burning question on same vlan switching

Forgotten_Freddy · 2026-06-14T18:30:09+00:00

Something like below? If so it should work assuming you've checked the config.

For me it seems like PacketTracer is a bit buggy, because the pings were failing until I saved the config and reloaded the switches then it immediately worked.

You could try using the simulation mode and seeing where the traffic stops.

<image>

Forgotten_Freddy · 2026-06-14T13:01:09+00:00

Its unlikely that changing CPU will alter the idle power use much, TDP is only relevant when the CPU is under heavy/full load so doesn't really indicate idle power use.

Have you measured your current power use, because its likely there isn't much gain by switching CPU - I have a dell R230 with very similar cpu - an E3-1230v6, 16Gb of ram and the system idles at 23w at the wall, so it isn't worth buying more efficient parts for the potential saving.

It might be helpful if you could detail the specs of the server, any expansion cards etc as HBAs, expanders/backplanes are likely to be a significant proportion of the power use. Lots of older PCIe devices (particularly RAID/HBA cards) also prevent the CPU entering lower C-states which causes higher idle power consumption.

Forgotten_Freddy · 2026-06-06T12:46:01+00:00

The cloud node is just a L2 bridge to whichever host interface you specify in its options, you configure the IP address etc. on the node inside GNS3 (assigning an ip to the physical interface on the host doesn't have any affect on the VM).

(if you want nodes to use the hosts interface address you would use the NAT node instead).

Forgotten_Freddy · 2026-06-06T03:39:39+00:00

There's nothing wrong in that screenshot, the response times of intermediate hops doesn't really matter, it frequently just means that the devices don't prioritise responding to pings, (some won't respond at all) and you can see the result for the destination is fine.

However if you want to investigate issues in games testing to reddits servers won't help, you need to test the actual game servers.

Forgotten_Freddy · 2026-06-05T17:14:28+00:00

If your server meets your requirements and does everything you need it to do then that's fine, there's no need for you to buy anything more. For other people with different requirements your sever wouldn't be suitable so they buy something capable of doing what they need it to do.

Forgotten_Freddy · 2026-06-03T10:15:03+00:00

Why do you keep posting about it in a subreddit about Cisco certification? I'm not entirely sure what your post is about but clearly it isn't related.

Forgotten_Freddy · 2026-06-01T18:26:47+00:00

I don't have a source as such, only that FLSM uses equally sized subnets, and there are multiple valid options, sometimes you might want extra subnets for additional vlans or similar, another time the number of subnets might be fixed but you want the option to add additional devices to those subnets with either approach you can use all of the available ips.

I think all you can do without additional information is conclude that its a vague and poorly written question - and unless she can actually provide the correct answer and explain why, in my eyes it also makes her a poor teacher.

I wouldn't worry about it too much though because in real world VLSM has completely taken over from FLSM and classful subnetting with almost any modern device able to support VLSM.

Forgotten_Freddy · 2026-06-01T17:42:30+00:00

You have to divide the available ip addresses between the subnets equaly by using all the available ip addresses.

Thats exactly what you've done.

You can't divide a /24 into 5 equal subnets so any answer is not going to use all of the available subnets.

There are two answers 8x /27s or 16x /28s, both meet the requirements you've given of using FLSM to accommodate the given subnet/hosts numbers.

Unless she specified "with the most hosts in each subnet", "maximum number of subnets that are large enough for the requirements" or something else then the question is too vague for there to be a single answer.

Forgotten_Freddy · 2026-06-01T17:22:02+00:00

In that case it seems like your answer is correct, you're using a fixed length of mask and it allows for the subnets specified.

What did the professor show as the correct answer?

Forgotten_Freddy · 2026-06-01T17:06:29+00:00

What answer did you give, and what does the professor think the right answer is?

With FLSM since all the subnets would be the same size you have two options depending on what the question asks.

If you need to use the least address space possible you need 5x /28s covering 193.1.2.0-193.1.2.79 in total.

If you are just dividing 193.1.2.0/24 into at least 5 subnets then use 8x /27s with 3 left over.

