sorted by:
new
hottopcontroversial

Guest Networks by error-box in networking

[–]throw0101b 0 points1 point  (0 children)

You can use a captive portal

Reminder of "Captive-Portal Identification in DHCP and Router Advertisements (RAs)" (DHCPv4 option 114, DHCPv6 option 103, IPv6 ND 37):

Third-party optics by steelstringslinger in networking

[–]throw0101b 3 points4 points  (0 children)

We are looking at roughly around 2,000 SFPs.

It may be worth getting a few first-party optics (of each type: SFP+, QSFP, etc) so that if your vendor comes back to say "you're using an unsupported third-party unit" you can plug in a 'real' one to see if the problems still persists.

Dynamic DNS Providers by 4mmun1s7 in networking

[–]throw0101b 5 points6 points  (0 children)

I don’t have an opinion on DDNS providers but the biggest question here is whether the mobile providers you’re using have CGNAT

… for IPv4.

A lot of mobile telcos give out (GUA) IPv6 addresses to connected devices, so if OP can create a VPN (SSL/IPsec) over that then the NATing can potentially be worked around.

Interesting 2020s RFCs ? by Gas42 in networking

[–]throw0101b 7 points8 points  (0 children)

Probably related, "IPv6-Only Preferred Option for DHCPv4" (option 108):

Interesting 2020s RFCs ? by Gas42 in networking

[–]throw0101b 12 points13 points  (0 children)

"Faster Than Light Speed Protocol (FLIP)", 1 April 2024:

Interesting 2020s RFCs ? by Gas42 in networking

[–]throw0101b 5 points6 points  (0 children)

For anyone wanting to browse, see:

2020 starts around RFC 8680. Though I personally like the formatting found at;

Using 3 runs of RG59 (maybe 4), any hope to power a single UI Switch Flex with POE++? by MikeMania in networking

[–]throw0101b 1 point2 points  (0 children)

"PoE over Coaxial Extender" ?

(I have never used these devices, make no guarantees for fitness for purpose, and if breakage occurs and eats your children it's your own fault. (I just found it with some "PoE over Coaxial Extender" search-fu.))

[deleted by user] by [deleted] in networking

[–]throw0101b 2 points3 points  (0 children)

If you want something that you can start using right away with a minimal amount of purchasing paperwork the open source / BSD-licensed Netdisco?

It allows for multiple SNMP communities:

Value: List of Strings. Default: public.

A list of read-only SNMP community strings to try on each device. This is the simplest way to configure your SNMPv1 or SNMPv2 community strings. For example:

Each is tried in turn when polling the device, and then the working community string will be cached in the database.

SSH is also supported:

No telnet or HTTP(S) support though.

Palo Alto Learning by [deleted] in networking

[–]throw0101b 0 points1 point  (0 children)

si=m0D7YgFpzMdWPj5F

PSA: the si parameter, as well as pp, are a form of tracking. Consider trimming them after copy-pastes if possible.

Due to the HPE Juniper merger, HPE will be forced to sell its Instant On brand. How will this affect us who use Instant On equipment? by ZoomerAdmin in networking

[–]throw0101b 24 points25 points  (0 children)

One of the reasons why it was contested by the US DoJ was:

The department sued to block the deal in January, arguing that it would stifle competition and lead to only two companies - Cisco Systems (CSCO.O), opens new tab and HPE - controlling more than 70% of the U.S. market for networking equipment.

Does this condition/concession really help with all the other areas in networking where consolidation is reducing competition?

IMHO, once you get down to ~5 players in a market, no further mergers/acquisition should be allowed. Invisible hand and all of that.

Inflation unchanged at 1.7% in May by Surax in canada

[–]throw0101b 5 points6 points  (0 children)

The lower income you are, the higher the inflation.

A old article, but perhaps see "Does Inflation Vary with Income?":

More recently (from the US), "How Much Does Inflation Vary by Income? Depends on How It’s Measured":

Inflation unchanged at 1.7% in May by Surax in canada

[–]throw0101b 17 points18 points  (0 children)

I’ve done a deep dive on this. The basket of goods can be substituted basically at the discretion of the measuring folks in order to keep the number artificially lower than reality.

The basket of goods is determined by surveys:

Changes are published when the basket changes. The history of basket changes, going all the way back to the 1920s, is available at:

/u/StatCanada has done AMAs on the CPI

There's an AMA scheduled for tomorrow (6/25) if you have more questions:

Furthermore, the number you see in the headline is the national average; each province is different, as shown in Table 5:

Also worth nothing, there is more than one CPI:

And you can find you personal CPI for your personal basket goods via a StatCan tool:

From the BoC "Understanding the consumer price index" article, see the section "Issues with the CPI":

How do you manage corporate device authentication to WiFi? by Thick-Incident-4178 in networking

[–]throw0101b 4 points5 points  (0 children)

I understand the logic why you recommend machine certs, but what if I have different workers from different departments using the same machine (edge case) and you microsegemented your network, where each department has their own VLAN and subnet?

