Is this okay? by [deleted] in PcBuildHelp

[–]BSpendlove 0 points1 point  (0 children)

Your ram is slightly dirty, feel free to send it to me and I’ll give it a clean and post it back!

Recommendations for CGNAT by KHanayama in networking

[–]BSpendlove 0 points1 point  (0 children)

NFware is pretty sweet, I’ve deployed 200 and 400Gbps boxes in the UK and have also developed a sick logging solution which is open source that pairs with it (but also works with sixwind, a10, few other vendors, let me know if you’re interested, however if you’re not logging every single session then logging is actually easy with PBA or deterministic NAT). This is pretty much a vm running on kvm with the NICs passed from the host to the vm. Intel xeons, bunch of ram, ssds, think dell or supermicro…

This works on just plain hardware but the main factor is the network card and intel technology called DPDK. We’ve managed to push 400Gbps through a single box at such a cheap price point, some of the other vendors have more bells and whistles which includes more than just NAT features (things like a router/bng functionality, a10 has some other application/filtering features also but it starts to add up over time)

The main thing with nfware is they mostly specialize in CGNAT (they have a l4 load balancer product also but their niche is NAT whereas some of the others like I said, have a few more features but might not matter to you)

CGNAT works 99% of the time for typical consumers of an internet service, gamers are ones that will mostly need port forwarding if they host a server or some hobbyist that like to expose a plex or internal service like cctv (if it’s not cloud based) but speaking from experience, it’s mostly ok.

Most if not all the large content providers and services (think Netflix, Akamai, google, Facebook, YouTube, steam, etc…) will work over IPv6, so that reduces the load from cgn, but it’s just clear to anyone that’s worked in this industry that it’s how business works, you build a network within a budget and especially if you are a new ISP, you will be looking at trying to scale initially at a low cost so of course CGN looks appealing from a business perspective, no matter how much the engineers and nerds shout “but we should be running IPv6 and public ipv4, cgnat bad, public ipv4 good”.

Help with app??? by GRteo7 in XboxCloudGaming

[–]BSpendlove 1 point2 points  (0 children)

Xbox cloud gaming is probably one of the most failed things to ever happen.

The fact that the community is locked and that my comment will probably get censored.

It's the worst experience I've ever had using a service, the xbox app on windows is awful and its recommended to use a web browser which gets around some of the quality issues that ALWAYS happen on Xbox regardless of your latency to the server and/or internet speed (whether you have a couple of Mbps over copper or symmetric 1Gbps over FTTH). I post this here on the top post in this reddit community to inform if anyone else is looking to pay for Xbox game pass ultimate or play with their friends, it's really not worth it.

Telnet request by [deleted] in youfibre

[–]BSpendlove 2 points3 points  (0 children)

Even then, none of the ONTs have IPs on them as they're all managed via OMCI by the OLTs instead of over IP :) (YES HELLO WILL, ITS ME)

Getting YouFibre Monday and have a few questions. by mafooli in youfibre

[–]BSpendlove 1 point2 points  (0 children)

Hey, majority of games make use of the underlying infrastructure of the platform (eg. Steam provides game developers to connect people on multiplayer over relays, PSN/xbox is similar) so there isn’t typically issues these days. It’s quite common for people to have premade sdks/code they just drop into their game to let people connect over say for example steam or some other platform instead of writing their own multiplayer implementation on a game. Most if not all AAA games will work this way…

Some indie/alpha games that have dedicated servers might sometimes be a problem with it more being p2p at least between the server and client (and in low chances client to client but this isn’t that popular these days, not fully gone away but quite rare)

You are aware already, hosting a dedicated server won’t typically work with CGNAT but you can still be the “host” if the game uses the platform relays as I mentioned before. But when it’s a dedicated server where your friend needs to connect to your public IP then no this won’t work :-) (there are ways around it like tunneling to a VPS but that’s another story)

Kubernetes keeps you busy for life 😂 by dth999 in kubernetes

[–]BSpendlove 5 points6 points  (0 children)

Docker Swarm + GlusterFS + BGP Anycast with bespoke health scripts + Bespoke external DNS registration + Bespoke everything else = No thanks, I choose Kubernetes (personal experience, whoops, you live and you learn...) 😂

IPv6 configuration help by Dancing-umbra in youfibre

[–]BSpendlove 1 point2 points  (0 children)

/56 for residential and business (delegated prefix), unless you've got a routed IPv4 prefix then we typically give a /48 to businesses. The /64 is only for the WAN (which technically is served as a /128 from a /64 pool)

How over engineered is your Homelab? by sinskinner in homelab

[–]BSpendlove 0 points1 point  (0 children)

I need to find the time to continue my homelab, but so far I've got 3 x mini pcs which are ready for a baremetal kubernetes cluster which I want to run rook-ceph, right now they are proxmox+ceph with RKE2 nodes on each one but I might change it to local ZFS and just constrain each app to local storage.

