| ↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |
| Who | What | When |
|---|---|---|
| *** | reardencode has joined #arpnetworks | [07:54] |
| ............................................ (idle for 3h38mn) | ||
| brycec is now known as bryces_mom
bryces_mom is now known as brycec | [11:32] | |
| ...................................................................................... (idle for 7h7mn) | ||
| mus1cbox has joined #arpnetworks | [18:39] | |
| mus1cbox | can anyone think of why all of a sudden i started getting port 22: Connection refused when trying to ssh into my vps?
i haven't made any recent pf rule changes, and i can ping it | [18:39] |
| *** | dj_goku_ has joined #arpnetworks
dj_goku_ has quit IRC (Changing host) dj_goku_ has joined #arpnetworks | [18:45] |
| dj_goku has quit IRC (*.net *.split) | [18:53] | |
| ..... (idle for 21mn) | ||
| novae has left | [19:14] | |
| RandalSchwartz | linux?
some linux are set up with an autothrottle... too many failures and the port is shut down for a while. that's part of why I don't run sshd on 22 any more I use a high port it's too expensive to do a full netscan on high ports to see if there's an sshd when so many people run them on 22 | [19:24] |
| mercutio | i don't think it usually connection refuses, i think it usually just accepts and disconnects?
there may be ssh rate limit though | [19:30] |
| up_the_irons | mus1cbox: http://support.arpnetworks.com/kb/main/is-there-a-firewall-filter-rate-limit-or-similar-device-applied-to-my-traffic | [19:32] |
| mercutio | hmm that's per ip, so he'd have to be doing 15 connections within 60 seconds from his ip to hit that.
you can actually easily configure opensshd to listen on multiple ports too | [19:33] |
| RandalSchwartz | Yup
I just stopped listening to 22 because I was tired of, as Steve Gibson puts it, listening to the "background radiation" of the net | [19:41] |
| mercutio | i prefer ip acl's. | [19:43] |
| RandalSchwartz | if I ever knew where I was sshing from... sure. | [19:44] |
| mercutio | well yeah it doesn't work if you ssh from random locaitons | [19:45] |
| RandalSchwartz | "nomad" is my middle name
which looks weird on my passport yes. | [19:45] |
| mercutio | then maybe running on port 443 would help you | [19:46] |
| RandalSchwartz | yeah, I actually do that for one box
so I can tunnel through https firewall | [19:47] |
| mercutio | i'm dumping on an unused ip
i haven't seen anything yet | [19:47] |
| RandalSchwartz | CONNECT some.box:443 | [19:47] |
| mercutio | dropbears easy bouncing can be handy | [19:47] |
| RandalSchwartz | socat can do it on the command line :) | [19:48] |
| mercutio | telnet scan
from turkey. then sip scan from US open sip server is scarier than open ssh server. | [19:50] |
| *** | dj_goku_ has quit IRC (Ping timeout: 245 seconds) | [20:02] |
| dj_goku has joined #arpnetworks | [20:07] | |
| dj_goku has quit IRC (Ping timeout: 246 seconds) | [20:15] | |
| .... (idle for 16mn) | ||
| dj_goku has joined #arpnetworks
dj_goku has quit IRC (Changing host) dj_goku has joined #arpnetworks | [20:31] | |
| dj_goku has quit IRC (Read error: No route to host) | [20:42] | |
| dj_goku has joined #arpnetworks
dj_goku has quit IRC (Changing host) dj_goku has joined #arpnetworks | [20:47] | |
| mnathani_ | Does any of this mean my unmanaged / dumb switch has spanning tree? 802.3, 802.3u, 802.3ab, 802.3x, 802.1P
also 802.1P QoS | [20:49] |
| .... (idle for 15mn) | ||
| *** | dj_goku has quit IRC (Ping timeout: 244 seconds)
dj_goku has joined #arpnetworks dj_goku has quit IRC (Changing host) dj_goku has joined #arpnetworks | [21:04] |
| mercutio | don't think so
having qos seems curious though http://en.wikipedia.org/wiki/IEEE_802.1D | [21:12] |
| BryceBot | IEEE 802.1D :: 802.1D is the IEEE MAC Bridges standard which includes Bridging, Spanning Tree and others. It is standardized by the IEEE 802.1 working group. It includes details specific to linking many of the other 802 projects including the widely deployed 802.3 (ethernet), 802.11 (Wi-Fi) and 802.16 (WiMax) standards. VLAN (virtual LAN) is not part of 802.1D, but specified in 802.1Q. Publishing history: 1990 — Original publication... | [21:15] |
| mercutio | think that's what you're looknuig for | [21:15] |
| .... (idle for 16mn) | ||
| mnathani_ | mercutio: thanks | [21:31] |
| mercutio | mnathani_: you shouldn't need stp anyway. | [21:32] |
| mnathani_ | I like loop detection / automatic blockiing | [21:38] |
| mercutio | does it do snmp? | [21:39] |
| mnathani_ | doubt it | [21:39] |
| mercutio | maybe you can trigger on high packet counts.