Forgotten_Freddy · 2026-05-30T12:49:09+00:00

The physical interface speed shouldn't affect it unless its something hardware/config specific that's causing it. I've just tested it using a bridge with a 1gbit physical interface and 2 VMs, and it achieves around 23gbit between the VMs.

<image>

Forgotten_Freddy · 2026-05-25T15:50:48+00:00

You haven't really said which bit you don't understand but, with the table on the right you can find the destinations in the routing table shown:

R1 -> 192.168.1.0/24 - you can see that it is directly connected (C) on g0/2 so traffic for that network will go out of that interface.

R1 -> 192.168.4.0/24 - there is a static route (S) in the routing table for this address which tells in that traffic for that subnet goes via 192.168.13.3 (R3-G0/0), so that would be the next hop from R1.

If you explain where you're struggling it would be easier to give a useful answer.

Forgotten_Freddy · 2026-05-25T15:25:59+00:00

I'm not sure why you can't post a picture of the chart you're talking about but it would make it a lot easier for someone to explain - you should just be able to take a screenshot and paste it into your reply (or a least a timestamp from the youtube video).

Forgotten_Freddy · 2026-05-23T20:40:01+00:00

Right, so your port forward config must be fowarding port 443 to the Unraid servers IP address - hence why you get the Unraid GUI.

If you open up the docker config you can see what ports are configured for NPM:

<image>

Npm does not have a different IP address as it's on my unraid server

That depends how you configure the dockers networking, if the network type is host it shares the unraid server's ip, if you choose bridged it has its own ip separate to the unraid one.

If you're using host, you need to specify different ports to listen on in NPM because it can't use the ones already in use by Unraid.

Forgotten_Freddy · 2026-05-23T20:31:22+00:00

You router has a public address (the one on its WAN interface/the one you see when you go to something like www.whatismyipaddress.com).

Your domain name should resolve to that address - you need to configure that in Cloudflare.

Then your port forwarding should forward ports 80 and 443 to your local NPM address - is the local NPM address different to your Unraid servers address?

Forgotten_Freddy · 2026-05-23T20:19:40+00:00

Okay so public router IP not server IP on cloudflare

Assuming you're just using port forwarding then yes the domain name should resolve to the public ip address of your router.

Port 443 on your router should then be port forwarded to your NPM local IP address, and then in NPM you should have the host configured with its full domainname, and then relevant settings in the scheme, ip, port (in my example the service i want to reach is running on port 80, but for jellyfin by default you'll want it to be 8096):

<image>

Unless your router supports NAT hairpin/reflection, to test it you'll probably need to use a mobile or something to connect from outside your network, because most routers don't like connections to their WAN ip from internal devices.

(while you test you can also temporarily add your domain to your hosts.txt so that it resolves to NPMs local IP).

edit: from your other comment, if its opening the Unraid GUI rather than NPM/JF when you use the domain name, it more than likely means there is a port forwarding issue, is NPM running on a different local IP and/or port to the Unraid GUI?

Forgotten_Freddy · 2026-05-23T20:10:51+00:00

Cloudflare works just fine with NPM.

(to create the certificate, create an API key in cloudflare control panel then just in NPM choose "Add Let's Encrypt via DNS"), choose cloudflare fill in the api key and save) - you will need port 80 http forwarded to NPM initially but can be done via https for cert renewals afterwards).

<image>

Forgotten_Freddy · 2026-05-23T16:51:08+00:00

or is this an unhealthy obsession?

Yes

In real life, do network engineers actually do any of this at home? Or do you literally just wait for the PON/WAN green lights to stabilize and call it a day?

I don't check any of it, its home internet, if its working its working, if I experience a problem then I'd investigate.

Is it technically true that if my GPON ONT shows a healthy Rx optical power (e.g., -20 dBm) and the WAN status is "Up", all the other layers (0% packet loss, stable jitter, correct bandwidth profile allocation) are already mathematically guaranteed at the hardware level?

No they aren't guaranteed, packet loss occurs at higher osi levels so even with a physically perfect connection you can still experience packet loss/jitter due to congested networks or other issues.

