networking – Cannot Ping or Connect to a device on the same wifi frequency band

I am trying to ping or connect to a device, however, it is not possible when both devices are on the same frequency band, 5GHz or 2.4GHz.

When I connect the device to different frequency, one on 5GHz and the other on 2.4GHz. It connect without any issue.

The below ping result when I ping from a device on 2.4GHz to device on 5GHz.

abdullah@home-server:~$ ping 192.168.1.32
PING 192.168.1.32 (192.168.1.32) 56(84) bytes of data.
64 bytes from 192.168.1.32: icmp_seq=1 ttl=64 time=52.2 ms
64 bytes from 192.168.1.32: icmp_seq=2 ttl=64 time=7.62 ms

Below is the ping result when I ping from a device on 5GHz to device on 5GHz.

Abdullah@Abdullahs-MacBook-Pro ~ % ping 192.168.1.32        
PING 192.168.1.32 (192.168.1.32): 56 data bytes
Request timeout for icmp_seq 0
ping: sendto: No route to host
Request timeout for icmp_seq 1
ping: sendto: Host is down
Request timeout for icmp_seq 2
ping: sendto: Host is down
Request timeout for icmp_seq 3
ping: sendto: Host is down
Request timeout for icmp_seq 4

networking – CAT6A or CAT7 Bulk Patch Cable

Is there a reason that no-one offers stranded CAT6A or CAT7 bulk cables to be used to crimp custom length patch cables? I haven’t found a single supplier that offers this. Solid conductor cables are available for both mentioned categories but the highest category cable I can find with stranded cables are CAT6.

Is there an alternative when trying to accomplish 10Gbit compliance across greater distances than 55 meters?

networking – IPtables masquerade not working on OpenSuse Tumbleweed

We have several computers with OpenSuse Tumbleweed connected to one switch. Only one of them (called main) has access to the internet using public IP address, but sometimes we need also access internet from another computers on that network (one of them is called worker). For this task we tried using masquerade but without success.

Setting on main computer with access to public network:

7: bond0: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:0a:f7:6f:5c:d0 brd ff:ff:ff:ff:ff:ff
    inet 147.232.232.35/27 brd 147.232.232.63 scope global bond0
       valid_lft forever preferred_lft forever
    inet6 fe80::20a:f7ff:fe6f:5cd0/64 scope link 
       valid_lft forever preferred_lft forever
3: ens8f0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether a0:36:9f:76:ca:ca brd ff:ff:ff:ff:ff:ff
    altname enp65s0f0
    inet 192.168.200.50/24 brd 192.168.200.255 scope global ens8f0
       valid_lft forever preferred_lft forever
    inet6 fe80::a236:9fff:fe76:caca/64 scope link
       valid_lft forever preferred_lft forever


main:~ # ip r
default via 147.232.232.33 dev bond0 proto dhcp 
147.232.232.32/27 dev bond0 proto kernel scope link src 147.232.232.35 
192.168.200.0/24 dev ens8f0 proto kernel scope link src 192.168.200.50 


main:~ # iptables -t nat -L -n -v
Chain PREROUTING (policy ACCEPT 618 packets, 45129 bytes)
 pkts bytes target     prot opt in     out     source               destination
Chain INPUT (policy ACCEPT 599 packets, 43369 bytes)
 pkts bytes target     prot opt in     out     source               destination
Chain OUTPUT (policy ACCEPT 150 packets, 10086 bytes)
 pkts bytes target     prot opt in     out     source               destination
Chain POSTROUTING (policy ACCEPT 150 packets, 10086 bytes)
 pkts bytes target     prot opt in     out     source               destination
   10   816 LOG        all  --  *      bond0   192.168.200.0/24     0.0.0.0/0            LOG flags 0 level 4
   10   816 MASQUERADE  all  --  *      bond0   192.168.200.0/24     0.0.0.0/0


main:~ # iptables -t filter -L -n -v
Chain INPUT (policy ACCEPT 14651 packets, 1893K bytes)
 pkts bytes target     prot opt in     out     source               destination         
Chain FORWARD (policy ACCEPT 8 packets, 672 bytes)
 pkts bytes target     prot opt in     out     source               destination         
  988 82992 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
Chain OUTPUT (policy ACCEPT 15886 packets, 5514K bytes)
 pkts bytes target     prot opt in     out     source               destination         