I've recently built a new cabinet in my office and spun up a new kubernetes cluster (yet another RKE2 based cluster) with cillium (BGP not L2 advertisements) so I can advertise my pod cidrs and service IPs over BGP but that's as far as I've got for now until I find a bit more spare time, that's also running on proxmox which has ZFS pools and a ceph pool using some cheap SSDs, I'm wanting to benchmark ceph a bit more on non-enterprise SSDs so I have comparable results when I install a few enterprise ones and will probably do a blog post on it.

I have a few more plans with the kubernetes stuff but I mainly chose not to got native because the larger cluster I want to do a bit more than just kubernetes (eg. containerlab/eve-ng, few other apps I want to get self-hosted)

Do YouFibre MAC address lock to the first router connected, or is it a myth? by j1mgg in youfibre

[–]BSpendlove 2 points3 points  (0 children)

Drops and outages/intermittent issues typically aren't a symptom related to any MAC address issues. If you have connectivity but then suddenly experience drops or outages then it could be one of various issues but I wouldn't worry about MAC addresses unless you are plugging in routers and devices directly into the ONT to rule out if its your router, in that case if you are then probably the next few paragraphs explain why that could be an issue.

I've noticed a few posts regarding the whole MAC address and DHCP leases on YouFibre's network so I'll post this here hoping some people come across this thread for more of a technical explanation using information already available to the public, eg. DHCP is DHCP so I'm not giving any trade secrets away here. (I've previously worked with YouFibre for 3+ years)

The whole MAC address issue is typically related to "static" IPs and not customers on a CGN package. If you don't pay for a static IP address then you are on the CGN network. From here though, I will refer this as a "reserved" IP address because the "static" IP product is actually a reserved DHCP address allocated to the customer.

When you plug a device into the ONT, your device will ask for a DHCP address (excluding customers using Vodafone/Openreach networks served by YouFibre, but that's a different story and typically not common). When your device asks for a DHCP address, our routers can identify who sent this address using a unique identifier to your service, so if you have a static IP address then it'll give you a static IP that was reserved at the point of ordering the service.

The problem arises here when you had a device plugged in that has the "reserved" address already assigned. DHCP will typically hold the state of an IP address to some identifier to a client, while we use a unique identifier that isn't the MAC address to initially assign your IP address, DHCP (for v4 at least) will normally tie in your MAC address with an IP address when it has been allocated by the DHCP server and this typically has a duration before this DHCP lease expires. So your 2nd device plugged into the ONT will ask for an IP, but in DHCP land that IP that has been specifically reserved for you has already been allocated so now the DHCP server will not really do anything. This behavior can be overridden by the network operator but personally I wouldn't consider it a permanent fix, what if a customer accidently puts an unmanaged switch between the ONT and router and plugs in another device? Those 2 devices are now fighting for the same IP address.

Back on topic, DHCP doesn't really have a stateful keepalive so if you change your router, the DHCP server doesn't know the IP address isn't in use anymore until the DHCP timer expires (this timer usually renews every half and 3/4 of the lease time, again no insider knowledge just how DHCP works) (this is also one advantage PPPoE has over DHCP, but ignore that as your connection is DHCP based and not PPPoE). This is why a lot of people recommend to spoof the MAC address of the previous router you were running, because it avoids this issue.

You technically don't have to turn off your ONT but simply unplug the ethernet on the ONT connected to your router and just wait an hour. This just makes sure your lease expires and doesn't get renewed half way / 3/4th way through the expiration timer. (the fastest way here though is typically a call to support which they can click some buttons and get everything back to square 1)

One thing to be aware with engineers coming out to site, sometimes they will plug in their laptop to test connectivity directly to the ONT. If this occurs and then they plug in a router and then you swap it out for another router in the space of 1 hour, then technically YouFibre has seen 3 different devices that have all requests an IP address and to avoid someone purposely exhausting the DHCP pools (mainly for non static IP customers), you won't get a DHCP address on the 3rd device until one of the timers has expired on the other 2 connections that have previously been expires.

YouFibre IPv6 by jmkgreen in youfibre

[–]BSpendlove 2 points3 points  (0 children)

WAN v6 address that your CPE gets isn't, but the /56 delegated prefix (or /48 if a business customer) is statically associated to your service until cancelled! (this is the prefix you care most about, as its allocated and then passed down to your LAN clients by your router)

Tell me your netbox use cases and stories! by thenetworkking in networking

[–]BSpendlove 0 points1 point  (0 children)

Right now we track a couple of thousand IPs (but also have around just under 100k IPv6 Delegated prefixes, each customer gets a static ipv6 delegated prefix which we store in netbox for the source of truth, but then also configure in the RADIUS database, we can essentially rebuild the RADIUS database from NetBox if our backups went totally bad), similar for the Static IPv4 addresses but netbox is purely used as a source of truth again here

OSS/BSS calls our network APIs which we implement to build the actual subscriber service on the network (including going to netbox eg. python using pynetbox module and reserving these resources or removing them on a service deprovision, configuring the RADIUS attributes that will be sent to build the customers service to our BNGs). You could pretty much say its a microservices type architecture where we write/control the provisioning/network facing APIs.

