networking – Device category between router and firewall (subnetting but nothing more)

In our office building we are eight small independent offices. In the future we would like to share one internet connection. In order to make sure that we do not access the network of each others we are looking for a device which can create eight subnets / lan-segments.

Of course this task can be done with every firewall.
The problem is that we do not want to spend 2000 dollars for a device which can use our 1Gbit/s internet access. Actually we wouldn’t use 90% of the features of a firewall. Actually we just would like to have a router which creates an individual subnet for every port. Is there a special category of devices that I can look for?

networking – How to find another container on the same ECS cluster by hostname?

This question feels too obvious to not already have an answer but all of my google searches are coming up with nothing.

In docker (docker-compose) you can easily get the IP of another container by hostname. If you have explicitly created and assigned a network this just works out of the box. So a container foo can connect to another container bar simply by looking up the hostname “bar”.

I’m trying to achieve something similar in AWS ECS to allow a container from one service to talk to a container in another service. The ECS cluster has multiple hosts so I don’t think I can just specify bridge type networking.

Note that the protocol I need this for is not HTTP so an application load balancer is already out of the question.

Is there a recommended way to let one container discover another on the same cluster via hostname?

networking – Network Throughput ( test on aws)

We are currently conducting load balancing tests on aws.

Currently, HAProxy is running on the t2.micro instance (A) Five Web services are running on the t2.micro instance. (B-1,B-2 …)

A distributes the traffic to Group B.

As far as I know, t2.micro has an average throughput of 0.3 gbps, and if you change this to bytes, it’s going to be difficult to process when it’s over 37.5 mb.

However, monitoring data shows that network input bytes are 120 mb in A, and A works normally. In addition, group B has 24 mb of input bytes for each service, and the web site is normally visible.

I’m confused. Please point out the wrong part.

networking – How to forward traffic from eth0 to ppp0 on Android

I am using Android 10 on a custom device. The Android image has been generated by AOSP.
I need to forward the traffico from the eth0 to the ppp0 (LTE module) interface.
I’ve managed to enable the ppp0 interface by using the pppd script (i.e.: pppd call my-connection-info) and I can see that I receive the two DNS server addresses and my public IPv4 successfully.
Now the first weird thing: If I ping to 8.8.8.8 I receive “connect: Network is unreachable” meanwhile if I specify the ppp0 interface with ping -I ppp0 8.8.8.8 I can successfully ping the target.

Now I want to forward the eth0 traffic to the ppp0, to do so I’ve tried the following commands:

$ echo 1 > /proc/sys/net/ipv4/ip_forward
$ iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE

But the PC on the other end of the eth0 interfce still prompts “From 192.168.10.1 icmp_seq=xxx Destination Net Unreachable” where 192.168.10.1 address is the Android device (which acts like a gateway).

This is the content of netstat -rn command:

Kernel IP routing table
Destination Gateway     Genmask     Flags   MSS Window  irtt Iface
0.0.0.0         10.64.64.64     0.0.0.0         UG        0 0          0 ppp0
10.64.64.64     0.0.0.0         255.255.255.255 UH        0 0          0 ppp0
192.168.10.0    0.0.0.0         255.255.255.0   U         0 0          0 eth0

This is the output of netstat -rn:

default via 10.64.64.64 dev ppp0 
10.64.64.64 dev ppp0 proto kernel scope link src 10.53.117.129 
192.168.10.0/24 dev eth0 proto kernel scope link src 192.168.10.1 

This is the output of iptables -L (which I’ve flushed with iptables -F, iptables -X and iptables -t nat -F):

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Which is the issue here? Thank you.

networking – Any low cost solution for using Windows as home NAT router?

Long story short:

I need to replace a D-Link home router with Windows PC for some reason. How can do it without paying $500 for a Windows Server license?


Full story:

I’ve been a Linux & Mac user for my whole life and I have my own computers in office. Recently the upper-level decided to further enforce monitoring effort, by forcing all of us to install 3 different set of monitoring softwares on computer, otherwise the network access will be blocked. Needless to say, there are only Windows version available.

As a full stack coder, I’m not going to change my coding workflow. I’m planning to set a spared old Windows PC as guise, to satisfy those control freaks.

Problem is, I’ve no idea how the monitoring software works; I don’t know whether it’s proactively connecting to some server, or passively listening to some TCP/UDP ports on the given static private IP address. I’m now using a cheap D-Link home router to share the network link to my two working machines, and I need to enable port forwarding for HTTP access to my woking machine, so I can’t just put the Windows PC behind NAT and set it to DMZ.

