TECH ubiquiti wifi crew

TS
TS
TomDlgns

TomDlgns

OT Supporter
Oct 24, 2004
67,253
b4gvx9B.png

only need about 999,999 similar responses before they do anything.
 

phat🐄

#meltdowns are NOT based off post count
Oct 9, 2002
43,580
Los Angeles, CA
i use pihole, but the xbox uses 8.8.8.8 and 9.9.9.9 directly. however, i don't see how DNS resolution could cause lag in a game.
yea it wont for the game. when i say lag i mean the generic symptom "my pornhub is slow2load"

game lag could be NAT as well. this game is console only ya?

what nat mode does it detect?
 
TS
TS
TomDlgns

TomDlgns

OT Supporter
Oct 24, 2004
67,253
yea it wont for the game. when i say lag i mean the generic symptom "my pornhub is slow2load"

game lag could be NAT as well. this game is console only ya?

what nat mode does it detect?

yeah nothing else lags, just the one game, it seems. NAT is Open on COD (no issues) but no NAT on NHL games where i feel like there is lag. no NAT meaning, they don't show NAT status that i'm aware of.

i had moderate NAT with COD, which was common with pfsense users but then i added a manual NAT rule and changed my NAT to manual. i have a DENY ALL UPnP option checked and a rule for my xbox that looks like this, allow 88-65535 10.0.10.5/32 88-65535

with that entry, i've had Open NAT in COD ever since.

also, now that i've set manual NAT for outbound, i need to add my own NAT rules if i add new networks, new interfaces, etc, but i rarely do that so it isn't a big deal.
 

Cashishift

Well-Known Member
Dec 12, 2000
53,745
Omaha, NE
Anyone blocking individual countries on a firewall level?

I was looking to see if I had blocked anyone, and apparently I have been blocking Russia since I got the UDM :rofl:
 

phat🐄

#meltdowns are NOT based off post count
Oct 9, 2002
43,580
Los Angeles, CA
Devel because there was some feature that want that wasn’t in the standard pack. I want to say that r was something python related

I run. Pinole as well for my kids vlan. That way mom can look at a nice dashboard, however the upstream of pihole is the pfblocker unbound instance.
 
  • Like
Reactions: TomDlgns
TS
TS
TomDlgns

TomDlgns

OT Supporter
Oct 24, 2004
67,253
@phat🐄 i have a location at work with two sonicwalls in HA mode and i ran the bufferbloat test in the middle of the afternoon with whatever network activity is going on and it passed A+ with check marks on both sides.

ironically, we've had some issues with sonicwall and video conferencing equipment/VOIP not working. the problems were mainly when trying to get our hardware working directly with 3rd party hardware on the other end so i don't think sonicwall is 100% to blame since we can't see/edit the remote side (customer/etc), but everyone said it should work and it didn't. this was pre pandemic, now it's not really an issue since we are mainly using teams for most meetings even with customers/3rd party/etc.

sonicwall does get hate and i get it, but i think the biggest issue with any install/product is that you need to look at the environment and deploy the right device.

i think sonicwall got HA figured out and they also have WAN Failover/Load Balancing figured out. i think those two things are absolute garbage in pfsense.

i still like pfsense and i'll still use it, but it would be nice to see some things improve. first they should start with their upgrade process, the last upgrade i did was via console and that's fine, but they need to fix the web browser upload. if other companies can figure it out, why cant netgate?
 

phat🐄

#meltdowns are NOT based off post count
Oct 9, 2002
43,580
Los Angeles, CA
@phat🐄 i have a location at work with two sonicwalls in HA mode and i ran the bufferbloat test in the middle of the afternoon with whatever network activity is going on and it passed A+ with check marks on both sides.

ironically, we've had some issues with sonicwall and video conferencing equipment/VOIP not working. the problems were mainly when trying to get our hardware working directly with 3rd party hardware on the other end so i don't think sonicwall is 100% to blame since we can't see/edit the remote side (customer/etc), but everyone said it should work and it didn't. this was pre pandemic, now it's not really an issue since we are mainly using teams for most meetings even with customers/3rd party/etc.

sonicwall does get hate and i get it, but i think the biggest issue with any install/product is that you need to look at the environment and deploy the right device.

i think sonicwall got HA figured out and they also have WAN Failover/Load Balancing figured out. i think those two things are absolute garbage in pfsense.

i still like pfsense and i'll still use it, but it would be nice to see some things improve. first they should start with their upgrade process, the last upgrade i did was via console and that's fine, but they need to fix the web browser upload. if other companies can figure it out, why cant netgate?
the diff between netgate is as much as they want to call themselves enterprise or carrier grade or whatever term they want to use, they are open source first, appliances to pay the bills second. so their code needs to handle a multitude of hardware options. UTM vendors are basically selling standard hardware and subscriptions. with some VM appliances in the mix

at the end of the day, what makes pfsense great is the flexablity, but the downfall is obviously everything is software driven, instead of an asic like what Sonicwall and everything else has.


