How to isolate a WAP (WiFi router) from the internet, but not the LAN?

// This is my first foray into actually asking a question on stack-exchange, if I have erred in location or protocol please let me know!

Basic Problem:

I am trying to set up a Wifi router in an specific area, so that when connected I can access some utilities/services that are available on our LAN, but at the same time not access the internet. These utilities/services are hosted by a server on the LAN, and I want them to also be available to the rest of the (internet-connected) LAN. As a final note, I would like to preserve whatever form of name resolution (DNS) I end up adopting within the LAN.

Context/Details:

An example of one of the services is Kiwix, which currently hosts Wikipedia some other machining references. Another is WikiJS.

I currently plan on using an old Linksys WRT54GL with stock firmware as the WAP, however if DD-WRT or different hardware would be a better choice that is not an obstacle (read: VLAN?).

Research/Current Work:

I tried hunting around the web, and here, but was unsuccessful in either finding anything terribly similar or describing my problem.

That said, I gather there may be many ways to get the job done. The simplest, which I have not yet tried, would seem to be connection an existing (internet connected) router/switch into one of the LAN ports of the router, leaving the WAN/Internet port empty. This will be my first attempt, but I figured I would seek confirmation as well.

Alternatively, I know there are potential router firmware options that would facilitate behavior like this, perhaps involving a local DNS server?

And "lastly", we have a pfSense firewall at the edge of the LAN, and my understanding is that this could easily be utilized to restrict access to the internet for a particular WAP.

If anyone could offer confirmation as to whether one of these, or another approach would solve my problem, thank you.

wireless networking – Monitoring connection to wifi router

I want to figure out where I should place my wifi router. Is there an app that monitors desktop to wifi connection quality in real time so I can just walk around/hold it up/down near a wall etc to see where it is optimal?

I don’t want to run a speed test, I am not trying to measure the internet connection, I am interested in the connection to the router itself.

networking – Tuning Linux router and server for better performance / solving single TCP connection slow speed

I have a simplest/common network architecture.

Web server sits behind router on local network. This router does iptables DNAT so port forwarding is achieved to web server.

Therefore, I’m able to download file from server 1 to my computer over the internet.

enter image description here

My questions

  1. What is the proper kernel tuning to ensure that router is using most of its potential (for around 2000 connections and highest throughput)? I have an issue in ORANGE

  2. Do kernel parameters look fine on Server 1?

  3. Can you explain why I’ve got just 3mbps from Server 1 while CPU and RAM are not overloaded? So can you see other issues apart Linux kernel, CPU and RAM? Could you list these possible issues to explore? 1gbps network interfaces, ports, etc? 2×1.5ghz ARM is slow for routing? iptables version?

OS and resources

Computer – Mac OS 8 x86 CPU cores, 16G/32G of free RAM

Router – Linux DD-WRT 2 ARM CPU cores, 270M/512M of free RAM

Server 1 – Linux Ubuntu 18.04 4 x86 CPU cores, 240M/32G of free RAM (500M swapped to SSD)

Server 2 – Linux Raspbian 1 ARM CPU core, 95M/512M of free RAM

MTU

Everywhere 1500

TXQUEUELEN

Everywhere 1000

Protocols

UDP speeds are fine

TCP speed is affected, any port

Iptables version

Router – 1.3.7

Server 1 – 1.8.4

Server 2 – 1.6.0

Linux versions

Router – 4.9.207

Server 1 – 5.4.0-67-generic

Server 2 – 4.14.79+

Theoretical link speeds

From my computer to router – 30mbps / 3.75 MB/s

From router to web server 1 – 1gbps

From router to web server 2 – 1gbps

Download speeds from web server (file is hosted in RAM)

TEST 1: Server 2 -> Router = 800mbps

TEST 2: Server 2 -> Computer = 30mbps

TEST 3: Server 1 -> Router = 800mbps

TEST 4: Server 1 -> Computer using 15 connections = 15mbps

TEST 5: Server 1 -> Computer = 3mbps (the issue!)

CPU usage is at around few percents on any device. CPU load average is 0.0x on all devices, but Server 1 – it has 4.6 load average. Server 1 also handles around 500-1000 connections for other things outside of tests, but at around 1mbps so it shouldn’t affect test throughput dramatically (unless these connections somehow making things worse indirectly).

Regardless that load is higher, TEST 3 performed very well. So it’s still hard to blame Server 1.

There are no issues in dmesg on any device.

My thoughts

Issue appears only when DNAT’ing on router and only with Server 1 which has high amount of other connections (but these connections are almost idling so shouldn’t affect everything badly?).

