techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome

Administered by:

Server stats:

4.6K
active users

#edgerouter

0 posts0 participants0 posts today

This week I will be replacing my router (#Ubiquiti #Edgerouter Lite) with an Alta Labs #Route10. The ERL has been great, but there is one specific condition which causes severe performance issues. The ERL can offload #ipv6, #vlan and #pppoe at 1gbs, but not all at once. So, if you try to transfer a lot of ipv6 traffic, it drops to software and it then affects all traffic passing through. The main "culprit" is Steam which prefers ipv6 (as it should!) The new router should not have that limitation.

Ok, so I installed #OpenWRT on the #EdgeRouter X I talked about yesterday, and… it went great! Had to flash it in two parts but it worked perfect, #IPv6 works out of the box, and my network is up and running again. 💜 And I got a public IP from the ISP so even that worry is gone.

Now I just need to figure out the firewall rules to allow IPv6 traffic to hit my home server (and the server only).

#Strömsö

RE:
https://social.ahlcode.fi/notes/9yagd93cmi3k6e14

AhlCode Social serverNicd (@nicd)Welp, wasted a whole evening on trying to get #IPv6 to work on my #EdgeRouter X. Maybe I should install #OpenWRT on it... Anyway, turns out my new ISP has their own NAT on IPv4 and that's just great for my #SelfHosting. 🤦‍♂️ Gotta call them tomorrow and see if I could get a public IP somehow.

The Ubiquiti Edgerouter-X is a nifty router. With hardware offloading enabled the performance is good enough to route gigabit fiber.

With the new (still in beta) firmware version 3 they added a better webinterface and the option to configure Wireguard VPN tunnels.

Please don't use this Wireguard option to tunnel between home and a remote server. Both on gigabit connections.

Wireguard tunneling is done on the CPU, and that has no power whatsoever.

About three months ago, @neil wrote a post about detecting being on a call using webcam activity. I said at the time I was going to write up how I did it without running software on the endpoint, and I finally put the post together today: i.am.eddmil.es/calltracking/

Thw post explains how to use conntrack on any #Linux based firewall to detect a user being on Meet/Teams/Zoom/Slack or Jitsi calls. My example is an #Ubiquiti #Edgerouter, but should need very little modding for other Linux routers.

i.am.eddmil.es Agentless Call Tracking · Edd Miles

I'm thinking about switching from a #Ubiquiti #EdgeRouter to something with #OPNsense on it. My home Internet can do 1gbps/45mbps although this fall I'll probably end up with symmetric 1.2gbps. I'm upgrading my access points to WiFi 7 (the new Ubiquiti APs) so the WiFi will support the throughput even if our devices don't yet.

The frustrating thing with the EdgeRouter is that it's basically been abandoned the last few years by its manufacturer. They are still selling plenty of them but... 1/n

#FancyBear still hacking ubiquitous gear, despite patch availability.

#Ubiquiti’s #EdgeRouter ships with its config open to the internet and default credentials. The feds are telling everyone to secure their boxes and look for indications of compromise.

Ubiquiti, on the other hand, simply issued a broken patch. In #SBBlogwatch, we put the “quit” in Ubiquiti. At @TechstrongGroup’s @SecurityBlvd: securityboulevard.com/2024/02/

Security Boulevard · FBI Warns: Ubiquiti EdgeRouter is STILL Not SecureGRU APT28 is back again: Fancy Bear still hacking ubiquitous gear, despite patch availability.

This is not new information, but it was new to me. You can configure a #Ubiquiti #EdgeRouter to offload specific aspects of its processing directly to its hardware and bypass its CPU (which happened to be the bottleneck for me). I subscribe to a 1Gbps service, but I was only getting 300Mbps speeds and I couldn't figure out why.

help.ui.com/hc/en-us/articles/

I turned on these offloading options and **boom** 900Mbps.