#arpnetworks 2014-10-10,Fri

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)

WhoWhatWhen
mercutioforgotten's traffic looks like it's linux initiated, probably application rather than synflood
maybe botnet?
[01:54]
antmercutio: how can you tell that it's linux initiated? [01:59]
........... (idle for 53mn)
mercutioant: i can't for sure, but it looks likely..
14600 window size, and 7 window scaling
openbsd and freebsd are using 10 initcwnd now too but won't use such a high window scaling usually
actually 7 seems pretty high
a lot of attakcs are kind of dumb because they just hack boxes.
and if you do a hard block they'll keep trying etc too.
and lots of places allow spoofing ip addresses still, so an intelligent syn flood would just randomise the soruce ip address, which would make it harder for forgotten to block
which is fortunate :)
there's actually heaps of abuse possible on the internet of today.. a lot of it's kind of luck that people are doing a lousy job of breaking things..
[02:52]
antmercutio: haha, "intelligent syn flood" sounds like a oxymoron to me ;) [03:09]
mercutiowell a part of me wonders what someone dedicated could do
syn floods can still be pretty destructive
[03:10]
antbut they're so easily mitigated
some months ago i had a server which was synflooded every few days, actived syn cookies -> problem solved
i still don't know why anybody would want to dos that server though. i didn't run any public services...
[03:18]
up_the_ironsit pains me that so many networks do not do rpf checks and drop those packets to the floor [03:33]
..... (idle for 21mn)
mercutioup_the_irons: it's probably similar to the reason people still use xp
"it workos"
err works..
and wow up_the_irons .. you're up .. late
[03:54]
....................................... (idle for 3h12mn)
***pyvpx has quit IRC (Ping timeout: 246 seconds)
pyvpx has joined #arpnetworks
[07:07]
awyeah has quit IRC (Ping timeout: 246 seconds)
awyeah has joined #arpnetworks
[07:13]
..................... (idle for 1h42mn)
awyeah..... [08:56]
...................................... (idle for 3h5mn)
***ameise has joined #arpnetworks
ant has quit IRC (Quit: Leaving)
ameise is now known as ant
ant has quit IRC (Client Quit)
ant has joined #arpnetworks
[12:01]
................................. (idle for 2h41mn)
mnathaniHow do I maximize wifi performance on my network? My wired Router is a Mikrotik, the Wireless Access Point is a Cisco Aironet AIR-LAP1142N-A-K9 connected to a Catalyst 3750 Switch. Presently they are all on the same subnet. Would moving the Wireless AP to its own subnet increase performance? [14:46]
brycecNo. [14:46]
mnathanihow about reduction of broadcast traffic from the LAN segment [14:46]
brycecIf anything, adding routing to the equation is going to reduce performance
True, but that's relatively minimal.
Incidentally, I just did that - fresh VLAN and all :D
But for sanitation, not "performance"
Typically performance runs into radio issues long before network bottlenecks
[14:47]
mnathanithe mikrotik dhcp server should be able to hand out addresses in another subnet? [14:48]
brycec(no idea)
"should" but that's purely opinion-based
[14:48]
mercutiomnathani: what kind of bandwidth are you getting atm over wireless? [14:53]
mnathani13 megs down, 5 megs up
WAN bandwidth is 35 down, 5 up
[14:53]
brycecOuch [14:54]
mercutiomegabits? [14:54]
brycecYeah, almost certainly you have wifi issues, not network issues.
oh (/me assumed megs = mbps)
[14:54]
mercutiohow far are you from access point? [14:54]
brycec13MB/s is reasonable, 13Mb/s not so much. [14:55]
mercutiowell 13 megabytes/sec is about what you should be able to get from wireless n 300 one room over
but if you had 35 megabytes/sec internet you might be trying to get as much as possible
i think it's probably megabit though
[14:55]
mnathanipretty close to the AP [14:56]
BryceBotThat's what she said!! [14:56]
brycectoo close to the AP? [14:56]
BryceBotThat's what she said!! [14:56]
mnathanimegabits [14:56]
brycecBryceBot: no [14:56]
BryceBotOh, okay... I'm sorry. 'too close to the AP?' [14:56]
mercutiomy cellphone does about 30 megabit with wireless g, my tablet about 35 megabit with wireless n. but the tablet is single stream. [14:56]
brycecI get 300-450Mb/s :D (802.11ac) [14:57]
mercutioi get like 60 megabit with wireless ac
bbut it's quite a lot of distance
i need more wireless n devices.
[14:57]
brycecNot bad [14:57]
mercutioi have tripple stream ap. [14:57]
brycecSame [14:57]
mercutioi can't even find any triple stream clients. [14:57]
mnathaniwired desktop for instance; 29.56 megabits down, 4.91 megabits up [14:58]
brycecI bought a card for my laptop, but stupid lenovo has a whitelist... [14:58]
mercutioi have a cheap card that i'm using somewhere else
but it's too far away for good performance
going to swap it out and have wireless ac client down here it hink
i dunno why i care though, i have fast local network here :)
it's just nice not having cables go across room.
i suppose there's where ac is good.
