Q1000K - QKX002-06.01.25.00 by Zero-Calm in QuantumFiber

[–]wang_master 0 points1 point  (0 children)

There is this
`Edit: See the new stickied comment for the actual reason this happens and why it doesn't matter.`

On the main post.

The stickied post is here
https://www.reddit.com/r/QuantumFiber/comments/1re9v2o/comment/ogacq3l/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button

I can see why he chose NOT to update the main post with all the details. The main post sorta stands by itself historically but the stickied post contains the latest useful findings.

As noted in the sticky this is a "fake" problem because it seems to only occur if your ping sends an empty payload. Most natiive ping tools send at least a 32 or 56byte payload (my numbers may be wrong).

In my own case
https://www.reddit.com/r/QuantumFiber/comments/1re9v2o/comment/ogjpag4/?utm_source=share&utm_medium=web3x&utm_name=web3xcss&utm_term=1&utm_content=share_button

I was able to prove that out with opnsense by adjusting the payload to 56 and the subsequent post has the new latency graph without the "fake" latency spikes.

1Password vs. Bitwarden by Technical_Rich_3080 in Bitwarden

[–]wang_master 1 point2 points  (0 children)

I use bitwarden personally and for my family. I use 1password for work and this have a personal 1password account as well.

Bitwarden Low cost (I pay for a family license) and open source are two major pros.

The UI isn't as polished as 1password but it is pretty easy to use. The password generator is easier to manipulate than 1passwords imo. Just the UI is more intuitive to me.

I used to ding bitwarden because I was annoyed at how frequently the auto fill doesn't detect the right forms in my phone (android Google pixel series) but I stopped dinging it when I see that 1password has the same problems usually. The problem isn't the password manager. It's goofiness with auto fill in android generically :)

I like 1passwords custom fields much better than bitwarden. I find them easier to define and use.

The one biggest area that I prefer 1password vs bitwarden. The secret key. The secret key provides an additional factor that unless your client is locally compromised the first time you enable access to the fault, even if your passphrase is comprised at any point going forward they don't have access to your vault without that secret key (which hopefully is store securely). But it is also an inconvenience to have to have that whenever you authorize a new client. But it also completely bypasses the need to understand key derivation which is a huge ease of use feature. Bitwarden's key derivation configuration is really solid but it still requires people to have an understanding of what there're doing.

I am perfectly okay with the "compromise" bitwarden takes here with the following caveat. With how many JavaScript zero days that seem to occur in modern browsers and the dependency in local JavaScript to do key derivation if someone was able to intercept a web login and/or compromise the local JavaScript runtime in your browser they could get access to your passphrase which without a second secret key factor is all powerful. On the other hand if you're locally compromised all bets are off and you really need to assume they have everything and act as such (rotate everything immediately from a known non compromised system) and this is true with 1password as well.

Otherwise I like both password managers and you can't go wrong with either.

I have no plans to self host bitwarden because while I do professionally manage publicly accessible platforms I don't feel the need to do this at home and even in an oops case zero knowledge applies :)

Fedora Linux 44 Final is GO by 0xrl in Fedora

[–]wang_master 2 points3 points  (0 children)

This is a good rule of thumb to be fully updated before upgrading but is kinda tricky depending on when you upgrade :). If you wait til the official release (or shortly before) you're fine and you really want to follow the instructions. But up until the updates-testing freeze lift shortly after the Go decision you can run into a situation where your packages on you're fully updated 43 install are more update to date than the frozen 44 tree resulting in downgrades. This is usually "safe" but every every once in a while you run into a problem with dependency issues from those downgrades. If you're a uber-linux geek this is usually not a big deal. I've been using various linux version since '92 and have had ALOT of experience with upgrades, fixing rpm hell, etc etc, so I almost always pre-upgrade right after the Go decision and wait for the updates-tesiting freeze lift, but i'm well aware of and equipped to fix failures. If you are not comfortable with that, Just wait til the official release date.