Most interesting test to describe in final thoughts

When I do multi-thread web download (TEST 4) Server 1 performs much better.
So it’s capable to reach higher download speeds. But why 1 connection can’t reach same speed as multiple ones?

Parameters that I explored

Can you see something that is not well optimised for Linux router?

net.core.wmem_max – maximum tcp socket send buffer memory size (in bytes). Increase TCP read/write buffers to enable scaling to a larger window size. Larger windows increase the amount of data to be transferred before an acknowledgement (ACK) is required. This reduces overall latencies and results in increased throughput.

This setting is typically set to a very conservative value of 262,144 bytes. It is recommended this value be set as large as the kernel allows. The value used in here was 4,136,960 bytes. However, 4.x kernels accept values over 16MB.

Router – 180224

Server 1 – 212992

Server 2 – 163840

Somewhere else used – 83886080

net.core.wmem_default

Router – 180224

Server 1 – 212992

Server 2 – 163840

Somewhere else used – 83886080

net.ipv4.rmem_max – maximum tcp socket receive buffer memory size (in bytes)

Router – 180224

Server 1 – 212992

Server 2 – 163840

Somewhere else used – 335544320

net.core.rmem_default

Router – 180224

Server 1 – 212992

Server 2 – 163840

Somewhere else used – 335544320

net.ipv4.tcp_rmem – Contains three values that represent the minimum, default and maximum size of the TCP socket receive buffer. The recommendation is to use the maximum value of 16M bytes or higher (kernel level dependent) especially for 10 Gigabit adapters.

Router – 4096 87380 3776288

Server 1 – 4096 131072 6291456

Server 2 – 4096 87380 3515840

Somewhere else used – 4096 87380 4136960 (IBM)

net.ipv4.tcp_wmem – Similar to the net.ipv4.tcp_rmem this parameter consists of 3 values, a minimum, default, and maximum. The recommendation is to use the maximum value of 16M bytes or higher (kernel level dependent) especially for 10 Gigabit adapters.

Router – 4096 16384 3776288

Server 1 – 4096 16384 4194304

Server 2 – 4096 16384 3515840

Somewhere else used – 4096 87380 4136960 (IBM)

net.ipv4.tcp_tw_reuse – In high traffic environments, sockets are created and destroyed at very high rates. This parameter, when set, allows no longer needed and about to be destroyed sockets to be used for new connections. When enabled, this parameter can bypass the allocation and initialization overhead normally associated with socket creation saving CPU cycles, system load and time.

The default value is 0 (off). The recommended value is 1 (on).

Router – 0

Server 1 – 2

Server 2 – 0

Somewhere else used – 1

net.ipv4.tcp_tw_reuse

Router – 0

Server 1 – 2

Server 2 – 0

Somewhere else used – 1

net.ipv4.tcp_max_tw_buckets – Specifies the maximum number of sockets in the “time-wait” state allowed to exist at any time. If the maximum value is exceeded, sockets in the “time-wait” state are immediately destroyed and a warning is displayed. This setting exists to thwart certain types of Denial of Service attacks. Care should be exercised before lowering this value. When changed, its value should be increased, especially when more memory has been added to the system or when the network demands are high and environment is less exposed to external threats.

Router – 2048

Server 1 – 131072

Server 2 – 2048

Somewhere else used – 65536, 262144 (IBM), 45000 (IBM)

net.ipv4.tcp_tw_reuse

Router – 0

Server 1 – 2

Server 2 – 0

Somewhere else used – 1

net.ipv4.tcp_fin_timeout

Router – 60

Server 1 – 60

Server 2 – 60

Somewhere else used – 15

net.ipv4.tcp_max_syn_backlog

Router – 128

Server 1 – 2048

Server 2 – 128

Somewhere else used – 65536

net.ipv4.ip_local_port_range – range of ports used for outgoing TCP connections (useful to change it if you have a lot of outgoing connections from host)

Router – 32768 60999

Server 1 – 32768 60999

Server 2 – 32768 60999

Somewhere else used – 1024 65535

net.core.netdev_max_backlog – number of slots in the receiver’s ring buffer for arriving packets (kernel put packets in this queue if the CPU is not available to process them, for example by application)