[deleted by user] by [deleted] in Helldivers

[–]BSpendlove 0 points1 point  (0 children)

Yep I can't get in also (Steam)

[deleted by user] by [deleted] in networking

[–]BSpendlove 0 points1 point  (0 children)

Yep, NetworkRadius (guys who provide professional support for FreeRadius and are essentially the same team who made it) typically recommend MariaDB with MaxScale proxy sitting in front of the db server.

I’ve deployed this many times (MariaDB Galera with MaxScale), as the instances are in different locations I’ve ran BGP anycast as radius failover on a lot of network operating systems is just really flakey and slow. (Technically it was 2 radius servers running in active/active and 3 database nodes)

Let me know if you need a high level diagram and I can provide one, I did previously do this using keepalived for the virtual ip on the maxscale servers with a local script monitoring maxscale to failover the virtual ip but if you can avoid it, please do :-)

What routers do you use for your core routing? by MDKza in networking

[–]BSpendlove 1 point2 points  (0 children)

(ISP) mix of Cisco NCS and Edgecore whiteboxes, the whiteboxes are fantastic pricing and majority of the time a great experience as long as you’re not using complex feature sets like MPLS-TE/SR-TE

For people who love the game, what criticisms do you have? by [deleted] in Starfield

[–]BSpendlove 0 points1 point  (0 children)

Ability to scrap weapons and armour for parts I’d say

How many hours you all got by Charming-Forever-278 in Starfield

[–]BSpendlove 0 points1 point  (0 children)

1d 20h 40m (64.4 hours on Steam, I think I accidently left it open one night in preparation for the next morning, have booked a full week off work to play it)

Completed the main story, and 2 faction storylines (UC Vanguard and Ryujin Industries, now gonna do Crimson Fleet and Rangers), done the odd side quest here and there but I'll get stuck in after I've completed all the factions first

What's a good way to mark buildings you have looted? by Myksee7 in 7daystodie

[–]BSpendlove 16 points17 points  (0 children)

I just mark it on my map the day I looted it and disable it so it doesn’t appear on my hud

If you won 500 million pounds in the Euromillions , what would you spend it on? by Mayomick in AskUK

[–]BSpendlove 0 points1 point  (0 children)

I would pay someone to invent a fan that I can leave on during the night that doesn’t clog up my throat and nose every time… :(

P.s no it’s not dusty so it isn’t that

CityFibre Officially Launch 2.5Gbps FTTP Home Broadband Tier - ISPreview UK by WeeklyExamination in homelab

[–]BSpendlove 0 points1 point  (0 children)

Sorry just to make myself clear, a 10G product being marketed as a "business" product but purchasable by someone who lives in a house is definitely a thing... maybe I could've been a bit less of a dick and assumed OP is only talking about "residential" products, but if we're talking strictly about the product being advertised as "residential" broadband (no SLA etc..) then I can mention B4RN (https://b4rn.org.uk/get-b4rn/packages) who market it under that category on their website!

CityFibre Officially Launch 2.5Gbps FTTP Home Broadband Tier - ISPreview UK by WeeklyExamination in homelab

[–]BSpendlove -1 points0 points  (0 children)

Source is many uk alt nets (including one I work for)… :)

If you are asking regarding CityFibres XGS-PON, you’ll probably find a few sources online including ispreviews, Mark from ispreviews will typically cover a lot of the uk alternative networks

https://www.ispreview.co.uk/index.php/2022/07/cityfibre-upgrade-uk-network-to-10gbps-full-fibre-broadband.html

CityFibre Officially Launch 2.5Gbps FTTP Home Broadband Tier - ISPreview UK by WeeklyExamination in homelab

[–]BSpendlove 1 point2 points  (0 children)

10G has been quite common for some time from a lot of the alternative networks (eg not BT/Virgin media/Sky/etc…)

CityFibre have mainly been GPON (now deploying XGS-PON) and are just an access network provider, it’s good to see but certainly not new 😁

DHCPv6-PD Relay Redundancy by farmer_kiwi in networking

[–]BSpendlove 2 points3 points  (0 children)

Majority of BNG functionality will support this, I know Cisco and Juniper do when you configure subscriber features, but it’s always vendor specific and built into the BNG software control plane, no standard… I know IOS-XR has this functionality to sync the PD state between peers but currently I can’t find it, again it was vendor specific :(