So, I need to setup a NAT server on Windows to share Ethernet connection to another Ethernet NIC, for two of my own computers. I fully aware how to set up packet forwarding and IP masquerading on Linux system, but I’ve no idea how to do that on Windows. I tried to search on internet, but after few hours reading I can only find 3 different types of solutions regarding this topic:

  • Set up NAT in Hyper-V. If I understand it correctly, it works only for internal routing between guest OS and host OS. This is not what I wanted since I need packet forwarding between two physical NICs, and I don’t think it would be a good idea to run a Linux guest OS solely for this purpose.
  • Set up TCP forwarding using netsh command, but seems this only works for TCP but not UDP. I need to forward UDP too for my project under development so this doesn’t work for me too.
  • Install Windows Server. Yeah it works but it costs $500+ for a minimal essential licensing.

Is there any other 3rd party tools for this ? I don’t mind paying for software but $500 is a little bit too much.

networking – Random network disconnects (Ubuntu 20.04)

I recently had to move my lab ubuntu server (20.04) to another VLAN. Technically, the entire network bit it and I had to reset it all up and I cleaned up some VLANs in the process. The IP is assigned by the router and I’ve confirmed that the server has picked up the new IP. For the most part the box is available and connected to the network. However, the connectivity frequently drops. Once it drops it typically comes back within a minute or so with no intervention. It’s driving me nuts. I’ve pulled the box and stuck on my desk with a keyboard and monitor attached so I can try and diagnose when the problem occurs but I’m not exactly sure how to do that. Any thoughts here? I upgraded from 18 to 20 in the magical hopes it would solve the problem. I might just wipe and reinstall. The box is only running docker so that might be an easier path.

networking – Only dropbox.com isn’t resolving on my laptop. How do I fix it?

OS: Windows 10 20H2

Dropbox.com isn’t resolving. I cannot connect to it using my laptop. I have tried the following methods:

  1. Disable the firewall
  2. Different browsers (Chrome, Edge and Firefox)
  3. Reset Network in Windows.
  4. Change DNS to both Google and CloudFlare; neither worked.
  5. Use a VPN
  6. Reset Chrome / clear cookies and cache
  7. Flush DNS record

The website is up and running though. I can connect to it using my Android phone that is connected to the same WiFi as my laptop. However it doesn’t load on my laptop. I have tried all these methods so far. Every other website is loading perfectly fine.

Can someone please tell me how do I fix it?

networking – ubuntu 18.04 ISO – Disable Network Configuration Prompts / Dialog via preseed config

During ubuntu iso 18.04 server install the network configuration manager dialog will showing if ethernet is not active.

Note: I have created unattended ubuntu 18.04 offline iso. hence I don’t want to show manual interaction like showing network configuration dialog. is there any way to disable the dialog since it has manually interacted?

Can we do it preseed file?

kindly help with this

Thanks,
Ramesh

networking – Open source network server/client for turnbased Unity game

The .Net framework has all the pieces you need if you’re implementing something yourself, and they’re cross-compatible in mono (although I haven’t tried them explicitly in Unity).

Check out the System.Net namespace. It has everything from raw sockets to TCP/HTTP clients.

Given the turn-based nature giving relatively low-frequency updates (and high tolerance for latency), I’d consider using an HTTP server of some kind with a technique like long polling.

networking – I have to type in port 80 after my website to see it (www.example.com:80 – but only with ssl)

I am new to server management and decided to learn by deploying my own website 😀

The problem is probably that I misconfigured iptables / didn’t configure them enough.

I have a node app running on port 8080 (https server, certificates are working well)

I ran sudo iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
to reroute all traffic that goes into the 80 port to go to 8080 – that worked for the normal http server -> I could go to www.example.com without issue.

tcptracerroute

tcptraceroute 159... 80
Selected device lo, address 159, port 35499 for outgoing packets
Tracing the path to 159 on TCP port 80 (http), 30 hops max
 1  ubuntu-main (159) (closed)  0.178 ms  0.064 ms  0.142 ms

(If it would help I can give the domain name / ip address)

netstat -ltnp

(sudo) password for twiggeh: 
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      531/systemd-resolve 
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      675/sshd: /usr/sbin 
tcp        0      0 127.0.0.1:42143         0.0.0.0:*               LISTEN      950/node            
tcp6       0      0 :::22                   :::*                    LISTEN      675/sshd: /usr/sbin 
tcp6       0      0 :::8080                 :::*                    LISTEN      1279/node   

iptables -L

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination