Background: I have a cellular ISP and therefore cannot configure the CGNAT. After burning through some dumb ideas (free reverse proxy, docker) I realized I could just use my paid VPN.

My setup is as follows: on the VPN server create a tunnel to AirVPN and start the openvpn daemon. This creates tun0 and tun1 with their own 10.x.x.x/24 subnets. The home network has 192.168.12.0/24.

It's possible to troubleshoot the MTU with ping -M do -s xxxx y.y.y.y to the VPN public address and test TCP/UDP sockets with nc -l -u -p 1194 .

I'm not sure if the MTU is variable across servers, but for the server I am on now ping -M do -s 1432 x.x.x.x is the biggest I can get a response from. 1432+20+8=1460 bytes.

Regardless, connecting to the home VPN through the AirVPN link still causes breakage. Discord seems to be what isn't working, mostly. Everything else has 200 ms latency as expected and not everything pings correctly. Rarely it will tell me the MTU has to be adjusted, sometimes te

What if we could reinvent networking from the ground up—no collisions, no IPv4 exhaustion, no centralized configuration—just a clean, scalable, self-managing system? Introducing Orbula: a fresh protocol built on logical-ring/physical-star topology using standard CAT6 cabling.

Each host connects through a relay-style device that seamlessly links it into a ring when powered and ready. Nodes communicate using simple but powerful hardware signals: "Clear to Send" and "Packet Ready" lines coordinate direct neighbor-to-neighbor transmission, eliminating contention and packet collision entirely. No CSMA. No waiting for a token. Just smooth, orderly flow.

Addresses are built from a pair—your MAC and your gateway’s MAC—making each node’s identity globally unique and routing-friendly. Gateways stitch rings into higher-level rings, forming a natural hierarchy (Department → Company → City → Region → Global), avoiding routing loops and allowing fast, fixed-size packet forwarding (e.g., 1MB fixed-

Hi all

For the past couple of years I have been running a Raspberry Pi4 with PiHole and PiVPN. Both of which I'm very satisfied with. My ISP recently changed the IP address assigned to me, this doesn't happen often but did cause my VPN profiles to no longer work. Simply changing the end IP address in the VPN config does not work so the configs had to be remade entirely. If this happens again and I am not near home, what would be a way to regain access? Can that be done remotely?

I am concerned with the possibility that my IP changes while I'm on a vacation and then lose access to my NAS and other home systems with no way to get it back until after.

I am considering a script that generates a new config file and sends it over email when I send a specific text to a phone, that could work. Is this over engineered? Something like a deadman switch could work too.

Thanks!

I will be moving into a new house in a few weeks. It's an older house (built in the 60s) and hasn't had much updates in terms of wiring. I want to be able to run a hardwire cable to each bedroom to maximize my Internet performance. My wife works from home and I'm hybrid, so I want to ensure we're not just flying on WiFi.

Are there any resources or how tos that can give me some information on where to start? What to look for? What to do first?

I'm struggling with figuring out what I should try to tackle. Should I just run an Ethernet line to the room that's an office and start there? Or is there some well thought out approach I can make?

I know this is probably vague, but any assistance would be appreciated.

A weird and disturbing thing is happening on my home network. I'd like some advice on how to diagnose it. My mastodon host (chaos.social) keeps blocking my IP address. I reached out to the admins and they told me it's because they are getting HTTP requests with user agent string claiming it's a Google bot. They shared a following log line with me.

[12/Mar/2025:08:55:14 +0100] my.ipv4.add.ress "GET /@lazurski HTTP/2.0" 403 Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)

It is my IP address indeed, and the path is pointing to my profile, so it's not random. It also happened while I was browsing Mastodon using Firefox on my laptop. The 403 response is strange, as I was logged in and also my profile is public and viewing it doesn't require authentication. Maybe they blocked it because of the bot signature?