the sip issue is a common issue with i think pre sonicos 5. what ever. need to fuck with the transformsand settings. they have a good forum
 
TS
TS
TomDlgns

TomDlgns

OT Supporter
Oct 24, 2004
67,253
the diff between netgate is as much as they want to call themselves enterprise or carrier grade or whatever term they want to use, they are open source first, appliances to pay the bills second. so their code needs to handle a multitude of hardware options. UTM vendors are basically selling standard hardware and subscriptions. with some VM appliances in the mix

at the end of the day, what makes pfsense great is the flexablity, but the downfall is obviously everything is software driven, instead of an asic like what Sonicwall and everything else has.


the sip issue is a common issue with i think pre sonicos 5. what ever. need to fuck with the transformsand settings. they have a good forum

yeah i get the pfsense thing, i still like them and i'll still use them for personal use, but if i were supporting a business i probably wouldn't install pfsense.

at the same time, depending on what the business needs are, sonicwall isn't the cheapest option, either. it just depends what the business needs are. also, the sonicwall to dell and back out of dell was a clusterfuck. at the end of the day, all vendors will have some type of issue, nobody is perfect.

look at unifi, they have been up and down for years. at least now they are hopefully on the right track with unifi OS, hopefully that becomes uniform between their entire product line and they can consistently fix issues.

edit- do you remember m0n0wall or however they spelled it? i've been using pfsense for a while, ran it on an old computer like many did back then. i prefer their appliances, today, because i know it should just work. also, i started to put everything in a rack and the old PC was going to take up a lot of space in the rack, that was another reason for going with the appliance.

i had to email their support for a failed firmware upgrade on a spare pfsense appliance i had. that update was not done via the console and it is possible that i didn't give the update enough time, although i think i did give it 20-25 minutes, you'd think that would be long enough. their support was fast to respond. however, as a paying appliance owner, they don't offer a way for the user to login and grab their own firmware, i think if you can validate that you own the hardware, they should allow you to download the firmware. then again, in a business environment you should have a copy of the firmware ready to go before starting your upgrade, don't rely on the updater.

i updated a pfsense unit after the failed appliance upgrade and this time i used the console to monitor (initiated thought the GUI) and it took about 15 minutes and i watched the entire process via console. knowing that, that's why i think 20-25 minutes for the first unit i attempted should have been enough time.
 
Last edited:

dorkultra

OT's resident crohns dude
OT Supporter
Oct 14, 2005
26,963
nilbog, trollhio
ugh, was moving my unifi vm to another drive and it won't boot, complaining about the drives. last backup somehow is a year ago, guess i'll rebuild from scratch.
 
TS
TS
TomDlgns

TomDlgns

OT Supporter
Oct 24, 2004
67,253
ugh, was moving my unifi vm to another drive and it won't boot, complaining about the drives. last backup somehow is a year ago, guess i'll rebuild from scratch.

i have backups set to weekly, why aren't you doing that? or even monthly would be better than nothing.
 

dorkultra

OT's resident crohns dude
OT Supporter
Oct 14, 2005
26,963
nilbog, trollhio
i have backups set to weekly, why aren't you doing that? or even monthly would be better than nothing.
i know i had it set to a normal frequency like weekly, but yet the autobackup directory only has stuff from 2021. I bet I had it writing to another directory and lost that drive during the move
 

phat🐄

#meltdowns are NOT based off post count
Oct 9, 2002
43,580
Los Angeles, CA
i know i had it set to a normal frequency like weekly, but yet the autobackup directory only has stuff from 2021. I bet I had it writing to another directory and lost that drive during the move
Mount the vmdks you have on another box and see if the unf files are there
 

dorkultra

OT's resident crohns dude
OT Supporter
Oct 14, 2005
26,963
nilbog, trollhio
Mount the vmdks you have on another box and see if the unf files are there
yeah, that's how i grabbed the old autobackups. guess i had it enabled and disabled it at a later time :dunno: these backups are an older version as well, so likely can't restore
shouldn't be too hard to redo, i didn't have that much customization
 

phat🐄

#meltdowns are NOT based off post count
Oct 9, 2002
43,580
Los Angeles, CA
yeah, that's how i grabbed the old autobackups. guess i had it enabled and disabled it at a later time :dunno: these backups are an older version as well, so likely can't restore
shouldn't be too hard to redo, i didn't have that much customization
the only gotcha is sometimes you gotta factory reset the unit to have it readopt. the flex swtiches i have that are hidden away had to be paperclipped so it could be seen again
 
  • Like
Reactions: dorkultra

Jonny Chimpo

Well-Known Member
Dec 20, 2003
66,594
Hell
Just got one of these boys

UniFi-Smart-Plug-lead.jpg


now hopefully my Unifi system will reboot my modem when it freaks out every couple months. Never could figure out why it does it, but the model seems to hang at around 2:00am and a power cycle fixes it. I always find out about it though because my wife wakes me up freaking out because there’s no internet.
 
