[01:54] <mercutio> forgotten's traffic looks like it's linux initiated, probably application rather than synflood
[01:54] <mercutio> maybe botnet?
[01:59] <ant> mercutio: how can you tell that it's linux initiated?
[02:52] <mercutio> ant: i can't for sure, but it looks likely..
[02:52] <mercutio> 14600 window size, and 7 window scaling
[02:52] <mercutio> openbsd and freebsd are using 10 initcwnd now too but won't use such a high window scaling usually
[02:53] <mercutio> actually 7 seems pretty high
[02:54] <mercutio> a lot of attakcs are kind of dumb because they just hack boxes.
[02:54] <mercutio> and if you do a hard block they'll keep trying etc too.
[02:55] <mercutio> and lots of places allow spoofing ip addresses still, so an intelligent syn flood would just randomise the soruce ip address, which would make it harder for forgotten to block
[02:55] <mercutio> which is fortunate :)
[02:56] <mercutio> there's actually heaps of abuse possible on the internet of today.. a lot of it's kind of luck that people are doing a lousy job of breaking things..
[03:09] <ant> mercutio: haha, "intelligent syn flood" sounds like a oxymoron to me ;)
[03:10] <mercutio> well a part of me wonders what someone dedicated could do
[03:10] <mercutio> syn floods can still be pretty destructive
[03:18] <ant> but they're so easily mitigated
[03:19] <ant> some months ago i had a server which was synflooded every few days, actived syn cookies -> problem solved
[03:19] <ant> i still don't know why anybody would want to dos that server though. i didn't run any public services...
[03:33] <up_the_irons> it pains me that so many networks do not do rpf checks and drop those packets to the floor
[03:54] <mercutio> up_the_irons: it's probably similar to the reason people still use xp
[03:54] <mercutio> "it workos"
[03:54] <mercutio> err works..
[03:55] <mercutio> and wow up_the_irons .. you're up .. late
[07:07] *** pyvpx has quit IRC (Ping timeout: 246 seconds)
[07:08] *** pyvpx has joined #arpnetworks
[07:13] *** awyeah has quit IRC (Ping timeout: 246 seconds)
[07:14] *** awyeah has joined #arpnetworks
[08:56] <awyeah> .....
[12:01] *** ameise has joined #arpnetworks
[12:03] *** ant has quit IRC (Quit: Leaving)
[12:03] *** ameise is now known as ant
[12:05] *** ant has quit IRC (Client Quit)
[12:05] *** ant has joined #arpnetworks
[14:46] <mnathani> How do I maximize wifi performance on my network? My wired Router is a Mikrotik, the Wireless Access Point is a Cisco Aironet AIR-LAP1142N-A-K9 connected to a Catalyst 3750 Switch. Presently they are all on the same subnet. Would moving the Wireless AP to its own subnet increase performance?
[14:46] <brycec> No.
[14:46] <mnathani> how about reduction of broadcast traffic from the LAN segment
[14:47] <brycec> If anything, adding routing to the equation is going to reduce performance
[14:47] <brycec> True, but that's relatively minimal.
[14:47] <brycec> Incidentally, I just did that - fresh VLAN and all :D
[14:47] <brycec> But for sanitation, not "performance"
[14:48] <brycec> Typically performance runs into radio issues long before network bottlenecks
[14:48] <mnathani> the mikrotik dhcp server should be able to hand out addresses in another subnet?
[14:48] <brycec> (no idea)
[14:48] <brycec> "should" but that's purely opinion-based
[14:53] <mercutio> mnathani: what kind of bandwidth are you getting atm over wireless?
[14:53] <mnathani> 13 megs down, 5 megs up
[14:54] <mnathani> WAN bandwidth is 35 down, 5 up
[14:54] <brycec> Ouch
[14:54] <mercutio> megabits?
[14:54] <brycec> Yeah, almost certainly you have wifi issues, not network issues.
[14:54] <brycec> oh (/me assumed megs = mbps)
[14:54] <mercutio> how far are you from access point?
[14:55] <brycec> 13MB/s is reasonable, 13Mb/s not so much.
[14:55] <mercutio> well 13 megabytes/sec is about what you should be able to get from wireless n 300 one room over
[14:55] <mercutio> but if you had 35 megabytes/sec internet you might be trying to get as much as possible
[14:55] <mercutio> i think it's probably megabit though
[14:56] <mnathani> pretty close to the AP
[14:56] <BryceBot> That's what she said!!