i suppose you could awlays get a manged switch | [21:39] |
| mnathani_ | it cost like $35 - 8 port gigabit unmanaged | [21:39] |
| mercutio | i'm using a cheap managed switch that has stp | [21:39] |
| mnathani_ | brand? | [21:39] |
| mercutio | edgecore
ECS2000-26T there's a few similar ones to that though fanless 24 port gigabit+2 sfp low power usage, minimal management | [21:41] |
| mnathani_ | http://www.edge-core.com/ProdDtl.asp?sno=393&ECS4210-28T
I was going to guess ^ | [21:43] |
| mercutio | i think the one you linked is newer
http://www.amazon.com/Cisco-SG200-26-Ethernet-Mini-GBIC-SLM2024T/dp/B004GHMU5G/ref=sr_1_2?ie=UTF8&qid=1423719865&sr=8-2&keywords=26++port+managed+switch | [21:44] |
| BryceBot | Amazon: "Cisco SG200-26 Gigabit Ethernet Smart Switch with 24 10/100/1000 Ports and 2 Combo Mini-GBIC Ports (SLM2024T)" | [21:46] |
| mercutio | i think that does stp
maybe the 8 port one does even oh i can do sflow huh it has upnp too why would upnp be ona layer 2 switch? wow it even has dual firmware versions on it | [21:46] |
| http://www.edge-core.com/qapage.asp?sno=138
that's kind of cool not that i need it | [22:01] | |
| mnathani_ | your Amazon switch: Shipping: Currently, item can be shipped only within the U.S. | [22:04] |
| mercutio | which item was that? | [22:04] |
| mnathani_ | Cisco SG200-26 Gigabit Ethernet Smart Switch | [22:04] |
| mercutio | there's cheap ram on amazon atm btw
ahh did you want that many ports? | [22:04] |
| mnathani_ | 16 should be plenty | [22:05] |
| mercutio | did you want sfp? | [22:05] |
| mnathani_ | no need for sfp | [22:05] |
| mercutio | http://www.amazon.com/TP-LINK-TL-SG3210-10-port-Pure-Gigabit-1000Mbps/dp/B006B7R3YC/ref=sr_1_11?ie=UTF8&qid=1423721081&sr=8-11&keywords=managed+switch | [22:06] |
| BryceBot | Amazon: "TP-LINK TL-SG3210 10-port Pure-Gigabit L2 Managed Switch, 8 10/100/1000Mbps ports, 2 Gigabit SFP slots" | [22:06] |
| mercutio | this switch is cheaper | [22:06] |
| mnathani_ | however my mikrotik came with one sfp | [22:06] |
| BryceBot | That's what she said!! | [22:06] |
| mercutio | dunno if that hips to you
it doesn't ship to me you can use direct attach cables for like $10 but limited length so yeah there's a few options for cheapish managed switches now they usually have terrible interfaces but if you just setup and forget it's probably a non issue really | [22:06] |
| mnathani_ | this is the one I have now: http://www.amazon.com/dp/B00A121WN6/ref=psdc_281414_t3_B006B7R3YC | [22:07] |
| BryceBot | Amazon: "TP-LINK TL-SG108 8-Port 10/100/1000Mbps Desktop Gigabit Steel Cased Switch, IEEE 802.1p QoS, Up to 72% Power Saving" | [22:07] |
| mercutio | it used to be that all the managed switches had fans
which put me off because tehy're always tiny fans that has tiny buffer you'll probably find most managed switches have slightly bigger buffers and it used to be only netgear had cheap managed switch then they had a newer version which was worse | [22:08] |
| mnathani_ | whats the highest throughput one can expect across a gigabit link - server to server? | [22:11] |
| mercutio | i get a little over 970 megabit i think
with linux to linux but i disable tcp time stamps but yeah with 1.5k mtu it's around 970 megabit. i seem to recall at least. | [22:11] |