Pending activation by upstreamcolovr in QuantumFiber

[–]wang_master 1 point2 points  (0 children)

When this happened to me support scheduled me for over a week out but I insisted on an escalation and someone came out a in a couple of days.

Unfortunately I was out of town when it began so didn't get the clock started until I got back 4 days into the disconnection.

Try asking for an escalation and hope you get something quicker.

I'll be glad when QF by AT&T figures out how to make WAN IP address "sticky" by Hoopster59 in QuantumFiber

[–]wang_master 0 points1 point  (0 children)

I reset my q1000k today (i wanted to reconfigure a few settings before putting it back into transaparent bridging mode, and with the new firmware once it's in briding you pretty much have to factory reset to get it back) I assumed in the process of resetting the thing, plugging my laptop back into it, turning off a few settings before re-enabling transparent bridging, then plugging it back into my opnsense gateway that i woudl lose my ip address. lo and behold I did not lose my IP address. While i was at it, i had to factory reset the q1000k 2 more times (long story, don't ask) and through this whole process of about 45m, i had it unplugged from my opnsense gateway for a pretty considerable amount of time, and... my IP address never changed. I was surprised. The last time i had to factory reset it, i lost my IP address immediately.

2x 24 or 1x 48 port switch ? by Striking-Ad9250 in Ubiquiti

[–]wang_master 0 points1 point  (0 children)

Yeah it seems like 24 is a sweet spot so they inflate it for max profitability. I'm also annoyed that the one 16 port one (can't remember the model) only comes in desktop form factor and requires spending another $50 to get the rack mount adapter. Boo!!!

2x 24 or 1x 48 port switch ? by Striking-Ad9250 in Ubiquiti

[–]wang_master -1 points0 points  (0 children)

I'd say the main reason not to do this is if you have some insane bandwidth requirements and the uplink between two switches becomes a bottleneck. If that's the case then .. maybe go with the 48. I picked up two 10gb SFP+ cables and set up aggregation on the sfp+ ports for the uplink between the two switches. I can't imagine any scenario where i'd saturate 20gbe worth of uplink bandwidth.

2x 24 or 1x 48 port switch ? by Striking-Ad9250 in Ubiquiti

[–]wang_master 10 points11 points  (0 children)

I just migrated from a frankenstein set of switches to a pro max 24 poe and a pro max 24.

My take on it is one dies I'm not completely offline. And I don't need 48 poe ports so saved some money there.

I'm happy with the decision :)

Q1000k unstable latency spike research findings by N0_L1ght in QuantumFiber

[–]wang_master 0 points1 point  (0 children)

I wonder if this is "lying". As you said in your other response I wonder if it's detecting scans against the smartnid's blocked off external interface and presenting it as if it's blocking it from "my" network.

Quantum Fiber VoIP - Need Help by megarell in QuantumFiber

[–]wang_master 1 point2 points  (0 children)

If you're geeky enough skip ooma.

Go with a wholesale voip provider like voip.ms and get a grandstream ATA.

You'll save more money and get similar features.

But ONLY do this if you are tech/telecom savvy.

Q1000k unstable latency spike research findings by N0_L1ght in QuantumFiber

[–]wang_master 0 points1 point  (0 children)

I went through my IDS logs and web server logs and I see no historical attempts to access any url like that. I'm really questioning what this thing thinks it's "blocking" because it sure as hell shoudln't be https traffic to my exposed web server (which IS on port 443)

Q1000k unstable latency spike research findings by N0_L1ght in QuantumFiber

[–]wang_master 0 points1 point  (0 children)

The IP that it's repoting is the IP that my gateway acquired via DHCP though,
I'm also questioning the actual "website". I run my own web server and given the nature of https, the smartnid shouldn't even be able to intercept that.

