Categories
Mikrotik Networking

Common Questions: masquerade vs src-nat action Mikrotik

One of the common questions I get is what is the difference between Masquerade and SRC-NAt? Which should I use?
The quick answer is to use SRC-NAT if your gateway IP is static, and use masquerade if it can change.

The Mikrotik Wiki Entry
Firewall NAT action=masquerade is unique subversion of action=srcnat, it was designed for specific use in situations when public IP can randomly change, for example DHCP-server changes it, or PPPoE tunnel after disconnect gets different IP, in short – when public IP is dynamic.

Every time interface disconnects and/or its IP address changes, router will clear all masqueraded connection tracking entries that send packet out that interface, this way improving system recovery time after public ip address change.

Categories
Uncategorized

5G and small towns

https://www.cnet.com/news/how-5g-pits-the-fcc-and-carriers-against-local-governments/

A federal mandate to streamline the process for building out 5G could leave a lot of local municipalities feeling burned.

Categories
cisco

Helpful Cisco iOS commands

Categories
Mikrotik

Mikrotik Brute Force Backup

Looking to recover a password from a Mikrotik backup? Tools to encrypt/decrypt and pack/unpack RouterOS v6.13+ backup files. One of the reasons a strong password is important.

https://github.com/BigNerd95/RouterOS-Backup-Tools/blob/master/README.md

Categories
Wireless WISP xISP

CPE Grounding

A discussion which comes up over and over in the WISP space is grounding and proper installation of customer CPE. The folks at perfect-10 (https://www.perfect-10.tv/) were a vendor at #WISPAPALOOZA2018.  One of the best things I have seen them in a long time is the below photo they created. This is a great illustration of how a proper CPE goes.

Categories
Networking Security xISP

Updating your Bind DNS for latest trust anchors

A little Background on the rollover

From: https://www.icann.org/resources/pages/ksk-rollover/#overview
ICANN
 is planning to perform a Root Zone Domain Name System Security Extensions (DNSSEC) KSK rollover as required in the Root Zone KSK Operator DNSSEC Practice Statement [TXT, 99 KB].

Rolling the KSK means generating a new cryptographic public and private key pair and distributing the new public component to parties who operate validating resolvers, including: Internet Service Providers; enterprise network administrators and other Domain Name System (DNS) resolver operators; DNS resolver software developers; system integrators; and hardware and software distributors who install or ship the root’s “trust anchor.” The KSK is used to cryptographically sign the Zone Signing Key (ZSK), which is used by the Root Zone Maintainer to DNSSEC-sign the root zone of the Internet’s DNS.

Maintaining an up-to-date KSK is essential to ensuring DNSSEC-validating DNS resolvers continue to function following the rollover. Failure to have the current root zone KSK will mean that DNSSEC-validating DNS resolvers will be unable to resolve any DNS queries.

If you are running bind the quickest way to check is this:

If your configuration shows dnssec-validation yes;, you must change it to dnssec-validation auto;and restart your server before taking the steps below. This is in your named.conf

Categories
Uncategorized

USB to serial rs-232

UGREEN USB 2.0 to RS232 DB9 Serial Cable Male A Converter Adapter with PL2303 Chipset for Windows 10, 8.1, 8, 7, Vista, XP, 2000, Linux and Mac OS X 10.6 and Above (3ft) https://www.amazon.com/dp/B00QUZY4UG/ref=cm_sw_r_cp_api_yqvXBbC4W95XH

Categories
WISPA

WISPAPALOOZA 2018 ponderings and musings

Another WISPAPALOOZA has come and gone to Las Vegas.  If you are not familiar with WISPAPALOOZA it is one of the two major trade shows Wispa puts on each year.  The Las Vegas show is the larger of the two. If you are a Wireless Internet Service Provider (WISP), doing outdoor wireless networks, or involved in the WISP industry whatsoever this is the premier event for you.

Having attended several shows I have been able to see the evolution of the shows over the past X years. The industry has been evolving and this show highlights many of the evolutions the industry is undergoing.  This year billing, LTE, and business services needed by WISPs were prominent in the sessions and on the vendor floors.  Vendors such as Baicells, Cambium, Redline, and others were talking about their LTE offerings.

Other vendors such as  Ritalia funding and Unitel were there getting their message out to WISPs. As WISPs evolve, they are looking for services and products which help the business side of things.  This business side becomes as important in a mature WISP as the technical side is.

Another aspect WISPs look for as they grow are billing platforms.  Companies such as Sonar, Azotel, and VISP were represented at the Vegas show.  These can help your WISP streamline and automate operations.  The more you can stretch your resources the better.

 

One of the many sessions

Other themes of the show included fiber deployments, MDUs, and CBRS to name just a few. Knowledge exchange is a key highlight of shows such as this.  Operato

 

rs sitting around trading tips, war stories, and what is working and not working for them is invaluable.  The selection of the speakers and sessions highlight the pulse WISPA has on the industry as a whole.

Due to the varied mix of people in this WISP industry shows such as this are great for any level of employee.  Any employee will be able to find things they can be engaged with and hopefully add to their knowledge. As with any industry, making personal connections and people networking is huge these events. Being able to have a Rolodex of Vendors, distributors, consultants, and other folks in the industry are invaluable. Whether you forge relationships over a beer at the local bar, a walk down the strip, or just sitting at a table talking these conversations are something you can’t get anywhere else.

My week started with a 5 am arrival at the airport.  I was able to catch up with a friend in the industry over a coke at breakfast in the airport.  Even though he lives an hour south of me we don’t get together all that much.  He is a friend and someone who is doing cool stuff in the industry.  The ability to have that focused time is something many of us don’t get. We are so busy with our own lives we have to get into situations like that.  After landing in Vegas the intensity level ramps up.  You start seeing people you know and quick conversations turn into 20-minute conversations, and the next thing you know its 6 pm and you are just checking into your room. The next several days are more of the same.  Late nights, lots of conversations, lots of walking, and an overwhelming amount of information you will only begin to digest once you have a moment to relax. In the end it is a good kind of tired.

For more information and a show re-cap visit http://thebrotherswisp.com/ for a cast coming soon on a re-cap of some of the brothers discussing the show.

MTIN Family of Sites
https://j2sw.com
https://mtin.net/
https://www.indycolo.net

Categories
WISP xISP

Funding for your ISP

One of the more common questions at #WISPAPALOOZA2018 was how to do funding your for WISP.  One of our partner companies is Ritalia Fundiing

 

Categories
epmp Tower WISP WISPA

WISPAPALOOZA products

A photo album of some products from the wispa show in Vegas.