| mnathani_ | @wa 970 megabits per second to megabytes per second | [22:12] |
| mercutio | some ethernets do lower | [22:12] |
| BryceBot | convert 970 Mb/s (megabits per second) to megabytes per second;121.3 MB/s (megabytes per second);0.97 Gb/s (gigabits per second);9.7×10^8 b/s (bits per second);~~ 0.78 × OC24 speed ( 1.244×10^9 b/s );~~ 0.97 × 1000BASE-T speed ( 1 Gb/s );~~ OC18 speed ( 9.331×10^8 b/s );information rate;[time]^(-1) [information];Time to transfer 1 gigabyte:, ->8.2 seconds, ->0.14 minutes;Time to transfer 1 terabyte:, ->8247 seconds, ->137 minu | [22:12] |
| mercutio | err some cards
[ 4] 0.0-10.0 sec 1.09 GBytes 938 Mbits/sec this is one random test maybe i had higher mtu | [22:12] |
| mnathani_ | @wa 938 megabits per second to megabytes per second | [22:13] |
| BryceBot | convert 938 Mb/s (megabits per second) to megabytes per second;117.3 MB/s (megabytes per second);0.938 Gb/s (gigabits per second);9.38×10^8 b/s (bits per second);~~ 0.94 × 1000BASE-T speed ( 1 Gb/s );~~ OC18 speed ( 9.331×10^8 b/s );~~ 1.2 × FireWire (IEEE 1394b) 800 speed ( 786432 kb/s );information rate;[time]^(-1) [information];Time to transfer 1 gigabyte:, ->8.5 seconds, ->0.14 minutes;Time to transfer 1 terabyte:, ->8529 se | [22:13] |
| mercutio | i used to think ethernet had higher latency than it does.
but a lot of it's the cards, computer etc. like you can do 50 micro seconds latency for ethernet but it's still common to see over 0.1 msec on intel cards changing ethtool can help and linux's scheduling seems to help with ping -f realtek don't do colaescing so lower delay, and higher overhead. but anyway, at high speeds it's easy to get a drop in performance from packet loss and larger queue sizes can decrease the chance of that happening, but can also increase jitter but you can use fq_codel in linux to not go faster than gig and so point to ponit is fine but multi point to point can still suck it only matters if you're sharing between file server and internet on the pipe and you can always just rate limit file server to 900 megabit or something http://www.amazon.com/Cisco-SG200-26-Ethernet-Mini-GBIC-SLM2024T/dp/B004GHMU5G/ref=sr_1_2?ie=UTF8&qid=1423719865&sr=8-2&keywords=26++port+managed+switch | [22:13] |
| BryceBot | Amazon: "Cisco SG200-26 Gigabit Ethernet Smart Switch with 24 10/100/1000 Ports and 2 Combo Mini-GBIC Ports (SLM2024T)" | [22:21] |
| mercutio | this says it ships to me
oh it doesn't link the 8 port i mean the $88.99 one adn it seems to suggest it still supports stp on cisco's site but amazon comments semeed to suggest annoying firmware issues http://www.amazon.com/NETGEAR-ProSAFE-GS108T-Gigabit-1000Mbps/dp/B003KP8VSK/ref=pd_cp_e_2 | [22:21] |
| BryceBot | Amazon: "NETGEAR ProSAFE GS108T 8-Port Gigabit Smart Switch 10/100/1000Mbps" | [22:24] |
| mercutio | even this says stp support | [22:24] |
| mnathani_ | lol @ "2)Breaking UDP is unacceptable, as its widely used." | [22:25] |
| BryceBot | That's what she said!! | [22:25] |
| mercutio | but it's netgear so it may be crap
yeah i hadn't notice that when i mentioned it mnathani_ :) i assumei t's one of their linksys products. | [22:25] |
| mnathani_ | why would they deliberately cheapen their brand by using the cisco name on inferior products? | [22:26] |