I have no idea what can be making these requests. Certainly not anything I run on purpose. My Firefox uses it's standard user agent header. At home I have a

I have an off-grid setup with a few devices on a local network that is not connected to the internet. I can tell my iPhone to use the non-internet wireless LAN to talk to those devices, OR I can tell it to use cellular data to talk to the Internet, but there’s no config on the iPhone side to let them be both live at the same time.

Is there any magic config on a wireless router e.g. certain DHCP settings or just disable DHCP, that will let the iPhone route to static 10.x IPs on the WLAN while the cellular internet is still active?

Any “advanced network settings” on the iPhone to manage multiple NICs?

Would it be unwise to make my file server (SSH only) machine (also runs a Minecraft server, And From time to time runs RSTS/E under simh) a tailscale router node to allow my traveling notebood access to the network when I am away?

Hi! I'm new here and hope to get some help.

For at least 5 hours today I can't connect to https://chaos.social/ (the Mastodon server I'm on). Firefox gives me:

  text

    
Unable to connect

Firefox can’t establish a connection to the server at chaos.social.

    The site could be temporarily unavailable or too busy. Try again in a few moments.
    If you are unable to load any pages, check your computer’s network connection.
    If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the web.

  

From curl I'm getting:

  text

    
$ curl --ipv4 --verbose https://chaos.social/
* Host chaos.social:443 was resolved.
* IPv6: (none)
* IPv4: 5.9.119.202
*   Trying 5.9.119.202:443...
* connect to 5.9.119.202 port 443 from 192.168.1.45 port 40188 failed: Connection refused
* Failed to connect to chaos.social port 443 after 21 ms: Could not connect to server
* closing connection #0
curl: (7) Failed to connect to chaos.social port 443 after 2
  

some Debian flavors have this built into the WiFi GUI, but I'd like to learn a more generic option in the CLI or config files

sorry for the noob question, thanks for reading

I'm looking to automate/script my pfsense wireguard tunnels so that each wireguard tunnel only goes up if there are one or more clients connected to the subnet associated with that tunnel and goes down once all clients have disconnected. I was wondering if there is already a plugin that accomplishes this or can be adapted, otherwise what is best practice for running scripts on the pfsense box?

My initial thought was to have a cronjob monitor the various DHCP servers for each subnet, then initiate a script to connect the associated wireguard tunnel if it detects any active DHCP leases on that subnet.

I have multiple subnets on this box, each with it's own wireguard gateway. I like the idea of only making the VPN connection if there is a client calling for it.

I'm self studying for a server+ cert and ran into this paragraph. Am I right that CPU time is a set of ticks utilized, the CPU Capacity is the total capacity, and the CPU usage is the percentage of ticks:capacity?

I have been making notes from this chapter, and the more I get into it the more I seem to find things like this that seem slightly off.

Does anyone have a physical copy of the 2ed McMillan CompTia Server+ study guide I can compare against? I feel like someone is messing with me.

In theory it is a open standard...

Hi all, looking for some guidance on getting wired networking upstairs to my pcs.

Currently I have my internet connection coming in downstairs. Without running cables upstairs is it possible to connect something to my existing wifi network and then break it out to to ethernet?

Any help much appreciated.

cross-posted from: https://programming.dev/post/24356655

Hi,

I would like to forward packets that come from a wireguard connection to a local subnet

environment

• Client: connected to server trough wireguard IP 192.168.X.2
• server: connected to Client trough wireguard IP 192.168.X.1 and 192.168.Y.1 ( it's not systemd free ¯(ツ)/¯  )
• aMachine: on the same subnet as server IP 192.168.Y.2

   

on the server I've done

 bash

    
#I don't know if this is necessary ?
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sysctl --system

  

I've added the following rule to my nftables config but it seem the packet get lost ?

 nft

    
#added inside existing table `table ip Tip {}`
chain chPreRoute {
type nat hook prerouting priority 0; policy accept;
iif wg0 icmp type echo-request dnat to 192.168.Y.2
}

  

I needed to connect two buildings and was having machines in to dig a 4' (1.2m) deep trench between them for a water line so I went to Amazon and bought a 250' (76m) pre-terminated copper Cat6 cable. As I was going to be burying it I wanted to be sure it worked, so I used it as a "fly lead" for my laptop for a week or two first and it worked fine. I know it initially connected at 1Gbps, but (stupidly) I can't be 100% certain it stayed at full speed the whole time.

