On 4/27/23 15:10, The Natural Philosopher wrote:
> On 27/04/2023 15:04, The Natural Philosopher wrote:
>> On 27/04/2023 13:07, Martin Gregorie wrote:
>>> My problem is that there currently is no fibre available where I
>>> live: its
>>> ADSL or nothing at present as I'm not keen on WiFi.
>>
>> I have a pretty good Cisco (Linksys rebadged) SOHO ADSL router
>> Its even got PSTN ports for voip.
>>
>> Needs a wall wart as I pinched that for the Netgear.
>>
>> Runs warm in use, but never fails.
>> If you are in the UK I'll post it
>>
>>
>>
> Oh. I can still buy ADSL routers without WiFi in the UK
>
> https://www.broadbandbuyer.com/products/25841-draytek-v2832-k/
>
> Very very good router, that.
>

I use pfSense on NUC type PC circa 2016, before that I used tomato
firmware on a cheap router, both very good.

I wouldn't recommend a bespoke router, unless you wanted everything in
one box modem/router/wifi.

For Wifi the modern mesh systems are very good at roaming in a big
house, very cheap. I have 4 access points or whatever they are called,
dropped wifi is a thing of the past.

On Thu, 27 Apr 2023 12:07:57 -0000 (UTC), Martin Gregorie wrote:

Sorry about the slow reply: I'm bringing up a new server (current AMD
silicon, solid state storage) damn quick, and sort of lost track of the
time. The problem it that I was almost too late on making the swap,
because the last backup has a bit of minor file damage: just enoughto make
life mire 'interesting' than I wanted. The old dual Athlon box totally
shat on the update I ran after the backup and I thought that the backup
had survived untouched, but it had just enough damage to be annoying.

That aside, Fedora 37 loaded easily, apart fom a bu=it of nonsense from
Brave (crashed immdiately, but today's upgrade fixes that) and the latest
Evolution is pretty much a mess on the new box and I've still to migrate
PostgreSQL to v 14. On the other hand, Java is up an running without
problems, most of my C stuff looks to be OK and Apache is doing its thing
pretty well apart from geany needing a reinstall: not yet diagnosed.

My DSL320B ADSL' walwart has a 3.7mm OD coax plug that delivers 12v @
0.5A, so iF that's suitable for your ADSL router I'd be very happy to have
it, always assuming enough of its documentation to make it configurable
has survived.

Thanks for the unexpected offer!
> On Thu, 27 Apr 2023 10:47:54 +0100, The Natural Philosopher wrote:
>
>> Really?
>>
> Yes, really. The DSL320B I've used for years currently has several
> problems:
>
> - its screwing with the fourth term of the IP address,which causes
> pinging
> other hosts on my LAN to fail - this seems to be corrupting the 4th
> term of a fixed IP address
>
> - my DSL320B can currently connect to the outside world from either of
> the
> two hosts on my LAN, but neither host can talk to the other one.
> AFAIK there's no problem with my CAT5/6 switch
>
> - the DSL320B should be configurable via http or telnet, but neither
> Firefox nor Lynx shows any ability to access the DSL320B via an http
> connection. If I point telnet at it, it accepts the default user name,
> 'admin', but doesn't accept the password, which also defaults to
> 'admin'.
>
> - I got a replacement off eBay, because I couldn't find a retailer with
> any in stock and its even worse. It won't even accept the default user
> name. and can't be pinged.
>
> - The DSL320B manual says you can reset a DSL320B by poking a 'biro'
> into a 'reset' hole, but this is a lie: the hole is both too small
> and too deeply inset for any biro I've seen to work.
>
> However it should be resettable if you push a toothpick, some 1mm
> alloy tube or a shaved down matchstick into the small (1.5mm) 'reset'
> hole until you hear the switch click while holding the power switch
> down and keeping it pressed 10-15 seconds, but this failed to reset
> either of the DSL320Bs.
>
>> Consumer routers are mostly utter crap. I have a Draytek now, and it
>> all actually works.
>>
>> Its got ADSL but Ive migrated to fibre, and id does ethernet WAN as
>> well (like cable)
>>
> My problem is that there currently is no fibre available where I live:
> its ADSL or nothing at present as I'm not keen on WiFi.
>
> I'm currently on the Zen waiting list until fibre connectivity gets
> installed (I'm not holding my breath for this) but am about to see if
> they Zen can take over my current ADSL link anyway, by installing a
> Fritz box, which is what they apparently use as the fibre terminator,
> but for use as an ADSL terminator in the meantime.