| mercutio | i dunno
do you remember how bad linksys modems were? maybe they weren't around there but they were terrible here. but the linksys phones were fine. | [22:26] |
| mnathani_ | all I seem to recall Linksys related were there wrt54 line of wireless routers | [22:27] |
| mercutio | newegg rates that netgear switch low
the ones that overheated? and people ranted and raved about being able to run custom firmware. the default firmware sucked :/ tp-link routers have terrible firmware too. but their hardware seems to be "surprisingly good" and their price is always great. i took a gamble with my switch there were like no reviews around http://www.amazon.com/TP-LINK-TL-SG108E-8-Port-Gigabit-Tag-Based/dp/B00K4DS5KU/ref=sr_1_33?s=pc&ie=UTF8&qid=1423722704&sr=1-33 | [22:27] |
| BryceBot | Amazon: "TP-LINK TL-SG108E 8-Port Gigabit Easy Smart Switch with 8 10/100/1000 Mbps RJ45 Ports, MTU/Port/Tag-Based VLAN, QoS and IGMP" | [22:33] |
| mercutio | that says it has loop protection too
hangon isn't that what you had | [22:33] |
| mnathani_ | TP-LINK TL-SG108
no E at the end | [22:33] |
| mercutio | ahh
yeh so it still has short queue length but it allows port mirroring and loop protection | [22:34] |
| mnathani_ | the one you linked?
or the one I have | [22:35] |
| mercutio | 108E
there's table down the bottom it includes your one too it doesn't have a web based gui too i don't think it supports lacp either i don't know if you want to do lacp http://www.amazon.com/dp/B009LEJJM6/ref=psdc_281414_t3_B00K4DS67C | [22:35] |
| BryceBot | Amazon: "TP-LINK TL-SG2216 16-Port Gigabit Smart Switch with 2 Combo SFP Slots, 802.1Q VLAN, L2/L3/L4 QoS, IGMP Snooping, Port Security, Storm Control, Web-based Management" | [22:36] |
| mercutio | what about this one? | [22:36] |
| mnathani_ | I like that one
managed, gigabit, under $200 | [22:37] |
| mercutio | it also does port mirroring
and snmp lacp i can't see sflow support :/ | [22:37] |
| mnathani_ | is sflow kind of like netflow? | [22:39] |
| mercutio | yeah
except it's not usually every packet oh rmon is like sflow too apparently oh but it doesn't do the useful groups :/ | [22:39] |
| mnathani_ | can windows do lacp / link aggregation | [22:41] |
| mercutio | yeah
but you need two connections normally | [22:41] |
| mnathani_ | server OS only? | [22:42] |
| mercutio | don't think so
http://hardforum.com/showthread.php?t=1762818 so yeah you need proper network drivers. oh the switch can store a network key :) for ssh | [22:42] |
| mnathani_ | nice | [22:43] |
| mercutio | http://www.tp-link.com/resources/document/TL-SG2216_V2_UG.pdf
hmm it can do dhcp filtering too | [22:44] |
| mnathani_ | the doc / manual is quite extensive | [22:47] |
| mercutio | they're all like that | [22:48] |
| mnathani_ | explains stuff + theory with diagrams etc | [22:48] |
| mercutio | one guy was complaining about vxworks having security vulnerabilities
but i think most of them are like that too oh my switch has ssh too Welcome to Vitesse Command Line Interface (v1.0). dunno what that is :) | [22:48] |
| brycec | FWIW I have a TP-Link TL-SG2424 I've been quite happy with. | [22:53] |
| mercutio | is that the same series? | [22:53] |
| brycec | (24 GbE w/4 SFP, fully managed, etc) | [22:53] |