Router – 120

Server 1 – 1000

Server 2 – 1000

Somewhere else used – 100000, 1000 (IBM), 25000 (IBM)

net.ipv4.neigh.default.gc_thresh1

Router – 1

Server 1 – 128

Server 2 – 128

Somewhere else used – 128

net.ipv4.neigh.default.gc_thresh2

Router – 512

Server 1 – 512

Server 2 – 512

Somewhere else used – 512

net.ipv4.neigh.default.gc_thresh3

Router – 1024

Server 1 – 1024

Server 2 – 1024

Somewhere else used – 1024

net.ipv4.neigh.default.gc_thresh3

Router – 1024

Server 1 – 1024

Server 2 – 1024

Somewhere else used – 1024

net.core.somaxconn – maximum listen queue size for sockets (useful and often overlooked setting for loadbalancers, webservers and application servers (like unicorn, php-fpm). If all server processes/threads are busy, then incoming client connections are put in “backlog” waiting for being served). Full backlog causes client connections to be immediately rejected, causing client error.

Router – 128

Server 1 – 4096

Server 2 – 128

net.ipv4.tcp_mem – TCP buffer memory usage thresholds for autotuning, in memory pages (1 page = 4kb)

Router – 5529 7375 11058

Server 1 – 381144 508193 762288

Server 2 – 5148 6866 10296

net.nf_conntrack_max – maximum number of connections

Router – 32768

Server 1 – 262144

Server 2 – no information

net.netfilter.nf_conntrack_max – maximum number of connections? If this is correct parameter, then 1560 is not enough

Router – 1560

Server 1 – 262144

Server 2 – no information

/proc/sys/net/ipv4/tcp_congestion_control – Network congestion in data networking (…) is the reduced quality of service that occurs when a network node is carrying more data than it can handle. Typical effects include queueing delay, packet loss or the blocking of new connections. Networks use congestion control and congestion avoidance techniques to try to avoid congestion collapse.1

Router – westwood

Server 1 – cubic

Server 2 – cubic

net.ipv4.tcp_syn_retries – Specifies how many times to try to retransmit the initial SYN packet for an active TCP connection attempt. The current setting is 20, which means that there are 20 retransmission attempts before the connection times out. This can take several minutes, depending on the length of the retransmission attempt.

Router – 6

Server 1 – 6

Server 2 – 6

net.ipv4.tcp_low_latency – The default value is 0 (off). For workloads or environments where latency is a higher priority, the recommended value is 1 (on).

Router – 0

Server 1 – 0

Server 2 – 0

net.ipv4.tcp_limit_output_bytes – Using this parameter, TCP controls small queue limits on per TCP socket basis. TCP tends to increase the data in-flight until loss notifications are received. With aspects of TCP send auto-tuning, large amounts of data might get queued at the device on the local machine, which can adversely impact the latency for other streams. tcp_limit_output_bytes limits the number of bytes on a device to reduce the latency effects caused by a larger queue size.

Router – 262144

Server 1 – 1048576

Server 2 – 262144

Somewhere else used – 262,144 (IBM), 131,072 (IBM)

typescript – Recargar HTML en base a evento de router? Angular

Tengo un componente breadcrumb, el cual esta dentro de un header,fijo en la pagina.
Es decir, se inicia una vez,etc.
Este breadcrumb ,esta suscrito a los eventos del router, para recibir un objeto data con los label y url para armar ese breadcrumb.

Me funciona excelente cuando voy de una pagina a otra (componente a otro) pero cuando estoy en un mismo componente, pero con distintos parametros de ruta, como por ejemplo: componente1/primer-parametro y componente1/segundo-parametro. La suscripcion sigue emitiendo valores, pero mi html del breadcrumb es como que esta vez hace el cambio.

Como necesito rutas dinamicas en ciertas partes, que saco los valores del session storage, utilizo un pipe para transformar y obtener ese item.

HTML BreadCrumb

  <section class="breadcrumbs" >
    <ng-container *ngFor="let titulo of titulos">
       <a class="title-breadcrumb" *ngIf="!!!titulo.url">
        <p *ngIf="titulo.textBefore" class="bredCrumbTitleNone">{{titulo.textBefore}}</p>
        {{ titulo.label | uppercase | breadCrumbFormat }}
        <p *ngIf="titulo.textAfter" class="bredCrumbTitleNone">{{titulo.textAfter}}</p>
      </a>

      <a class="title-breadcrumb title-breadcrumb-hover" *ngIf="!!titulo.url" (routerLink)="titulo.url | breadCrumbFormat">
        {{ titulo.label | uppercase | breadCrumbFormat  }}<span class="mat-icon arrow-tittle" >arrow_forward_ios</span>
      </a>

    </ng-container>
  </section>

Como ven utilizo 2 pipes, el personalizado mio “breadCrumbFormat” que es el que obtiene el item del storage para poner el valor dinamico. y el uppercase default.

