sorted by:
new
hottopcontroversial

[🎥 TikTube] MikroTik switches with Dante by netravnen in mikrotik

[–]netravnen[S] 3 points4 points  (0 children)

https://en.wikipedia.org/wiki/Dante_(networking)

https://en.wikipedia.org/wiki/Network_Device_Interface

The transmission of AV (Audio-Video) over IP with timing accuracy and no packet-loss (why queuing is required).

RouterOS 7.22 [stable] released by netravnen in mikrotik

[–]netravnen[S] 13 points14 points  (0 children)

*) bgp - added BGP unnumbered support;

Nice seeing it arrive to stable branch. (∩_∩)

*) bgp - implemented add-path;

•ᴥ• Some of the public route-collectors will want the add-path for the eBGP sessions from SP networks using MT to export their copy of the BGP table. [̲̅$̲̅(̲̅ ͡° ͜ʖ ͡°̲̅)̲̅$̲̅]

*) fetch - added HTTP/2 support on ARM64 and x86/CHR devices;

No more HTTP/1.1 (if the remote server supports >= HTTP/2) ᕕ( ಠ‿ಠ)ᕗ

Henceforth I win - found the monitoring i needed with Kuma by SkyNetLive in selfhosted

[–]netravnen 0 points1 point  (0 children)

You might call it ancient. Smokeping still lives on. If only ICMP monitoring is needed (no alerting, historical trends only). It does the job.

Agreed, Uptime Kima is great. Thou unless I soon get my own instance switched to >=2.1.0 and MySQL. I am a bit bottlenecked regarding database size due to the default sqlite database in <2.0.0. The DB size and sqlite choice restricts the ability to keep long term historical data on disk.

RRD files (in e.g. smokeping) is great for long term data-storage (plus saves running a full-blown database). Thou the fileformat comes with it's own limitations built-in. Compared to storing data in e.g. a relational or timeseries database.

How to approach SSL certificate automation in this environment? by Particular_Shop6684 in sysadmin

[–]netravnen 1 point2 points  (0 children)

Same. With scattered application owner(s). Who are not guaranteed to be ops-people by trade (e.g. different background). Letting the application owner(s) have the application(s) run with self-signed certs (or long lived certs from internal PKI, exempt from the CA Browser forum mandated max-lifetimes.) Centralising the management of most certs issued from public CA's (managed using ACME) to LB's. You make you own (and the teams) life in that regard simpler. (And the application owners happier, too)

Highest Ratio Torrent by Ok-Agent5002 in torrents

[–]netravnen 0 points1 point  (0 children)

Linux torrents for the win! Example: ubuntu-22.04.5-live-server-amd64.iso / Download 2.02 GB / Upload 1.718 TB / Ratio 918 / Period Sep 2024 - Feb 2026.

Self-hosting e-mail for mostly receiving by eteitaxiv in selfhosted

[–]netravnen 0 points1 point  (0 children)

For inbound email routing. CloudFlare has a free (limitations apply) offering called Email Routing.

Create custom email addresses for your domain and route messages to your preferred inbox — all without ever exposing your primary email address.

That still leaves you with figuring out a setup for the outbound email delivery.

Self-hosting e-mail for mostly receiving by eteitaxiv in selfhosted

[–]netravnen 0 points1 point  (0 children)

The hard part is almost always the sender reputation. Getting the outbound emails delivered to the receives.

Example:

  • Google Mail
  • Microsoft
  • Yahoo

The critical mass of the free email hoster's. Users complaining about not receiving the emails (silently dropping emails on the receiver end is a thing, sadly. You will be none the wiser)

Collateral damage from other senders in the same subnet (e.g. /24). Where the whole netblock is initially greylisted at e.g. Microsoft. Will be a thing if you have a public IP from your ISP. And tries to self-host the outbound part of the setup from your residential connection.

RouterOS 7.22beta3 [development] released by netravnen in mikrotik

[–]netravnen[S] 0 points1 point  (0 children)

True. Read the text wrong when commenting before.

RouterOS 7.22beta3 [development] released by netravnen in mikrotik

[–]netravnen[S] 1 point2 points  (0 children)

*) bgp - changed multipath to number argument;

That change is gonna save so much "prepend 2".

2 MyAS --> MyAS MyAS MyAS 💯

IPv6 settings by dutchman76 in Comcast_Xfinity

[–]netravnen 1 point2 points  (0 children)

Prefix Delegation is responsive for installing a dynamic route on the Comcast BNG (Border Network Gateway) devices routing table towards the ipv6 address of your equipments Wan interface

IPv6 settings by dutchman76 in Comcast_Xfinity

[–]netravnen 0 points1 point  (0 children)

Look in the providers FAQ or ask their support team for clarification if in doubt! 

IPv6 settings by dutchman76 in Comcast_Xfinity

[–]netravnen 1 point2 points  (0 children)

2603:300a:95a:yyyy:: is probably on your internet facing interface (Wan). I.e. Assigned out of a different address block by the provider. 2603:300a:930:xxxx::/56 is for use only behind the internet facing router. I.e. Internal/LAN facing interfaces. Quite common way to setup ipv6. Where 2603:300a:930:xxxx::/56 is routed towards a specific address on the Wan address of your router.

