I have wanted to upgrade my network for a while and a recent event finally made me do it. I received a notice from my shit ISP indicating I was approaching my monthly cap, just 5 days into the month. I was using two Nighthawks, the RAX120 and AX6, two of the most absolute, piece of shit routers from day one, that have ever been created in the fucking universe, BTW. I checked my PoS network and notices some crazy traffic coming from somewhere but couldn't really get much info. This was really my fault running these two POS routers in the first place and not really having much else in place but here I am.

All of that to say, I'm not really a networking person and I wanted to get some feedback on my “upgraded” system. I don't mind tinkering with the network and learning more about networking in general so, anything technical is fine with me.

Here are some of the details with a diagram of my layout. Again, not a network person so, sorry for the shit diagram.

** Main House**

• 2200 s

Hi all. Hoping someone can answer my question. I've set up a surfshark open VPN client on my home router (an Asus AX8) but it's causing me some issues.

I live in the UK and my kid loves watching cartoons on the BBC through our smart TV. Because the BBC app is location locked to the UK it doesn't work with the VPN on, and even when I've turned the VPN off in the router settings, my location seems to jump around all over the place, and I've confirmed this with IP location searches.

I'm aware I could run VPNs on every other device, but I'd really like to put my entire network behind the VPN (other than the TV) if possible. Is there a way of creating an exception for my TV so that it can bypass the VPN? If so can anyone advise how to do it? OR is there a way of location locking my VPN to show as being within the UK? Normally apps on my devices I can choose where I'm located, that doesn't seem to be an option on the router.

Any advice appreciated! Thanks!

Purely a curiosity on my part... But has anyone ever looked at how their Microsoft Teams calls get routed? During Teams calls I'll check OpenWrt to see the endpoint IP I'm sending all my traffic to, then do a traceroute to that IP. So far, I think, it's always been a bizarre path.

For instance, today:

 undefined

    
$ tracepath 52.115.76.111
 1?: [LOCALHOST]                      pmtu 1500
 1:  OpenWrt.lan                                           1.200ms 
 1:  OpenWrt.lan                                           1.511ms 
 2:  ...                              15.008ms 
 3:  ...                            18.429ms asymm  4 
 4:  ...                            22.477ms asymm  5 
 5:  six2.microsoft.com                                   39.117ms asymm  6 
 6:  ae32-0.icr02.mwh01.ntwk.msn.net                      40.610ms 
 7:  be-162-0.ibr04.mwh01.ntwk.msn.net                   190.062ms asymm 15 
 8:  be-2-0.ibr04.fra30.ntwk.msn.net                      78.997ms asymm 12 
 9:  be-8-0.ibr02.dsm05.n
  

First, a caveat: I'm not running pure DD-WRT, but a GL-iNet router that has some UI shim (and possibly other stuff) running on top of DD-WRT.

The issue I'm seeking help on is that I am seeing odd behavior with client resolution, where sometimes lan device names will resolve, and sometimes they won't. When they won't, there's a thing I can do in the UI and it'll start working again for a while, until it doesn't.

The other variable is that I've got all outbound traffic going through a VPN, and DNS servers configured by the VPN. This does, and always has, worked, and DNS tests always confirm that external DNS requests are going to those servers.

The issue is that I want all LAN hosts to resolve using the leases. And sometimes this works, but sometimes it stops working and LAN hosts don't resolve. I can fix this by toggling the "DNS Server Settings" between "DNS Proxy" with the IP of the router as the proxy, and "Automatic" (which, it appears to me, just sets resolution to the VPN setti

https://help.ui.com/hc/en-us/articles/115003173168-Zone-Based-Firewalls-in-UniFi

ZBF looks really cool! I watched this video, and rushed to try it... only to discover my UXG Pro hasn't been released yet. I feel like a kid who found out Christmas has been delayed due to warm weather!

Goals: Find a router with at least 2 2.5gb ports with a long software support (5+ years)

List of Custom firmware's updated & relevant in 2024

1. OpenWrt
2. DD-WRT
3. FreshTomato (Searched compatible HW (https://wiki.freshtomato.org/doku.php/hardware_compatibility), no matches)
4. AUSU only: Asuswrt-Merlin https://asuswrt-merlin.net/ && https://github.com/gnuton/asuswrt-merlin.ng

Good list https://www.reddit.com/r/openwrt/comments/1gs0qgi/wifi_6_router_options_with_25gbe_ports/

1. GL.iNet GL-MT6000(Flint 2) $159.00 https://www.amazon.com/GL-iNet-GL-MT6000-Multi-Gig-Connectivity-WireGuard/dp/B0CP7S3117 OpenWrt
2. ROG Rapture GT-AX6000 Dual 2.5G WAN/LAN Ports, $215 Asuswrt-Merlin
3. ASUS RT-AX88U PRO AX6000 $220 Asuswrt-Merlin
4. TP-LINK TL-XTR8488 Turbo AX8400 $254 https://www.aliexpress.us/item/3256807531774383.html OpenWRT's https://openwrt.org/toh/views/toh_available_16128_ax-wifi
5. Sinovoip Banana

Basically I wanna have a Banana Pi BPi-R4 as my home router running OpenWRT and have a UniFi U6+ plugged in to act as my AP.

Can anyone foresee any problems with such a setup. Basically gonna have my homelab and TV stuff all running through the setup. So everything from Home Assistant to Navidrome to Jellyfin to Immich, etc, etc.

I found this a very interesting look at the current tools and techniques available to reduce reliance on IPv4 and NATs. While I don't foresee IPv4 going away any time soon, and I'm not sure IPv6 is an improvement per se, I do like to tinker with IPv6 in the home LAN.