[14:56] <brycec> too close to the AP?
[14:56] <BryceBot> That's what she said!!
[14:56] <mnathani> megabits
[14:56] <brycec> BryceBot: no
[14:56] <BryceBot> Oh, okay... I'm sorry. 'too close to the AP?'
[14:56] <mercutio> my cellphone does about 30 megabit with wireless g, my tablet about 35 megabit with wireless n.  but the tablet is single stream.
[14:57] <brycec> I get 300-450Mb/s :D (802.11ac)
[14:57] <mercutio> i get like 60 megabit with wireless ac
[14:57] <mercutio> bbut it's quite a lot of distance
[14:57] <mercutio> i need more wireless n devices.
[14:57] <brycec> Not bad
[14:57] <mercutio> i have tripple stream ap.
[14:57] <brycec> Same
[14:57] <mercutio> i can't even find any triple stream clients.
[14:58] <mnathani> wired desktop for instance; 29.56 megabits down, 4.91 megabits up
[14:58] <brycec> I bought a card for my laptop, but stupid lenovo has a whitelist...
[14:58] <mercutio> i have a cheap card that i'm using somewhere else
[14:58] <mercutio> but it's too far away for good performance
[14:58] <mercutio> going to swap it out and have wireless ac client down here it hink
[14:59] <mercutio> i dunno why i care though, i have fast local network here :)
[14:59] <mercutio> it's just nice not having cables go across room.
[14:59] <mercutio> i suppose there's where ac is good.
[15:02] <brycec> mnathani: There's a lot that could be affecting your wifi speeds. Start with what rate is your client connected/negotiated at?
[15:02] <brycec> What kind of adapter does your client use?
[15:02] <brycec> How many wifi  networks are around you?
[15:03] <brycec> How many other wifi clients are on your network?
[15:04] <brycec> What types of adapters and speeds are they connected at?
[15:04] <brycec> (eg. Back in 802.11b, the slowest connection on the network dictated the network speed)
[15:06] <mercutio> channel selection is often the first place to start.
[15:07] <mercutio> it's usually good to go down to 20 mhz at least at first too.
[15:07] <mercutio> esp with dealing with low speeds like that.
[15:07] <mercutio> well that's as far as 2.4 ghz goes..
[15:08] <brycec> So many questions, so little mnathani
[15:08] <mercutio> heh
[15:08] <mnathani> sorry, was trying to figure out the channel selection from the web interface
[15:09] <mercutio> usually people try channel 6 first, as most routers default to channel 1.
[15:09] <mercutio> but 6 is so often used.
[15:09] <mercutio> because of that..
[15:09] <brycec> I've seen 6 and 9 as defaults
[15:09] <BryceBot> That's what she said!!
[15:09] <mercutio> here channel 9 seems to often work well, but i think US has some limit on channels or osomething
[15:09] <brycec> BryceBot: no
[15:09] <BryceBot> Oh, okay... I'm sorry. 'I've seen 6 and 9 as defaults'
[15:09] <mercutio> i'm using unifi router.
[15:10] <mercutio> i hate how you have to start controller
[15:10] <mnathani> Surface Pro 3 shows Speed: 144 Mbps
[15:10] <mercutio> is that 5 ghz?
[15:10] <mnathani> 2.4 Ghz
[15:11] <mercutio> heh that cisco ap looks like my ap
[15:12] <mnathani> Active Radio Channel
[15:12] <mnathani> 2412 MHz Channel 1
[15:12] <mnathani> Channel Width
[15:12] <mnathani> 20 MHz
[15:13] <mercutio> i'm using 9/161
[15:13] <mercutio> yeah change that
[15:13] <mnathani> Active Radio Channel|  5200 MHz Channel 40 | Channel Width 20 MHz
[15:13] <mercutio> if you have android device i find wifi analyzer is good for checking out channels from different locations.
[15:13] <mnathani> first one was 2.4 and second was 5 ghz
[15:13] <mercutio> you can probably do 40 mhz on 5 ghz too
[15:13] <brycec> Wifi Analyzer ftw
[15:14] <mercutio> i have 80 mhz on 5 ghz it seems.
[15:14] <mercutio> so i assume 802.11ac is 80 mhz
[15:14] <mnathani> is it the farpro one?