 main:~ #  sysctl -a | grep net.ipv4.ip_forward
net.ipv4.ip_forward = 1
net.ipv4.ip_forward_update_priority = 1
net.ipv4.ip_forward_use_pmtu = 0


main:~ #  cat /proc/sys/net/ipv4/ip_forward
1

main:~ # lsmod | grep -E -i "conntrack|masquerade"
xt_conntrack           16384  1
xt_MASQUERADE          20480  1
nf_nat                 49152  3 xt_nat,iptable_nat,xt_MASQUERADE
nf_conntrack_tftp      20480  2
nf_conntrack          176128  5 xt_conntrack,nf_nat,nf_conntrack_tftp,xt_nat,xt_MASQUERADE
nf_defrag_ipv6         24576  1 nf_conntrack
nf_defrag_ipv4         16384  1 nf_conntrack
x_tables               53248  7 xt_conntrack,iptable_filter,xt_LOG,xt_nat,ip_tables,xt_MASQUERADE,iptable_mangle
libcrc32c              16384  5 nf_conntrack,nf_nat,bnx2x,btrfs,nf_tables

Setting on worker node is quite simple but should be suffient.

3: enp10s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether c4:6e:1f:03:68:31 brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.20/24 scope global enp10s0
       valid_lft forever preferred_lft forever

worker:~ #  ip r
default via 192.168.200.50 dev enp10s0  proto dhcp
192.168.200.0/24 dev enp10s0  proto kernel  scope link  src 192.168.200.20

With this setup we can only ping IP adddresses (internal or external) of main computer, but that’s all.

worker:~ #  ping 147.232.232.35
PING 147.232.232.35 (147.232.232.35) 56(84) bytes of data.
64 bytes from 147.232.232.35: icmp_seq=1 ttl=64 time=0.141 ms
64 bytes from 147.232.232.35: icmp_seq=2 ttl=64 time=0.245 ms
64 bytes from 147.232.232.35: icmp_seq=3 ttl=64 time=0.194 ms
^C
--- 147.232.232.35 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.141/0.193/0.245/0.043 ms


worker:~ #  ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
^C
--- 8.8.8.8 ping statistics ---
10 packets transmitted, 0 received, 100% packet loss, time 8999ms

bbgpu:~ # ping 147.232.232.33
PING 147.232.232.33 (147.232.232.33) 56(84) bytes of data.
^C
--- 147.232.232.33 ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 2999ms

In the log I can see that request was recieved but that’t all.

May 08 13:47:41 main kernel: IN=ens8f0 OUT=bond0 MAC=a0:36:9f:76:ca:ca:c4:6e:1f:03:68:31:08:00 SRC=192.168.200.20 DST=8.8.8.8 LEN=84 TOS=0x00 PREC=0x00 TTL=63 ID=33766 DF PROTO=ICMP TYPE=8 CODE=0 ID=27968 SEQ=1 

main:~ #  grep 192.168.200.20 cat /proc/net/nf_conntrack
/proc/net/nf_conntrack:ipv4     2 icmp     1 29 src=192.168.200.20 dst=8.8.8.8 type=8 code=0 id=30324 src=8.8.8.8 dst=147.232.232.35 type=0 code=0 id=30324 mark=0 zone=0 use=2

There is probably missing “(ASSURED)” in the record above?

What is the issue here? Almost all tutorials say this is the correct way for masquerading.

Thank you for help!

wireless networking – Outbound VPN is Blocked by a Physical Wall

Background

Consider my typical home network, consisting of a cable ISP and retail LinkSys WiFi router.

My iPhone automatically joins the WiFi network when it’s in range. Installed on the iPhone is ProtonVPN, client software for a popular VPN provider.

The VPN client connects “on demand” and for the most part works flawlessly.

Problem

All connections over the VPN fail when the iPhone is used from a particular room in my home.

Using another VPN client (e.g. OpenVPN) or even a different VPN provider all together (e.g. BraveVPN) triggers the same problem.

Analysis

The room in question has a concrete wall in the router-facing direction, so naturally one would assume that the WiFi signal is having trouble penetrating the wall, and perhaps I need a range extender of some sort.

Except that, while standing in the room in question…

  • The WiFi signal indicator shows full strength.
  • Manually disabling the VPN allows full connectivity to resume.
  • SpeedTest.net with VPN disabled shows 50ms latency, 80Mbps down, and
    10 Mbps up. The connection is totally solid from that room.