[14:58]
brycecmnathani: There's a lot that could be affecting your wifi speeds. Start with what rate is your client connected/negotiated at?
What kind of adapter does your client use?
How many wifi networks are around you?
How many other wifi clients are on your network?
What types of adapters and speeds are they connected at?
(eg. Back in 802.11b, the slowest connection on the network dictated the network speed)
[15:02]
mercutiochannel selection is often the first place to start.
it's usually good to go down to 20 mhz at least at first too.
esp with dealing with low speeds like that.
well that's as far as 2.4 ghz goes..
[15:06]
brycecSo many questions, so little mnathani [15:08]
mercutioheh [15:08]
mnathanisorry, was trying to figure out the channel selection from the web interface [15:08]
mercutiousually people try channel 6 first, as most routers default to channel 1.
but 6 is so often used.
because of that..
[15:09]
brycecI've seen 6 and 9 as defaults [15:09]
BryceBotThat's what she said!! [15:09]
mercutiohere channel 9 seems to often work well, but i think US has some limit on channels or osomething [15:09]
brycecBryceBot: no [15:09]
BryceBotOh, okay... I'm sorry. 'I've seen 6 and 9 as defaults' [15:09]
mercutioi'm using unifi router.
i hate how you have to start controller
[15:09]
mnathaniSurface Pro 3 shows Speed: 144 Mbps [15:10]
mercutiois that 5 ghz? [15:10]
mnathani2.4 Ghz [15:10]
mercutioheh that cisco ap looks like my ap [15:11]
mnathaniActive Radio Channel
2412 MHz Channel 1
Channel Width
20 MHz
[15:12]
mercutioi'm using 9/161
yeah change that
[15:13]
mnathaniActive Radio Channel| 5200 MHz Channel 40 | Channel Width 20 MHz [15:13]
mercutioif you have android device i find wifi analyzer is good for checking out channels from different locations. [15:13]
mnathanifirst one was 2.4 and second was 5 ghz [15:13]
mercutioyou can probably do 40 mhz on 5 ghz too [15:13]
brycecWifi Analyzer ftw [15:13]
mercutioi have 80 mhz on 5 ghz it seems.
so i assume 802.11ac is 80 mhz
[15:14]
mnathaniis it the farpro one?
I found 2 on android
[15:14]
brycecmnathani: Yes, com.farproc.wifi.analyzer
At least that's the one I use
[15:15]
mnathanibrycec: thanks [15:15]
mercutiowow i'm at -17 dBm
i was trying to find the name
[15:15]
brycecNice, mercutio [15:16]
mercutiofor some reason here channel 6 is the most overloaded. [15:16]
brycecCeiling on my meter is -37dBm [15:16]
mercutioi could probably go up a bit
well things generally work pretty well until like -60dBm to -80dBm isn't it?
[15:16]
brycecI'm so lucky at work - there's only my neighbour and my wifi nets
He's on ch1, I'm on ch11
[15:17]
mercutioi think it's like -40dBm across the house.
why does it say my ap is disconnected. grr.
weird i can still set it to channel 10
[15:17]
m0undslots of older routers/aps wont change channels to avoid interference
2.4ghz is a mess by my house. people with isp provided wundernat devices with wireless radios integrated stuck in front of the user's own wundernat box they got at best buy
bleck
[15:31]
mnathanithe wifi analyzer app says better channel : 14, but is that one I can really use?
my aironet AP doesnt seem to have that as an option
[15:35]
brycec14 is not "legal" in the United States... Don't know about .nz [15:37]
mnathaniin Canada here [15:38]
brycecsame diff >.>
<.,
14 is not allowed in North America
or, well, anywhere but Japan in 802.11b mode
mnathani: Should probably open preferences and only leave channels 1-11 marked as available
[15:38]
mnathanihttp://imgur.com/XCOSo6B [15:44]
brycecbrycec throws up a little [15:45]
mnathanithat's my WiFi analyzer results
I live in an apartment building
[15:45]
brycecEvidently
It's no wonder your performance is shit
[15:45]
davantalusLooks like 4 is your sweet spot huh? [15:47]
brycecThere really isn't a "sweet" spot in something that crowded. 5 could be slightly better, but not worth changing imo [15:49]
mercutiois it 10mhz per channel?
omg worst graph ever
i'm nto even sure where i'd go there
is that the room where you need stronger coverage?
[15:51]
brycec"When two or more 802.11b transmitters are operated in the same airspace, their signals must be attenuated by -50dBr and/or separated by 22 MHz to prevent interference." [15:52]
mercutioif that's the same room as your ap, you're pretty screwed :)
are you the dark blue mnathani ?