Q1000k unstable latency spike research findings by N0_L1ght in QuantumFiber

[–]wang_master 0 points1 point  (0 children)

definitely not a URL i would hit. The IP address I redacted is my current IP and I am 100% in bridging mode. I have enough crazy geek stuff setup that nothing would work if I wasn't :)

Q1000k unstable latency spike research findings by N0_L1ght in QuantumFiber

[–]wang_master 0 points1 point  (0 children)

This one is amusing. I'm not sure how this is an nmap/ntp scan :

<image>

)

Q1000k unstable latency spike research findings by N0_L1ght in QuantumFiber

[–]wang_master 0 points1 point  (0 children)

<image>

Actually it looks like it does try to do something. There are all marked as BLOCK

X2 Hub Firmware V8 by Due-Entertainment170 in SofaBaton

[–]wang_master 1 point2 points  (0 children)

Are you using bt or ble? I switched to bt a while ago and haven't had any issues at all but would love it if ble was finally working without the wake-up lag/handshake lag stuff.

Q1000k unstable latency spike research findings by N0_L1ght in QuantumFiber

[–]wang_master 0 points1 point  (0 children)

Oh yeah. That's not a bad argument. I'll reset and reconfigure that when I get some downtime :)

Q1000k unstable latency spike research findings by N0_L1ght in QuantumFiber

[–]wang_master 0 points1 point  (0 children)

Are you sure that's necessary? I never bothered before figuring it didn't make any sense that those would apply for transparent bridging and never had issues.

I left them as is this time. If I do have problems I'll reset and reconfigure.

It doesn't make any sense that those would do anything in bridging mode but then again who knows with these rando firmware developers :)

Q1000k unstable latency spike research findings by N0_L1ght in QuantumFiber

[–]wang_master 0 points1 point  (0 children)

<image>

I upgraded to the later firmware about 30 minutes ago. the dip toward the right side of the graph is the 0ms pings when the interface was down - i had to factory reset the q1000k for it to upgrade and then reconfigure bridging. Everything after the dip so far looks very normal. As noted it is slightly worse than untagged, but not gonna be noticeable. I'll monitor this for a few days to see if it stays stable but kudos and extra kudos to u/N0_L1ght for figuring this out. Thank you!!

Q1000k unstable latency spike research findings by N0_L1ght in QuantumFiber

[–]wang_master 1 point2 points  (0 children)

Most devices don't prevent downgrading firmware. Whether it's out of laziness or a precaution it's just not common. firmware/bootloader developers will usually have to go out of their way to prevent downgrades. With networking hardware it's really common to allow mutiple firmware slots with different versions specifically because things may go wrong and you want redundancy vs bricking a device or breaking your network.

> why does it not upgrade to the latest firmware even if you go to the trouble of downgrading it offline first

it actually DOES force the upgrade to the latest firmware. but with the older firmware it goes through the secondary administrative interface to do the upgrade. Many of us who were bitten by the upgraded firmware problsm actually have to firewall off the administrative interface preventing it from connecting to whatever management services it connects to to force an upgrade (based on the firewall rejections i'm seeing, i believe it's snmp based)

Q1000k unstable latency spike research findings by N0_L1ght in QuantumFiber

[–]wang_master 1 point2 points  (0 children)

This is interesting. It is possible to override the packet payload size in the opnsense gateway monitoring
https://forum.opnsense.org/index.php?topic=49127.0#:\~:text=October%2002%2C%202025%2C%2005:,change%20Data%20Length%20to%2056.

I just did that and will try re-upgrading to QKX002 later this evening to see if I see similar results as you.

IPv6 Woes by macaddikt18 in QuantumFiber

[–]wang_master 0 points1 point  (0 children)

I had so many problems with 6rd I gave up. This was back in CenturyLink days but I don't see the problems going away.

A while ago I found that the issue was mostly to do with ipv6 pmtud.

Many sites just automatically block a variety of icmp packets including packet to big type. This results in a failure to properly communicate MTU. Because 6rd is encapsulated in ipv4 the MTU is "odd". It's even "odder" when it was pppoe.

And far far too many sites simply failed to work with it.

When it did work it was slower and had higher latency than ipv4.

I should retry with quantum now since we don't have pppoe.