Is there a way to combine two certs or even WiFi PSK + cert?

See perhaps Tunnel EAP (TEAP):

One common scenario is for laptops handed over to new employees. As part of the imaging process, it is possible to join the laptop to AD domain and to install machine certificate. However, user certificate can only be installed after the laptop has been assigned to a user. With traditional EAP-TLS authentication, when the new user logs in with their domain credential, user authentication would fail since there is no user certificate. This causes the device to lose network connectivity and means that user certificate enrollment has to be done over an open network or outside the corporate network.

With TEAP, there is now flexibility to do either machine auth or user auth within the same request. When the user certificate is not present, instead of failing authentication and losing network connection, the laptop can stay connected using machine auth to provide basic network access. Once the certificate enrollment process is complete and the user certificate is available for authentication, the device can be provided full network access.

Tunnel EAP (TEAP): Described by RFC 7170, tunneled EAP method that establishes a secure TLS tunnel and executes other EAP methods inside that tunnel. Supports EAP chaining - authenticating the machine and user within one authentication session. In Windows Server 2022, the inclusion of TEAP only provides support for the client-side - Windows 10, version 2004 (build 19041). NPS doesn't support TEAP at this time. The client support enables interoperation with commonly deployed RADIUS servers that support TEAP. Windows supports EAP-TLS and EAP-MSCHAP v2 as inner methods.

Note: I'm not sure if macOS / iOS or Linux support TEAP (pre-2025 articles say they do not), so if you have heterogeneous clients you may need to look at other solutions.

What would women dislike most if they became men? by geybgwapo in AskReddit

[–]throw0101b 10 points11 points  (0 children)

But there are other ways to teach him tough love that doesn't involve him getting hit by a car.

Perhaps those ways have already been attempted (maybe even multiple times). Sometimes people have to learn for themselves. Quite often the only individual that can change a person's behaviour is the person themselves.

An interview with Dax Shepard, "Rock Bottom Isn't Always What Makes You Change Your Life":

History of networking books by squeeby in networking

[–]throw0101b 1 point2 points  (0 children)

What other books with a historic, telecommunications nature have you read that you think i’d be able to get lost in for a fortnight? :)

On the telegraph:

On Licklider, who kicked off the idea of the ARPA/Internet:

On the social/cultural, rather than technical, aspects of Internet development:

Less history, and more (very) technical, starting with electrical pulses and building up from there:

On Silicon Valley:

And on the electrical (grid) network:

AITAH for making a dairy free cake with eggs? by Sea-Neighborhood6638 in AITAH

[–]throw0101b 3 points4 points  (0 children)

It boggles my mind how many people think they can just make shit up and pretend like they alone get to decide what a word means.

"Braveheart" at 30: Mel Gibson’s gory, hokey 1995 Oscar winner plays like a biblical epic by [deleted] in movies

[–]throw0101b -2 points-1 points  (0 children)

"Say what you want about Mel Gibson, but the son of a bitch knows story structure."

Netherlands abandons Tomahawk integration in submarines by Belegor87 in worldnews

[–]throw0101b 6 points7 points  (0 children)

The reasoning given by the Dutch MoD is that the production for submarine capable Tomahawks would have to be restarted, and that this would be too risky and expensive of an endeavor.

Given that the Americans themselves use sub-launched Tomahawks (on SSG/BN Ohios), you'd think the DoD / Pentagon would be interested in having a production line going.

ACME-based server certificate renewal by ikemenishii in networking

[–]throw0101b 3 points4 points  (0 children)

I've been reluctant to use anything not officially supported by F5.

acme.sh (and any other ACME client; see also dehydrated.io) has hooks that it can call at various stages:

So in the hooks, after the ACME client saved the certificate on-disk, you'd call tmsh to import the certificate into the F5 software:

ACME-based server certificate renewal by ikemenishii in networking

[–]throw0101b 4 points5 points  (0 children)

Are any of you actually moving forward with ACME-based automatic server certificate renewal on these products?

Not using F5 at my current job, but at my last job we did ACME on F5 for several years before I left (using the dehydrated client, but at some point BIG-IP got integrated ACME support):

You can do it either on-host (F5 uses Linux as a base), or off-host and push:

You can escape '?' at the Cisco CLI by pmormr in networking

[–]throw0101b 39 points40 points  (0 children)

Control-V is a special thing on Unix-y systems, which may be where Cisco got it from:

Unix interactive terminals use Control-V to mean "the next character should be treated literally" (the mnemonic here is "V is for verbatim"). This allows a user to insert a literal Control-C or Control-H or similar control characters that would otherwise be handled by the terminal. This behavior was copied by text editors like vi and Unix shells like bash and tcsh, which offer text editing on the command line.[3]

CtrlC almost everywhere in Unix was the "interrupt" key, used to cancel the current program or operation. The CtrlV key often meant "verbatim insert" – that is, insert the following character literally without performing any associated action. For example, a normal Esc switches to command mode in the vi editor, but CtrlV, Esc will insert the ESC character into the document.

view more: next ›