It’s only when the VPN is connected (any VPN, not just ProtonVPN) that connectivity is hindered, and only in that one room.

I’m familiar with the idea of a firewall blocking outbound VPN connections, but this case is unusual insofar as the connection seems to blocked by a physical wall.

Any idea what would cause an odd problem like this to manifest and how one would fix it?

networking – Simple Network at Church

We are updating out streaming system at church adding a second computer for streaming only and a new PTZ camera that can send video over Lan. Only problem, we don’t have a Lan. I only want to connect the camera and the two computers together to share the camera and bring videos from the old computer. Do I need a wired router or can I just use a smart switch to do that? Right now we are using a wireless internet. We will not be hooking up to the wired system since the wireless modem is on the other end of the building.

networking – Internet Connection Sharing not working on Windows10

I cannot share the internet connection between two PCs using ICS. Here is my setup:

  • PC 1 is the ICS host. It has internet acces through Wifi.
  • Both PC are connected to a switch by Ethernet cables.
  • The switch does not have internet access.

On PC1 I enabled sharing through Network connection properties.

enter image description here

This is what i get on PC1:

enter image description here

Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   IPv4 Address. . . . . . . . . . . : 192.168.137.1
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . : home
   IPv4 Address. . . . . . . . . . . : 192.168.2.24
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.2.1

And this on PC2:

enter image description here
Ethernet adapter Ethernet:

   Connection-specific DNS Suffix  . :
   IPv4 Address. . . . . . . . . . . : 192.168.0.2
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 192.168.0.1

PC2 reports no internet connection. Both network adapter are labeled as unknown network instead of “VIRGIN002”.

Shouldn’t the PC2 have an IP address in the range 192.168.137.X for it to work?

Thanks.

networking – No network connection after fresh debian install

Today I built a new PC, installed debian, during installation it was downloading additional packages from deb.debian.org mirror, so connection to internet must have been fine, however after installation my debian is not connected to the network at all.

The command ip a shows only “lo” device. In /etc/network/interfaces I can see a device: enx3c18a002d1c5. If I try to do ifup enx3c18a002d1c5 then is says:

Cannot find device "enx3c18a002d1c5"
Failed to get interface index: No such device

networking – I get same private IP for different IPS connection

The OS remembers the last DHCP lease it has received – every time you connect to the network, it tries to refresh the same lease (if it’s still valid), and then it tries to request a new lease for the same address that it previously had. (The router doesn’t have to honor this, but many routers actually do.)

However, as far as I know, Windows does not store the leases separately for each Wi-Fi SSID – instead, it only remembers one lease per network adapter. So when you connect to network B, Windows will still try to refresh a lease that it got from network A, requesting the same address as it had before.

Note that private address assignment is not done by your ISP – it is done by the router, which is the mobile phone that’s providing the “hotspot”. (Yes, the phone really provides DHCP and everything.)

networking – A Network-wide HTTP(S) Redirection Software

I currently have a program that requests data from a server (let’s say google.com), and gets replies from that same server. This application works on many devices like Android, iOS and Windows. Deploying to this server is difficult, as the backend is huge, so what I would like to do is intercept that traffic and redirect it to a local server for development purposes on the entire network to see how it works across all of the devices it supports.

The application accesses the server and all of it’s subdomains (so *.google.com). What I would like to do it route all that traffic from my application to a completely different server, namely localhost, then deploy the backend after I am done editing it on localhost to the main server.

All of the traffic will resemble this diagram here

For all requests:

*.google.com ---------> localhost:8080

Application expects it is requesting content from *.google.com but in fact it is requesting content from localhost at port 8080

For responses:

*.google.com <-------- localhost:8080

Application expects it is getting a response from *.google.com but gets a response from localhost at port 8080. Request is completely the same format as if it were getting it from *.google.com so the application does not notice the difference besides different content.

I have setup my localhost server to automatically accept and recognize any requests the application asks for so the replies should not be an issue.

The only issue that arises is rerouting all that traffic for the entire network. I do not think it is impossible though, as I’ve seen network-wide utilities like pihole do similar things, where they use a filter to block specific domains that deal with ads. I do not mind having to change my DNS on multiple devices, as all I want is to have the ability to reroute any traffic as described above.

Is there any tool that is available that I will be able to use, or will I have to create my own? What resources are available?