed this page
it
it's a very very cheap VPS so i think it's ok mnathani: now you are listed as latest 10 certs for Sage >> cobryce
brycec: ^^ brycec: mnathani: I am?
I've been Sage for ages.
Well, months anyways
Not geological ages. mnathani: did you log in recently? brycec: Yes mnathani: perhaps it is updating based on last login brycec: Seems like it. ***: zhangxiaobao3 has joined #arpnetworks
zhangxiaobao has quit IRC (Ping timeout: 246 seconds)
zhangxiaobao3 has quit IRC (Remote host closed the connection)
zhangxiaobao has joined #arpnetworks