COMPONENT TS, Breadcrumb

export class BreadcrumbsComponent implements OnDestroy {
  public titulos: any;
  public tituloSubs: Subscription;

  constructor(
    private router: Router,
    private _location: Location,
  ) {

  this.tituloSubs = this.getArgumentosRuta().subscribe((response) => {
    console.log('DATA-ROUTER',response);
      this.titulos = response.titulos;
  });
  }

  getArgumentosRuta() {
    return this.router.events.pipe(
      filter((event) => event instanceof ActivationEnd),
      filter((event: ActivationEnd) => event.snapshot.firstChild === null),
      map((event: ActivationEnd) => event.snapshot.data)
      );
  }
  
 }

Aca esta lo importante, en esta suscripcion, es donde escucho los eventos del router cuando cambia de pagina y demas y saco el objeto data (que es el que paso en el routing) para obtener los labels y demas.

Atentos al console.log ya que mas abajo mostrare, que cuando se cambia de parametro en la misma ruta sigue emitiendo valor como si fuese que se cambio a otra ruta

Routing:

const routes: Routes = (
  {
    path: '',
    component: IndicatorsComponent,
    canActivate: (LoggedGuard),
    data: {titulos:( {label:'(STORAGE)tipoIndicador', url:''})},
  },
)

Aca se arma el objeto del breadCrumb y para cuando es dinamico utilizo la key “(STORAGE)” para saber que es tengo que sacar el valor del storage y el item es la palabra posterior a esta key. Esto lo obtengo mediante el pipe personalizado:

PIPE Breadcrumb

export class BreadCrumbFormatPipe implements PipeTransform {

  constructor(){}

  transform(value: any) {
    if(value.includes('(STORAGE)')){
      let indice = value.indexOf('(STORAGE)'),
          primeraParte = value.substring(0,indice),
          itemStorage = value.substring(indice).replace('(STORAGE)','').trim(),

          newValue = `${primeraParte}${sessionStorage.getItem(itemStorage || '')}`

      return newValue
    }
    return value;
  }

}

Como les digo cuando voy de una ruta a otra (osea diferentes componentes) el pipe me funciona perfectamente

Ejemplo POSITIVO

Voy de la ruta indicadores(IndicatorsComponent) a la ruta acciones(ActionsComponent)

introducir la descripción de la imagen aquí

introducir la descripción de la imagen aquí

Funciona sin problemas.

Ahora bien, cuando lo hago dentro del mismo componente (IndicatorsComponent) pero con diferentes parametros:

introducir la descripción de la imagen aquí

introducir la descripción de la imagen aquí

Como ven NO CAMBIO. se acuerdan del console.log de arriba? que se ejecutaba cuando pasaba un evento del router y este le asignaba el valor y demas: bueno le adjunto la captura de cuando fui a cada ruta con su parametro y se ejecuto bien sin problemas:

introducir la descripción de la imagen aquí

No se bien que podria ser, probe un timeOut, antes de asignar el valor porque capaz se setiaba antes que el session storage, pero tampoco era esto. El ngOnChance del breadcrumb,no emite nada.

Como puedo recargar el html cuando sale el evento del router, el que imprime el console log?

Can I backup Synology NAS to offsite Synology Router using WebDAV over VPN

I have a sinology router, RT2600ac which is hosting an IPSec VPN and WebDAV with a USB connected disk.

My goal is to have my Synology Diskstation (which is a NAS) at another location connect to the Synology RT2600ac router’s VPN and then run hyper backup using WebDAV to access to USB connected disk.

I am able to connect to the VPN but I can’t get hyper backup to connect to the WebDAV server.

Is what I’m proposing even possible? Specifically to use a VPN to connect to WebDAV to securely backup files?

react.js – React quiz app with Redux, React Router

I was wondering what could be improved upon it. I am looking at how it’s using Redux and how it’s also using hooks and I don’t really see anything wrong with it, but I am wondering if it could be improved upon.