[15:52]
mnathaniyea [15:53]
mercutioyeah going down one channel /may/ help a little
but you're actually pretty good from that position
but if you want to add anything more...
[15:53]
mnathanimoving from channel 1 to channel 6 seems to have helped [15:54]
brycectl;dr Your best bet for performance improvement is to move to 5GHz [15:54]
mercutiooh yes it would have. [15:54]
brycec^ [15:54]
mercutionah he's acutally pretty fine
you don't have to worry about -80 dBm
the signal strength of ~ -35dBm is strong enoguh to fight it pretty well.
at least in his current location. if he moves closer to those access points he may have issues.
where 5 ghz may not reach too.
[15:54]
mnathaniI am on channel 5 for 2.4 Ghz and channel 161 for 5 Ghz -31 dBm and -37 dBm respectively [15:56]
mercutioi find "outside" to often be the biggest struggle to get to work well.
mnathani: i find 5 ghz often gives lower signal strength, and can even give worse speeds, but it doesn't randomly get bad.
so is often more consistent in quality.
like i've seen random dropouts with 2.4 ghz where it's working well.. working well.. screwed... working ok.. working well.
and 5ghz cuts that out
i think like when youir neighbours are "idle" it may interfere less.
[15:56]
mnathanihttp://imgur.com/Kr2XdC9
updated
[15:57]
mercutioi still have problems outside here on other side of house
but even with close ap it was screwed, so i think it's the walls/buiilding
yeah that's no better i think
i use iperf for testing myself.
[15:59]
BryceBotThat's what she said!! [16:01]
mercutioit's a bit of a pita though.
on laptops etc you have to run iperf -s
then on a linux box do iperf -c <ip of laptop>
oh actually do "iperf -s -i 1"
and it'll show per second break down
because download performance matters more than upload performance normally for wireless devices
i still want to try doing 2.4/5ghz at once
using 2.4 ghz for upload, and 5ghz for download. to see what speed i can get
if you do half duplex udp pushes over wireless speed can be quite a lot hjigher
[16:01]
oh and for web performance using a proxy can help with wireless too, as it clusters stuff together more [16:15]
***SpeedBus has quit IRC (Ping timeout: 245 seconds) [16:22]
.......... (idle for 46mn)
up_the_ironsmercutio: indeed i was up late last night [17:08]
***SpeedBus has joined #arpnetworks [17:20]
........... (idle for 53mn)
brycecHopefully, that means you were up late partying :D [18:13]
...... (idle for 26mn)
***carvite_ has joined #arpnetworks [18:39]
..... (idle for 24mn)
up_the_ironsjust hanging out in #arpnetworks-de with ant until the whiskey came out and I could no longer speak German... ;) [19:03]
m0undswhiskey, EH?
whiskey sounds good, i'm gonna have to raid my liquor cabinet
[19:04]
up_the_ironsWild Turkey 101... technically Bourbon. Pretty much my go to whiskey and what I ask for if I'm out somewhere... [19:12]
.... (idle for 15mn)
m0undsi'm a big fan of blanton's [19:27]
mercutioi like mckenna
but it's not classy
[19:28]
...................... (idle for 1h46mn)
***zhangxiaobao has joined #arpnetworks [21:15]
zhangxiaobaohello, can anybody reach 66.220.18.42, he's ipv6 tunnel server in lax? [21:18]
mnathaniPinging 66.220.18.42 with 32 bytes of data:
Request timed out.
[21:20]
zhangxiaobaothanks [21:21]
now it seems i can ping it, but the tunnel is not working.. [21:27]
mnathaniUsername: zhangxiaobao << Liested as latest Sage Cert
s/Liested/Listed
[21:40]
BryceBot<mnathani> Username: zhangxiaobao << Listed as latest Sage Cert [21:40]
.... (idle for 16mn)
bryceczhangxiaobao: It's known to be down https://tunnelbroker.net/status.php
brycec is so happy not to rely on lax1 anymore :D
(Nothing against lax1 specifically, just happy not to rely on a tunnel for my VPS
)
[21:56]
zhangxiaobaothank you! missed this page
it
it's a very very cheap VPS so i think it's ok
[21:58]
....... (idle for 33mn)
mnathaninow you are listed as latest 10 certs for Sage >> cobryce
brycec: ^^
[22:31]
brycecmnathani: I am?
I've been Sage for ages.
Well, months anyways
Not geological ages.
[22:31]
mnathanidid you log in recently? [22:31]
brycecYes [22:31]
mnathaniperhaps it is updating based on last login [22:31]
brycecSeems like it. [22:32]
...... (idle for 25mn)
***zhangxiaobao3 has joined #arpnetworks
zhangxiaobao has quit IRC (Ping timeout: 246 seconds)
zhangxiaobao3 has quit IRC (Remote host closed the connection)
[22:57]
...... (idle for 26mn)
zhangxiaobao has joined #arpnetworks [23:29]

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)