Now that it's buried I'm only getting 100Mbit/s. It does sometimes connect at 1Gbit/s, but it later falls back to 100Mbit/s. I have an old Cisco SG300-10P on one end and a Ubiquiti Edge Router X on the other. I disabled 802.3 Energy Efficient Ethernet (EEE) on the Cisco and, as expected, it made no difference. The Cisco has built in cable test capability and it says I have an 84m open cable on all pairs - even when connected to the ER/X and working. Is there some sort of loopback/test termination I can make for the o

I've been able to set up sending and listening to http requests locally using 127.0.0.1:8000. I want to try doing it using the internet now.

I have a VPN with port forwarding enabled, but sending requests to that IP address and port does not yield a response like it did when doing it locally.

Can anyone clarify which address I should be listening on in order to receive http requests from the internet? I tried 0.0.0.0 and a few inet addresses from ip add, but none of them work.

This should be easy, right ?

I've been using my carrier's router for a while now but I've been having some issues. Though speed tests show nice speed, the consistency of the signal is very bad. I work from home in an office with my SO and when we're both using the internet the signal can become really bad. Currently getting 20% signal strength and having a hard time keeping my teams call up.

The router is not that far, like 10-15m away but does go through a wall. Ethernet cables are unfortunately not a possibility and since we both have desktop computers we'd rather not move.

Looking for a router around 100 euros, preferably available on Amazon Spain so I can return it if it doesn't solve my problem. The goal is to shut down the carrier router's wi-fi and just use the new router for all the networking.

I don't having any special requisites. Wi-fi 6E would be a nice to have but honestly wi-fi 6 is good enough. Solid connection is the most important thing for me.

Thanks!

cross-posted from: https://lemmy.world/post/21641378

So I just added a TP-Link switch (TL-SG3428X) and access point (EAP670) to my network, using OPNSense for routing, and was previously using a TP-Link SX-3008F switch as an aggregate (which I no longer need). I’m still within the return window for the new switch and access point, and have to admit the sale prices were my main reason with going for these items. I understand there have been recent articles mentioning TP-Link and security risks, so I’m thinking if I should consider returning these, and upping my budget to go for ubiquity? The AP would only be like $30 more for an equivalent, so that’s negligible, but a switch that meets my needs is about 1.6x more, however still only has 2 SFP+ ports, while I need 3 at absolute minimum.

I’m generally happy with the performance, however there is a really annoying bug where if I reboot a device, the switch drops down to 1G speed instead of 10G, and I have to tinker with the setting

I have a server with wireguard in a container with host networking. I want to assign an ipv6 subnet for each peer (eg: fd42:413d:a91f:dd37::/64) that the client (my laptop) can freely use all the addresses in that subnet and corresponding port ranges as a separate network interface. Meanwhile on the server, that exact same ip and port is routed to that specific client but through the tunnel.

Here's an example:

1. Server config

    ini

       
   [Interface]
   Address = fd42::1/128
   ListenPort = 51820
   PrivateKey = <key>
   
   [Peer]
   PublicKey = <key>
   AllowedIPs = fd42:413d:a91f:dd37::/64
   
   
     

2. Client config

    ini

       
   [Interface]
   PrivateKey = <key>
   Address = fd42:413d:a91f:dd37::1/64
   
   [Peer]
   PublicKey = <key>
   Endpoint = server.local:51820
   AllowedIPs = fd42:413d::/32, fd42:413d:a91f:dd37::/64
   
   
     

3. Run a server on the client

    sh

       
   python -m http.server 8080 --bind fd42:413d:a91f:dd37::1 -d dist
   
   
     

4. Access on the server

    sh

       
   cu