import React, { Component } from 'react';
import { connect } from 'react-redux';



class ResultTile extends Component {


    isCorrect(options, answers, index) {
        let i
        options.map((value, index1) => {
            if (value.isAnswer === true)
                i = index1
            return null
        })
        if (options(i).name === answers(index)) return true
        else return false
    }

    getAnswer(options) {
        let answer
        options.map((val, index) => {
            if (val.isAnswer === true) {
                answer = options(index).name
            }
            return null
        })

        return answer
    }


    render() {
        let key = 0

        return (
            this.props.questions.map((question, index) => {
                return (
                    <div
                        key={question.id - 1000}
                        className={this.isCorrect(question.options, this.props.answers, index) ? "alert alert-success mx-auto px-4 py-1 w-100 " : "alert alert-danger mx-auto px-4 py-1  w-100"}
                        role="alert">
                        <p className="font-weight-bold" > <strong> Q{question.id - 1000}.</strong> {question.name} </p>
                        <div className="container">
                            <div className="row">
                                <form className=" ">
                                    {question.options.map((option) => {
                                        return <div
                                            key={key++}
                                            className="form-check">
                                            <input
                                                className="form-check-input key"
                                                type="radio"
                                                checked={option.name === this.props.answers(index)}
                                                disabled />
                                            <label
                                                className="form-check-label">
                                                {option.name}
                                            </label>
                                        </div>
                                    })
                                    }
                                </form>
                            </div>
                        </div>

                        <div className="alert alert-dark p-1 mt-3 mb-2 w-100" role="alert">
                            Right answer is : <strong>{this.getAnswer(question.options)}</strong>
                        </div>

                    </div>
                )
            }
            )
        );
    }
}

const mapStateToProps = state => {
    return {
        answers: state.answers,
        questions: state.questions

    }
}
const mapDispatchToProps = dispatch => {
    return {
        updateBonus: () => dispatch({ type: "UPDATE_BONUS", value: 100 }),
    }
}


export default connect(mapStateToProps, mapDispatchToProps)(ResultTile);

You can check the whole app, or just this component in particular, because it’s one of the bigger components.

Why my router response to my ping request

my internet connection is down, so I made a continuous ping command to “google.com” in order to be able to know when the internet back.

but I notice that I’m getting a reply even thought there is no internet, then I notice that this reply is from my router’s IP address.

Why my router is responding to my ping request? and how to change that?

Edit: I removed IPV6 support and now everything is normal and my router stopped responding to the ping request.

Could you please explain to me what is the reason of that.

wireless networking – Using a linksys wrt160n v3 router as a repeater – troubleshoot

Following explanation in this video https://www.youtube.com/watch?v=Ud-Hq3kgvk4&t=1s

I tried to use a linksys wrt160n v3 router as a repeater for having internet signal in places it does not reach.

Main router from the cable/internet provider is a Sagemcom F@st 3890 v3 tlc.

I succeded in making the linksys to receive wifi signal (it appears connected in the Sagemcom net map) but I can not make it to emit wifi.

Can t understand why.

Main router s ip is 192.168.0.1

Linksys original ip is 192.168.1.1.

Did not change ip at first because they were already different. As the link sys did not emit wifi, I tried to change ip (int he thought that maybe they had to be in same subnet) to 192.168.0.2.

Now I can not enter the linksys management window, having no other solution than resetting the thing (again).

Any ideas? Thanks in advance to everyone!

Ps: I´d like the linksys to emit a wifi with a different name, so I know which one is in use. I thought that was what was detailed in the video, but nothing happened, although said broadcast is enabled for the second router, there is no wifi signal detected from it.

I found the youtube video in an old post from this web:

changed router ip. now cant access routers web interface

networking – Finding router Private WAN IP through bash

I am new to networking and I don’t have knowledge in this field. As far as I know there are three types IP addresses.

  1. Local addresses like 192.168.x.x used in LANs.
  2. A WAN address
  3. A private address like 10.x.x.x which some routers show on configuration or system information tab..

Below is the screenshot of system information of my home router

Now,

  1. I can get the first type of address by ifconfig.
  2. I can get the second type by using either host or dig or any other website.
  3. I can get the third type by logging into the router’s admin panel.

So my question is how can I get the third type of addresses (the red en-rectangled one) without logging into the admin panel i.e, through bash or something ?

Screenshot

DreamProxies - Cheapest USA Elite Private Proxies 100 Cheapest USA Private Proxies Buy 200 Cheap USA Private Proxies 400 Best Private Proxies Cheap 1000 USA Private Proxies 2000 USA Private Proxies 5000 Cheap USA Private Proxies ExtraProxies.com - Buy Cheap Private Proxies Buy 50 Private Proxies Buy 100 Private Proxies Buy 200 Private Proxies Buy 500 Private Proxies Buy 1000 Private Proxies Buy 2000 Private Proxies ProxiesLive.com Proxies-free.com New Proxy Lists Every Day Proxies123.com Proxyti.com Buy Quality Private Proxies