--

Martin | martin at
Gregorie | gregorie dot org

Ahem,

> It sort of is internal - to the LAN not the machine

Thats the thing : I do *not* want my machine to just talk to other machines
(on the same lan or not) - at least not without my explicit say-so.

I regard it as a weakspot, to be exploited when one of those machines on the
LAN gets taken over by malware (and tries to find a way into other
machines).

> It's all about scalability really - making it easy to manage a LAN
> with tens of thousands of hosts (horrible thought!).

All I can think about when I read that is of companies who had to shut down
and had to do a major cleanup because one person got its computer infected
and than it spread from there. :-\

Regards,
Rudy Wieser

On 27/04/2023 20:35, Ahem A Rivet's Shot wrote:
> On Thu, 27 Apr 2023 15:24:50 +0200
> "R.Wieser" <address@is.invalid> wrote:
>
>> My brain balks about something thats "fundamental to IPv6", but is not an
>> /internal/ IP (like 127.x.x.x) is.
>
> It sort of is internal - to the LAN not the machine, rather like
> MAC addresses, the main use is to enable unicast addressing to be used for
> almost everything and minimise the use of broadcast addressing. It's all
> about scalability really - making it easy to manage a LAN with tens of
> thousands of hosts (horrible thought!).
>
> Cellphone data plan connections use IPv6 and need it AFAICT, IPv4
> NAT and DHCP would be a nightmare in that environment.
>
Ah you sure? At some level my cellphone sits behind a massive NAT when
contacting IPV4 hosts

--
How fortunate for governments that the people they administer don't think.

Adolf Hitler

On Fri, 28 Apr 2023 08:44:15 +0200, R.Wieser wrote:

> Ahem,
>
>> It sort of is internal - to the LAN not the machine
>
> Thats the thing : I do *not* want my machine to just talk to other
> machines (on the same lan or not) - at least not without my explicit
> say-so.
>
> I regard it as a weakspot, to be exploited when one of those machines on
> the LAN gets taken over by malware (and tries to find a way into other
> machines).
>
>> It's all about scalability really - making it easy to manage a LAN with
>> tens of thousands of hosts (horrible thought!).
>
> All I can think about when I read that is of companies who had to shut
> down and had to do a major cleanup because one person got its computer
> infected and than it spread from there. :-\
>
My solution there has always been to run a firewall on every machine on my
LAN so that only the ports used by the software your computers use to talk
amongst themselves are open: this means that only ssh (22), smtp (25),
http(80), sftp(115), nntp(119) ntp(123), rsync(873) and maybe ftp(21) and
SAMBA (if you have Windows boxes on your LAN) are likely to be open, but
its worth looking at /etc/services as a reminder of what the various ports
are used for.

Then make a similar (and smaller) list of the ports you're willing to open
in your LAN firewall to accept incoming traffic.

Note that these incoming ports do not need to be open if you always open
connections FROM your systems TO external servers: IOW you can use a
webreader such as Firefox without opening port 80 and you can send and
receive mail without opening port 25 if you run a mail server on your LAN
and use, say, getmail to collect incoming mail from your mailbox on your
ISP.

So, call me paranoid, but I don't have any firewall ports open to the
wider internet: I use getmail, run as a cron job every 10 minutes to
retrieve incoming mail and pass it to a local Postfix server for
distribution to laptops etc. The public copies of my websites are hosted
by my ISP: I maintain identical master copies locally and update the
public versions by exporting new and updated pages to the hosting site by
using gftp.

