:: Re: [DNG] Routing or maybe router i…
Página Principal
Delete this message
Reply to this message
Autor: o1bigtenor
Data:  
Para: crichmon
CC: dng
Assunto: Re: [DNG] Routing or maybe router issues
On Sun, Sep 3, 2023 at 9:49 AM <crichmon@???> wrote:
>
> Hi Again,
>
> > One port for the optical cable in and one port for the ethernet cable (cat 6 IIRC) for out.
> > Have another switch coming so will try further some time next week.
>
> OK. From the comments below, you might have an issue with your ISP and getting more than
> on IP address from them if you have more than the router talking directly to the converter.


Remembered that I have a little laptop (got it for reading books online).
Just installing Devuan Daedalus on it.
Maybe I could use that in this process - - - - what say you?
>

snip
>
> >>>> Are you sure it's DNS issues? How do you know?
> >>> Well when the router itself says that the cable is disconnected (and its visually not true)
> >> Which cable? Does that connection have idiot light blinking or are they dark?
> > router doesn't have lights like a switch front panel of the router had all lights in question lit - - - ie not good for much
> How is the router telling you the cable is disconnected? From its web interface?


yes

> Is must be indicating the WAN cable is what's disconnected, otherwise you wouldn't be logged into it.


right on
>
> >> I'm betting in both cases, your router is the DNS cache as well as the
> >> DHCP server. If that's the case, then rebooting your main box shouldn't be required.
> > Maybe shouldn't be required but haven't been able to find any shorter solution yet.
> Gregory mentioned: $ service networking restart
> So I checked a couple of my boxes, and it comes up with a ? for status. I've never really
> used the service command for anything, and I imagine that however I have networking
> set up is out of reach for what service is looking for.
> I suspect that these:
> > ifconfig eth0 down
> > ifconfig eth0 up
> or:
> sudo ip link set eth0 down
> sudo ip link set eth0 up
> are doing something very similar. The multitude of network management "improvements"
> don't help narrowing down what will work for you. Any idea which variety of network
> management you are using?


Am using connman at present.
>
> > > I have asked a number of times about this.
> > > Have been told that I'm supposed to install more software - - - unbound was one recommended hasn't happened
> Installing unbound or pihole replaces the DNS server in your router and gives you more control over
> how it's configured. That's all. It's not "more" software, but replacement software.


Was thinking of using the dns server on the opnsense box (it has a lot
of options - - using 9.9.9.9, using dnscrypt,
DNS over https, dns block lists were what I was thinking of starting with.
>
> > asking here got me software recommendations to change the DNS server.
> Well, mostly because you started asking about DNS issue.
>
> > Once you install opnsense (running on freebsd (AIUI a hardened variant) you don't have things like a browser available anymore.
> > (Check on your pfsense box - - - would be reasonably similar.)
> Correct. The question included an 'if' for that reason. Anyhow...
>
> > IPFire doesn't do ipv6, pfsense seems to be headed toward closing their source code so that left opnsense.
> So I think that a high percentage of pfsense is still open source, there are features in the paid version and
> what runs on Netgate hardware that are closed, but the vast majority is still open. Looks like both can
> also be your DNS server and DHCP server. Mine are all separate so I didn't try that.
> And a comparison that includes links for tutorials for both: https://www.wundertech.net/pfsense-vs-opnsense/
>
> > >> (I cannot ping this machine from my main box. Cannot get access
> > >> using a web portal either. Need to complete the configuration of
> > >> this setup and would like this to be my new router.)
> > Noble goal, but you've got way bigger problems at the moment.
>
> > Well - - - after unplugging the opnsense box from the RJ-45 socket on the unmanaged switch
> > - - - I have internet on my main box and everything else seems to be working - - - I'm just not able to do what I want on the other 2 boxen.
> That again points to some sort of network setup conflict. I'm assuming the opnsense box has at least
> two network cards. Any possibility you are using the WAN port on the LAN side? Can you check the
> network setup in opnsense by hooking up the monitor and keyboard? In pfSense you can fiddle around
> with the networking basics from the console.


That's one of the possible issues.
I had bought a USB to ethernet dongle - - - - found out afterward that
it was the only version that actually
worked on FreeBSD (most such work well on linux only the one (to date)
on FreeBSD. There is only one RJ-45 port
so that could be a part of the issue but I don't think so.
>
> > Dunno how it works at your house - - - here when the router isn't working I really have a hard time searching the web for web pages.
> Sure, understood.
>
> > Have heard of wireshark - - - haven't done any more with that though.
> It's a much fancier version of tcpdump, as far as I can tell. You still have to play around and learn what
> all the traffic means.
>
> > It sounds like you're suggesting that I take my network apart so that I can change things.
> Not exactly, or not for long. You are trying to figure out what's causing the problem, and from what
> you've stated, attaching the opnsense box may be the cause.


That's what I'm think is the issue at present as well.
>
> > If you're serious about that idea then I suggest that you try it for your house first.
> Actually, I did just that not too long ago. That's how I ended up with a virtualization host with all
> the networking stuff hosted there. I built it in parallel with my old working setup where everything ran on
> one box that was seriously out of date, because I was too afraid to updated it and break everything.
> Maybe you missed that suggestion, but that's what hooking a small switch to the media interface would
> enable, as long as your ISP is OK with more than one router talking on it.


Oh yes - - - that had been the plan. Setup and configure things on the
opnsense box while I was still on the
previous ISP - - - then my radio or POE injector (think it was the
radio) cratered. (I did NOT want to fool with
LTE internet - - - had tried it once a number of years ago and the
usefulness was something between 0 and
non-existent.) That was the beginning of the avalanche. Now I'm trying
to dig my way out - - - its not going too well.

Just checked with the isp - - - level 1 tech - - - should be no
problem, me - - please check, hold for a few minutes,
they weren't too clear, you should be ok, if you have any problems
authenticating when you're adding the second
router - - - call us - - - we should be able to help. So that's
doable. Remembered that I have a little 5 port
switch here - - likely just a 10/100 but that's already only 8 or 9
times faster than previous isp so will be trying that pdq.
>
> > Please let me know how your family reacts to losing internet and entertainment until you get everything under
> > control. I would prefer if you do not call from your hospital room though (LOL).
> It's just me and the wife, but if we had kids it would be a disaster. At the same time, our phone and TV depend
> on the network, on top of 2 dozen or more other computer-type things.


If I can get this opnsense box router/firewall working step next would
be to add a SoC running asterisk - - -
thinking openwrt + asterisk but that's from memory but that would be
to move the phone from a landline (will
keep it but under a different number) to VOIP.
Parallel projects would add some few dozen SoCs and ucontrollers but
that would be done by adding a SFF
system with 2 nics and other router in the mix (second router would be
on a 172.16.x.x ) had thought perhaps
of doing a large network including the present but want the added
security in adding a second layer.

So - - - more work to do.

Thanks for the ideas and your time.

Regards