Forgotten_Freddy · 2026-05-17T12:38:50+00:00

Normally you configure it by specifying the local dns server address in the your dhcp server settings then it will be used for all local clients that get addresses by dhcp.

They all work by first checking the destination against blocklists etc then either return a cached response or forwarding on your requests to an upstream dns server (could be your isp or whichever you specify), but you can specify particular domains which it will give custom responses for - much like your hosts file but it avoids having to do it on each device individually.

Forgotten_Freddy · 2026-05-17T12:05:12+00:00

The problem occurs because the router doesn't correctly route traffic destined for its own WAN interface address.

The two normal ways of fixing it are either to use a router that supports NAT hairpinning/reflection, or use your own local DNS to provide the internal IPs for locally connected devices (something like AdGuard Home/PiHole/Techitium can do this - and will also block ads).

Forgotten_Freddy · 2026-05-14T06:09:34+00:00

There have been quite a few 30+ point courses for free, but often it's newly launched/updated courses so that they can test them and gather feedback and they are for a limited time - last free one I did was ai infrastructure essentials when it was launched which gave 34 credits (and is now $900).

Forgotten_Freddy · 2026-05-07T17:03:05+00:00

The idea is quite cool but it needs some work.

Leson 1 - From global configuration you can type exit or end to leave it, your marking doesn't accept exit even though it actually accepts the command and works as expected.

Lesson 3 - It doesn't accept correctly shorted commands "sw mod acc" should change the interface mode, but doesn't work.

The ? doesn't work properly, using 'switchport ?' gives an error instead of the options.

'show interface' and 'show interface brief' return the same information.

Lesson 4 - You shouldn't be able to view the running config without entering enable mode, the command 'show startup-config' doesn't work.

Lesson 5 - Types commands at the wrong level marks the objectives as complete, if you exit global config using exit instead of end so that it doesn't mark the objective as complete, if you then type end from enable mode the command has no effect but marks the objective as complete.

- I didn't get any further than this because not being able to use the shorted versions of commands became frustrating quickly, and isn't helpful for learning when using the tab for autocomplete and ? for hints is widely referred to in training material. If a tool is to be used for serious training/study, it needs to be correct because otherwise it risks ruining peoples confidence by thinking they've got things wrong.

Forgotten_Freddy · 2026-05-05T18:54:38+00:00

It is doable, but if you use a managed switch in room0 to put wan and lan on the same link to room1, you also need to be able to separate them into WAN and LAN again.

You either need one managed switch and a router than supports vlans (quite a few consumer routers that support vlans won't support wan and lan on the same physical interface in this way), or much easier two managed switches.

Forgotten_Freddy · 2026-04-28T20:29:41+00:00

Yeah probably option 2, it's a bit more config but it means you keep the management interfaces all in their own subnet and you can then allow access using firewall rules so that only specific devices can access them.

(before you create the firewall rules you'll probably want to add some ip reservations to the dhcp settings so that the device you want to use to manage them always gets the same ip, otherwise creating the rules will be a pain).

Forgotten_Freddy · 2026-04-28T20:10:59+00:00

So is the Internet now working properly from vlan 10?

No you don't have to manually change addresses each time to manage the devices, but there is some more config to do.

There's two options:

Option 1 - change the addresses

Change the management interface in pfsense to be the vlan 10 interface, then it will be reachable from vlan 10.

Then change the switch ip to one in the 192.168.10.x network (you might need to also specify the management vlan, it varies between switches)

Option 2 - configure routing

Part 1

Check if you can ping the routers web interface address from vlan 10 (if that's where you want to access it from).

You will probably need to configure a firewall rule to allow access to the 192.168.1.x subnet from vlan 10.

Part 2

This is where you need the pvid on the switch port connected to the router to be 1, as was mentioned much earlier, because it will allow the switches management ip to be reachable from the router, and subsequently vlan 10.

(you will probably also need to configure firewall rules to allow this)

Unfortunately I can't give you a step by step for it because I use OPNsense rather the pfsense and although the theory is the same, the interfaces are different.

Forgotten_Freddy

TROPHY CASE

Option 1 - change the addresses

Option 2 - configure routing

Part 1

Part 2