[15:14] <mnathani> I found 2 on android
[15:15] <brycec> mnathani: Yes, com.farproc.wifi.analyzer
[15:15] <brycec> At least that's the one I use
[15:15] <mnathani> brycec: thanks
[15:15] <mercutio> wow i'm at -17 dBm
[15:16] <mercutio> i was trying to find the name
[15:16] <brycec> Nice, mercutio
[15:16] <mercutio> for some reason here channel 6 is the most overloaded.
[15:16] <brycec> Ceiling on my meter is -37dBm
[15:16] <mercutio> i could probably go up a bit
[15:17] <mercutio> well things generally work pretty well until like -60dBm to -80dBm isn't it?
[15:17] <brycec> I'm so lucky at work - there's only my neighbour and my wifi nets
[15:17] <brycec> He's on ch1, I'm on ch11
[15:17] <mercutio> i think it's like -40dBm across the house.
[15:18] <mercutio> why does it say my ap is disconnected.  grr.
[15:19] <mercutio> weird i can still set it to channel 10
[15:31] <m0unds> lots of older routers/aps wont change channels to avoid interference
[15:32] <m0unds> 2.4ghz is a mess by my house. people with isp provided wundernat devices with wireless radios integrated stuck in front of the user's own wundernat box they got at best buy
[15:34] <m0unds> bleck
[15:35] <mnathani> the wifi analyzer app says better channel : 14, but is that one I can really use?
[15:35] <mnathani> my aironet AP doesnt seem to have that as an option
[15:37] <brycec> 14 is not "legal" in the United States... Don't know about .nz
[15:38] <mnathani> in Canada here
[15:38] <brycec> same diff >.>
[15:38] <brycec> <.,
[15:39] <brycec> 14 is not allowed in North America
[15:39] <brycec> or, well, anywhere but Japan in 802.11b mode
[15:39] <brycec> mnathani: Should probably open preferences and only leave channels 1-11 marked as available
[15:44] <mnathani> http://imgur.com/XCOSo6B
[15:45] * brycec throws up a little
[15:45] <mnathani> that's my WiFi analyzer results
[15:45] <mnathani> I live in an apartment building
[15:45] <brycec> Evidently
[15:45] <brycec> It's no wonder your performance is shit
[15:47] <davantalus> Looks like 4 is your sweet spot huh?
[15:49] <brycec> There really isn't a "sweet" spot in something that crowded. 5 could be slightly better, but not worth changing imo
[15:51] <mercutio> is it 10mhz per channel?
[15:51] <mercutio> omg worst graph ever
[15:52] <mercutio> i'm nto even sure where i'd go there
[15:52] <mercutio> is that the room where you need stronger coverage?
[15:52] <brycec> "When two or more 802.11b transmitters are operated in the same airspace, their signals must be attenuated by -50dBr and/or separated by 22 MHz to prevent interference."
[15:52] <mercutio> if that's the same room as your ap, you're pretty screwed :)
[15:53] <mercutio> are you the dark blue mnathani ?
[15:53] <mnathani> yea
[15:53] <mercutio> yeah going down one channel /may/ help a little
[15:54] <mercutio> but you're actually pretty good from that position
[15:54] <mercutio> but if you want to add anything more...
[15:54] <mnathani> moving from channel 1 to channel 6 seems to have helped
[15:54] <brycec> tl;dr Your best bet for performance improvement is to move to 5GHz
[15:54] <mercutio> oh yes it would have.
[15:54] <brycec> ^
[15:54] <mercutio> nah he's acutally pretty fine
[15:54] <mercutio> you don't have to worry about -80 dBm
[15:55] <mercutio> the signal strength of ~ -35dBm is strong enoguh to fight it pretty well.
[15:55] <mercutio> at least in his current location.  if he moves closer to those access points he may have issues.
[15:55] <mercutio> where 5 ghz may not reach too.
[15:56] <mnathani> I am on channel 5 for 2.4 Ghz and channel 161 for 5 Ghz -31 dBm and -37 dBm respectively
[15:56] <mercutio> i find "outside" to often be the biggest struggle to get to work well.
[15:56] <mercutio> mnathani: i find 5 ghz often gives lower signal strength, and can even give worse speeds, but it doesn't randomly get bad.
[15:56] <mercutio> so is often more consistent in quality.
[15:57] <mercutio> like i've seen random dropouts with 2.4 ghz where it's working well.. working well.. screwed... working ok.. working well.