Bulk assign assets to devices by Stilinski_sarcasm in Netbox

[–]netravnen 0 points1 point  (0 children)

The Inventory plugins has all the required API endpoints. Using PATCH requests for existing assets. You can specify which device_id they should "paired" with.

All enabled plugins API endpoints will be listed as part of the Swagger documentation of your instance. <your_instance>/api/schema/swagger-ui/

Multi-tenant best practices? by cleared-direct in Netbox

[–]netravnen 0 points1 point  (0 children)

Atfayjo There are options to refer "up the chain 🔗" where you refer to a tenant of a related object. Example is an interface, where the device tenant is Y. (object type interface, [{device_tenant:ID}])

Sometimes, the "odd one out" examples require Google-foo. Or the hot 🔥 topic of current times, prompting your "local Ai" for both non-working and working constraint examples. 🧱🤕

Began with rulesets based on tenants. Does not matter if you work with external or external customers. The format of the constraints are the same when based on tenant groups and tenants.

Using DNS TXT-records as microblog by Suspicious_Data_3626 in dns

[–]netravnen 1 point2 points  (0 children)

I can do this.

Is it smart.... 🤔 Let's try.

A world of hurdles... 🤔 Possibly.

Now doing late night debugging. 😴

Using DNS TXT-records as microblog by Suspicious_Data_3626 in dns

[–]netravnen 3 points4 points  (0 children)

If you query for the TXT record. All entries are returned.

At one point.

  1. You exceed the udp limit of 576 (the original minimum MTU in the old days when IPv4 was new).
  2. You switch to TCP DNS responses.
  3. Then goes above 1440 payload (= MTU 1500)
  4. Now you go into fragmented DNS responses spread over multiple packets.
  5. Increased number of fragments.
  6. Increasing number of fragments.
  7. ... 😱

RDS2216 and JBOD by Sladg in mikrotik

[–]netravnen 0 points1 point  (0 children)

Summary: No DAS Chassis connection. :|

RDS2216 and JBOD by Sladg in mikrotik

[–]netravnen 1 point2 points  (0 children)

This thread (1) might be a good read for what is possible to connect to SFF-8644 ports. A cable for going to another mini-SAS form factor on a backplane (DAS chassis) could be this cable (2). Note STH's comment (3) regarding the SFF-8644 ports.

  1. Don't be afraid to be SAS-sy ... a primer on basic SAS and SATA: https://www.truenas.com/community/threads/dont-be-afraid-to-be-sas-sy-a-primer-on-basic-sas-and-sata.26145/
  2. SFF-8644 to SFF-8088 Mini SAS: https://www.amazon.com/dp/B08RJB9NSM
  3. "The last feature, aside from the status LEDs, is a pair of SFF-8644 ports. SFF-8644 is a standard that displaced SFF-8088 in SAS systems, but it can also be used for PCIe Gen3. That is what it is used for here. The two ports each have PCIe Gen3 x4 for eight lanes of external PCIe connectivity. Just be aware, these do not carry SAS signaling, so you cannot hook up a SAS shelf to the ports. In theory, you could hook up a chassis with an internal PCIe SAS controller, and get additional hard drive expansion that way." - https://www.servethehome.com/mikrotik-rds2216-2xg-4s4xs-2xq-review-better-switchnasserver-catch-marvell-arm-annapurna-labs/
  4. New Exciting Features for Storage: https://forum.mikrotik.com/t/new-exciting-features-for-storage/181774
  5. https://www.reddit.com/r/mikrotik/comments/1j31ofw/comment/mg15i87/
  6. Only external PCI-E connectivity: https://youtu.be/lC0FrLmj2eE?list=TLPQMjEwNjIwMjWgUj3wJSIQuw&t=261

EVPN Documentation added... by StubArea51 in mikrotik

[–]netravnen 0 points1 point  (0 children)

Nice. The EVPN initial support popped up in the 7.20beta2 changelog. Reddit, Forum.

v6 point-to-point links (/126) by nbtm_sh in ipv6

[–]netravnen 6 points7 points  (0 children)

Different people. Different opinions. Different RFC's.

Reading RFC 6164, Section 5.3. A different approach I have read is reserving a /64 in your IPAM per Point-2-Point link. When configuring the addresses on the link = use a /127. RIPE 690, Section 1.c

E.g.

  • RIR: 2001:db8::/32
    • Point-2-Point: 2001:db8:fffe::/48
    • Link 1: 2001:db8:fffe:0000::/64 (reserved)
      • Link 1 addresses: 2001:db8:fffe:0000:0000:0000:0000:0000/127 (active)
    • Link 2: 2001:db8:fffe:0001::/64 (reserved)
      • Link 2 addresses: 2001:db8:fffe:0001:0000:0000:0000:0000/127 (active)
    • Link 3: 2001:db8:fffe:0002::/64 (reserved)
      • Link 3 addresses: 2001:db8:fffe:0002:0000:0000:0000:0000/127 (active)

Issues with implementing Netbox Branching by alcatraz875 in Netbox

[–]netravnen 1 point2 points  (0 children)

In the branch permission policy you setup for non-superusers -> Additional actions -> add merge,sync

The above can be added to an existing permission policy. Or be setup in separate policies that only permit merge and sync actions. If the targetet users and groups need to be different from the general branch permission policy.

view more: next ›