(Edit: to be clear, I am not the author.)

TLDR: Why do so many routers support >1Gbit/s on their WiFi while only having 1Gbit/s ethernet interfaces?

So, I've been upgrading parts of my home setup and have a router (without AP) that has 2.5G interfaces. My PC also has a 2.5G interface, but that only going to the router is kinda useless (the ISP offers 1G).

The place my PC is at is also a good position for an AP. So, I went looking for a cheap second hand wifi router and stumbled upon quite a few that were boasting >1G connection speeds, not only AX but also AC. Now I know this is often a combined theoretical Max, but still a lot offer >1G for the single band.

The vast majority of these routers, though, have 1G Ethernet ports. Putting that between my PC and router reduces that linkspeed and I can't actually reach over 1G for the WiFi devices as well. Why would you sell a product like that. Undoubtedly those radio's were more expensive but their in a package that can't fully utilize them. I can think of some reasons: marketing

I'm looking to replace my old Netgear Nighthawk with a new router. Currently my house does have some dead zones which we make up for using a powerline. But the powerline isn't always stable and we have to switch wifi networks depending on where we are in the house.

My question is, is it better to get a mesh network or a standard router with either range extenders (ex: TP-Link OneMesh) or mesh features (ex: Asus AiMesh)? I couldn't really find any article that listed the differences between mesh routers and standard routers with extendable features. They only compare mesh routers with standard routers.

More info:

Preferably, I would like to go with the standard router for the higher speeds and extra ports but I'm afraid that won't solve our dead zone issues. Also, buying two or three standard routers is way more expensive than a mesh network with multiple satellites.

Speed and signal strength are important for me since both I and my brother WFH and do online gaming. Unfortunat

Hello, For some context I am moving into my first home. I am looking for a network solution to use and will last a long time. My original idea was just getting a new wifi 7 router maybe a gaming one since gaming is my passion but I got talking to my friend and he has a ubiquity Dream Machine and talks really highly about it and I would love this/something similar to it. He showed me all the features it does and the layout of the UI etc. Being able to add security cameras to it and such is something I very much so want a long with a lot of the other things it can do. I am good with technology I am a software engineer and I currently have things such as netalertX and adguard home running on a mesh network so I can and would be willing to set things up.

Is this the only only type of device that does this kind of thing or are there others? Any suggestions or alternatives I like to look at option

I just fought getting a 3rd party range extender working and wanted to share what I learned.

Equipment:

Macard re1200 range extender and Gigaspire blast u4 GS2028E router

After setup of the Macard extender, all 3 lights were solid green meaning that it connected and authenticated to the router. However, devices connected (wirelessly) to the macard could not access the internet.

What I found that fixed it was I had to enable the "ARP spoofing" security flag in the Gigaspire's settings. The initial user ID and password are printed on the label on the back of the router so use that to log in.

I created a whitelist access profile. That ensures that the whole WAN is blocked except what is exceptionally whitelisted. I started with an empty whitelist. The LAN is rightfully accessible and the WAN is rightfully inaccessible.

The router does not use DSL. Instead, it uses a USB mobile broadband LTE modem. The modem has its own website which gives SMS capability. The modem is technically upstream to the router, so it is blocked when the WAN blocking profile is enabled. I want to whitelist the modem so that when I am blocking WAN access I can still reach the web UI of the modem and monitor SMS msgs.

Fritzbox is designed so that all attempts to directly access an IP is blocked if whitelisting is in play. IP addresses cannot be whitelisted, only URLs using FQDNs. So I did “nslookup 10.10.50.8” to get the hostname of the modem. Then I whitelisted the hostname. That does not work. The modem is still blocked.

Was looking into this today and this video came up, so thought I'd share

Summary:

This video is about securing Cloudflare tunnels with VLANs and an internal firewall.

The speaker, Jim, argues that while Cloudflare tunnels are a great technology, they can introduce security risks because all the traffic that comes into your network is visible to Cloudflare. To mitigate these risks, Jim suggests segmenting your internal network and adding extra layers of security.

Here are the key steps to secure Cloudflare tunnels with VLANs and an internal firewall according to Jim:

• Create a Mac VLAN for the Cloudflare tunnel. This will isolate the traffic coming from the tunnel from the rest of your network.
• Add an internal firewall rule to allow traffic only from the Mac VLAN to the specific port where your service is running. This will restrict the Cloudflare tunnel's access to only the resources it needs.
• Configure your firewall to perform IDS/IPS on the traffic coming

cross-posted from: https://lazysoci.al/post/13500180

I have the Pi-Hole acting as the DHCP server and DNS server too and this works fine for 23 hours and then it flops and I don't understand why.

Basically after 24 hours, all devices just disconnect from the router and when I try and reconnect them, they say they're unable to get an IP address.

But before they drop connection, they all report the DNS server as the Pi-Hole.

If I change my DHCP to static and connect to my router, I see that the Pi-Hole is still connected with its static IP just fine.

If I factory reset the router and then add the same SSID and password, the Pi-Hole automatically reconnects and then all devices can reconnect again, so I'm unsure what the issue is.

Can someone break this down. I feel stupid for not understanding what's happening here.

Hopefully I am in the right community.

So I have a router, a TP Link Archer AX53, nice router. I wanted to improve the signal in my room and bought a TP link Deco X10. So CAT 6 cable to my room, connect my router and deco.

I thought this might just be a quick tick to add the deco as a mesh device and boom problem sorted.

Now I know this is not a simple WiFi 6 mesh setup, seems like the deco and archer modem does not work together, they make their individual network points.

Does anyone know a solution or am I stuck with two networks. Not end of the world but would have been nice if it can be one mesh network

I didn't even know cat 8 cabling was a thing.