| mercutio | dyeah looks same specs but sfp | [22:54] |
| brycec | I'd say a similar series | [22:54] |
| mercutio | oh and still fanless
brycec: how bad is the web interface? | [22:54] |
| brycec | mercutio: It's meh
No worse than netgear's | [22:54] |
| mercutio | that's not saying anything :)
netgear are bottomo f the barrel :) | [22:55] |
| brycec | I prefer it to its commandline, but that's not saying much either. | [22:55] |
| mercutio | heh
but stability is fine? | [22:55] |
| brycec | I'd disagree, but the only managed switches I've ever admin'd were Netgear (7326 and 7?24) and this TP-Link
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (1099870606) 127 days, 7:11:46.06 | [22:55] |
| mercutio | ahh you're doing snmp to it :) | [22:56] |
| brycec | (I am because otherwise I'd have to proxy to get to its web interface, but I have ssh on a machine local to it) | [22:56] |
| mercutio | oh the web interface says uptime
System Uptime217d 18:37:03 my computers definitely have lower uptime than that :) | [22:57] |
| brycec | It's crashed just once in its 1+ years. It was overloaded due to a loop I'd introduced, before I'd setup loop detection / rSTP | [22:57] |
| mercutio | i've only used one buggy switch | [22:58] |
| brycec | (And that was on a previous firmware too) | [22:58] |
| mercutio | and it would bug out again and again
but only when configing things was still damn annoying it was to do with vlan config heh i saw my switch has new firmware, but no changelog i'm not really racing to update it | [22:58] |
| brycec | This switch isn't doing too much, bunch of vlan tagging, igmp snooping (both v4 and v6), basic broadcast throttling and STP / loop detection (off the top of my head) | [22:59] |
| mercutio | yeah most people don't even use vlans | [23:00] |
| brycec | I like the TP-link has native ipv6 support | [23:00] |
| mercutio | i'm not using vlans atm | [23:00] |
| brycec | brycec <3 VLANs | [23:00] |
| mercutio | for management? | [23:00] |
| brycec | Even for such simple things as wifi network as guests, all of that ssid traffic is pushed to a dedicated vlan | [23:00] |
| mercutio | hmm
yeah that's a nice idea i wonder if i can do that | [23:00] |
| brycec | I don't see why not.. but I have no idea what equipment you have :P | [23:01] |
| mercutio | tp-link ac1750
i can't see it i could just use separate router for guest wireless | [23:01] |
| brycec | Is this at all relevant? http://www.tp-link.com/en/article/?faqid=418 | [23:04] |
| mercutio | well yeah i saw that
but i can't see anything like that in the web ui :) i could just stick openwrt on it :) i have it on the secondary anyway | [23:04] |
| brycec | Well then ditch the stock fw and put something like openwrt on it :p
lol | [23:04] |
| *** | jlgaddis has quit IRC (Ping timeout: 250 seconds)
jlgaddis has joined #arpnetworks | [23:05] |
| vissborg has quit IRC (Remote host closed the connection)
vissborg has joined #arpnetworks | [23:13] | |
| mercutio | apparently cisco has announced 2.5 gigabit ethernet support now
http://www.cisco.com/c/dam/en/us/solutions/collateral/enterprise-networks/catalyst-multigigabit-switching/multigigabit-ethernet-technology.pdf | [23:17] |
| ↑back Search ←Prev date Next date→ Show only urls | (Click on time to select a line by its url) |