--

Martin | martin at
Gregorie | gregorie dot org

On 27/04/2023 23:19, Martin Gregorie wrote:
> On Thu, 27 Apr 2023 12:07:57 -0000 (UTC), Martin Gregorie wrote:
>
> Sorry about the slow reply: I'm bringing up a new server (current AMD
> silicon, solid state storage) damn quick, and sort of lost track of the
> time. The problem it that I was almost too late on making the swap,
> because the last backup has a bit of minor file damage: just enoughto make
> life mire 'interesting' than I wanted. The old dual Athlon box totally
> shat on the update I ran after the backup and I thought that the backup
> had survived untouched, but it had just enough damage to be annoying.
>
> That aside, Fedora 37 loaded easily, apart fom a bu=it of nonsense from
> Brave (crashed immdiately, but today's upgrade fixes that) and the latest
> Evolution is pretty much a mess on the new box and I've still to migrate
> PostgreSQL to v 14. On the other hand, Java is up an running without
> problems, most of my C stuff looks to be OK and Apache is doing its thing
> pretty well apart from geany needing a reinstall: not yet diagnosed.
>
> My DSL320B ADSL' walwart has a 3.7mm OD coax plug that delivers 12v @
> 0.5A, so iF that's suitable for your ADSL router I'd be very happy to have
> it, always assuming enough of its documentation to make it configurable
> has survived.
>
> Thanks for the unexpected offer!
>
Mmm. Its a Cisco 527W . I have full PDF docs. They are online anywhere.

https://www.manualslib.com/products/Cisco-Small-Business-Pro-Srp527w-3526294.html

It has two VOIP sockets in it that will connect to SIPGATE for sure

If you don't want wifi you can turn it off.

It is actually a seriously reliable router for ADSL .

The input thingie is coaxial and says 12VDC on it
OD looks like 5 or 6 mm

Oh. I checked. The Netgear POS has a Netgear PSU so I initiated a
rummage through the cable box which elicited another PSU that seems to
power the Cisco up. I think it is the one it always had. I lost track
of the Cisco during the divorce.

Um you can email me at webmaster at gridwatch.org.uk

I'll then switch to a more used email address.

And I can post it to you.

--
“Politics is the art of looking for trouble, finding it everywhere,
diagnosing it incorrectly and applying the wrong remedies.”
― Groucho Marx

The Natural Philosopher <tnp@invalid.invalid> wrote:
> On 27/04/2023 20:35, Ahem A Rivet's Shot wrote:
>>
>> Cellphone data plan connections use IPv6 and need it AFAICT, IPv4
>> NAT and DHCP would be a nightmare in that environment.
>>
> Ah you sure? At some level my cellphone sits behind a massive NAT when
> contacting IPV4 hosts

IPv6 hardly even works via my telco with mobile broadband (usually
fails to connect to the phone tower when enabled - with a modem
sold by the same telco). If they're having nightmares, they must be
from IPv6, not IPv4. But I suspect they don't care much.

--
__ __
#_ < |\| |< _#

Pancho <Pancho.Jones@proton.me> wrote:
> On 26/04/2023 17:57, Chris Elvidge wrote:
>>
>> No idea.
>> Does `ps ax | grep dhc` give a clue?
>> Does nmcli work? -> uses NetworkManager
>
> Seems my Ubuntu 22.04 systems only get nmcli with the
> ubuntu-gnome-desktop package. My server versions don't have it. Both
> server and desktop still have dhclient.
>
> Do I need to learn nmcli, or can I bury my head in the sand and hope it
> goes away?

NetworkManager is another all-encompassing thing from Red Hat, like
Systemd. Over complicated and poorly documented as usual from what
I've seen, but no sign of the Linux kernel itself requiring it, so
it should be safe to ignore so long as your Linux distro doesn't
become obsessed with it. If Ubuntu's desktop software requires it
then maybe they are going down that path though.

--
__ __
#_ < |\| |< _#

Ahem A Rivet's Shot <steveo@eircom.net> wrote:
> Cellphone data plan connections use IPv6 and need it AFAICT, IPv4
> NAT and DHCP would be a nightmare in that environment.

CGNAT is pretty common on those to provide IPv4 connectivity. Mine
currently has an address in the 10.x.x.x range, as well as an IPv6 address.

--
_/_
/ v \ Scott Alfter (remove the obvious to send mail)
(IIGS( https://alfter.us/ Top-posting!
\_^_/ >What's the most annoying thing on Usenet?