[15:57] <mercutio> and 5ghz cuts that out
[15:57] <mercutio> i think like when youir neighbours are "idle" it may interfere less.
[15:57] <mnathani> http://imgur.com/Kr2XdC9
[15:57] <mnathani> updated
[15:59] <mercutio> i still have problems outside here on other side of house
[15:59] <mercutio> but even with close ap it was screwed, so i think it's the walls/buiilding
[16:00] <mercutio> yeah that's no better i think
[16:01] <mercutio> i use iperf for testing myself.
[16:01] <BryceBot> That's what she said!!
[16:01] <mercutio> it's a bit of a pita though.
[16:01] <mercutio> on laptops etc you have to run iperf -s
[16:01] <mercutio> then on a linux box do iperf -c <ip of laptop>
[16:01] <mercutio> oh actually do "iperf -s -i 1"
[16:01] <mercutio> and it'll show per second break down
[16:02] <mercutio> because download performance matters more than upload performance normally for wireless devices
[16:04] <mercutio> i still want to try doing 2.4/5ghz at once
[16:04] <mercutio> using 2.4 ghz for upload, and 5ghz for download.  to see what speed i can get
[16:05] <mercutio> if you do half duplex udp pushes over wireless speed can be quite a lot hjigher
[16:15] <mercutio> oh and for web performance using a proxy can help with wireless too, as it clusters stuff together more
[16:22] *** SpeedBus has quit IRC (Ping timeout: 245 seconds)
[17:08] <up_the_irons> mercutio: indeed i was up late last night
[17:20] *** SpeedBus has joined #arpnetworks
[18:13] <brycec> Hopefully, that means you were up late partying :D
[18:39] *** carvite_ has joined #arpnetworks
[19:03] <up_the_irons> just hanging out in #arpnetworks-de with ant until the whiskey came out and I could no longer speak German... ;)
[19:04] <m0unds> whiskey, EH?
[19:04] <m0unds> whiskey sounds good, i'm gonna have to raid my liquor cabinet
[19:12] <up_the_irons> Wild Turkey 101...  technically Bourbon.  Pretty much my go to whiskey and what I ask for if I'm out somewhere...
[19:27] <m0unds> i'm a big fan of blanton's
[19:28] <mercutio> i like mckenna
[19:29] <mercutio> but it's not classy
[21:15] *** zhangxiaobao has joined #arpnetworks
[21:18] <zhangxiaobao> hello, can anybody reach 66.220.18.42, he's ipv6 tunnel server in lax?
[21:20] <mnathani> Pinging 66.220.18.42 with 32 bytes of data:
[21:20] <mnathani> Request timed out.
[21:21] <zhangxiaobao> thanks
[21:27] <zhangxiaobao> now it seems i can ping it, but the tunnel is not working..
[21:40] <mnathani> Username: zhangxiaobao  << Liested as latest Sage Cert
[21:40] <mnathani> s/Liested/Listed
[21:40] <BryceBot> <mnathani> Username: zhangxiaobao  << Listed as latest Sage Cert
[21:56] <brycec> zhangxiaobao: It's known to be down https://tunnelbroker.net/status.php
[21:56] * brycec is so happy not to rely on lax1 anymore :D
[21:57] <brycec> (Nothing against lax1 specifically, just happy not to rely on a tunnel for my VPS
[21:57] <brycec> )
[21:58] <zhangxiaobao> thank you! missed this page
[21:58] <zhangxiaobao> it
[21:58] <zhangxiaobao> it's a very very cheap VPS so i think it's ok
[22:31] <mnathani> now you are listed as latest 10 certs for Sage >> cobryce
[22:31] <mnathani> brycec: ^^
[22:31] <brycec> mnathani: I am?
[22:31] <brycec> I've been Sage for ages.
[22:31] <brycec> Well, months anyways
[22:31] <brycec> Not geological ages.
[22:31] <mnathani> did you log in recently?
[22:31] <brycec> Yes
[22:31] <mnathani> perhaps it is updating based on last login
[22:32] <brycec> Seems like it.
[22:57] *** zhangxiaobao3 has joined #arpnetworks
[23:00] *** zhangxiaobao has quit IRC (Ping timeout: 246 seconds)
[23:03] *** zhangxiaobao3 has quit IRC (Remote host closed the connection)
[23:29] *** zhangxiaobao has joined #arpnetworks