  • Like
Reactions: stevezissou

phat🐄

#meltdowns are NOT based off post count
Oct 9, 2002
43,580
Los Angeles, CA
to add to this bufferbloat nonsense: i said this from the beginning, the bloat isnt necessarily in your router. stop fucking with shit, and stop shaping shit just so you get a better score. its probably not your stupid router/firewall/appliance. Case in point : the following.


* Previous tests netted me a C, and i had a few Fs along the way too.
* There were no configuration changes to my firewall (pfsense), in fact, i ADDED several more blacklists, and reenabled IDS (suricata) for my wan interface
* Internet provider is the same (FIOS)
* The test was done on a freshly rebooted Mac M1 Mini


Conclusion : NEVER trust a browser based tool, testing your quality of service or even throughput. They are so many other factors that you will be chasing your own tail and still have this problem pop up because you have 14 onlyfans streams going on at the same time. Browsers are the WORST.




iqP63iz.png
 
TS
TS
TomDlgns

TomDlgns

OT Supporter
Oct 24, 2004
67,253
to add to this bufferbloat nonsense: i said this from the beginning, the bloat isnt necessarily in your router. stop fucking with shit, and stop shaping shit just so you get a better score. its probably not your stupid router/firewall/appliance. Case in point : the following.


* Previous tests netted me a C, and i had a few Fs along the way too.
* There were no configuration changes to my firewall (pfsense), in fact, i ADDED several more blacklists, and reenabled IDS (suricata) for my wan interface
* Internet provider is the same (FIOS)
* The test was done on a freshly rebooted Mac M1 Mini


Conclusion : NEVER trust a browser based tool, testing your quality of service or even throughput. They are so many other factors that you will be chasing your own tail and still have this problem pop up because you have 14 onlyfans streams going on at the same time. Browsers are the WORST.




iqP63iz.png

i agree, i only added the rules to see if it improved the grade, which it did, but i didn't notice anything get better or worse. in fact, i never felt my connection was slow before this test.

something still feels off with the game, but it is just one game, all other games are fine and i don't really care all that much since i've already tried everything i can think of. now if i had issues with facetime, streaming, video conferencing apps, etc, then i'd keep investigating.

i already disabled those rules shortly after the grade did improve. also, if i had an insane amount of traffic running through pfsense the rule *could* make sense (to slow down non-important traffic), but that's not the case in my scenario.

maybe the next thing i could check is the MTU. i had a ping command saved that allows you to see if the MTU being used is the correct value.
 

phat🐄

#meltdowns are NOT based off post count
Oct 9, 2002
43,580
Los Angeles, CA
i agree, i only added the rules to see if it improved the grade, which it did, but i didn't notice anything get better or worse. in fact, i never felt my connection was slow before this test.

something still feels off with the game, but it is just one game, all other games are fine and i don't really care all that much since i've already tried everything i can think of. now if i had issues with facetime, streaming, video conferencing apps, etc, then i'd keep investigating.

i already disabled those rules shortly after the grade did improve. also, if i had an insane amount of traffic running through pfsense the rule *could* make sense (to slow down non-important traffic), but that's not the case in my scenario.

maybe the next thing i could check is the MTU. i had a ping command saved that allows you to see if the MTU being used is the correct value.
it shoudl always be 1500 at the gateway unless youre running some poverty VDSL circuit
 
TS
TS
TomDlgns

TomDlgns

OT Supporter
Oct 24, 2004
67,253
it shoudl always be 1500 at the gateway unless youre running some poverty VDSL circuit

no, this site has cable, but I do have pfsense at a location that is using DSL, but no gaming happens at that site and things appear to be working fine.
 

Users who are viewing this thread

About Us

  • Please do not post anything that violates any Local, State, Federal or International Laws. Your privacy is protected. You have the right to be forgotten. Site funded by advertising, link monetization and member support.
OT v15.8.1 Copyright © 2000-2022 Offtopic.com
Served by fu.offtopic.com

Online statistics

Members online
113
Guests online
64
Total visitors
177

Forum statistics

Threads
73,099
Messages
7,115,617
Members
86,888
Latest member
marsillpost