Categories
UBNT WISP

UBNT Aircube Update

A while back I did some posts on the Ubiquiti networks Aircube.
http://www.mtin.net/blog/ubnt-air-cube-first-impressions/
http://www.mtin.net/blog/aircube-part-2/

While cleaning my office I figured it was time to plug this guy back in and do a check of the new firmware. As soon as it was online, I logged in and was greeted with a firmware update message. I like it when this happens.

After just a few short minutes of verifying and then upgrading I was able to see what was new.  I have to say the firmware has come a long way.  I am not surprised, as I reviewed this product early in its life.  I was expecting things to get better and better and they did.

We now have PPPoE on the wan, a more unified dashboard, VLANs, UNMS, and VLANs.  For those of you with UBNT networks, this fits as a managed router nicely now.

Categories
cisco Data Center Networking xISP

Some basic Cisco router terminology

For those of you not so familiar with routers

https://ccnaeducation.com/lan-and-wan-interfaces-in-router/

Categories
Security

Guest Article: Can my router catch a virus?

Our friends over at TechWarn have their take on routers vulnerable to virus attacks

https://www.expressvpn.com/blog/can-my-router-catch-a-virus/

Big price differences between routers are often confusing to consumers as, unlike with personal computers, the quality difference is not always obvious. As routers are normally tied to a physical location, it is also rather difficult to test their reliability in different environments, unlike with highly mobile laptops or smartphones.

Routers often do not receive updates, or updates have to be manually downloaded and applied — a cumbersome process that is not an attractive option to many non-tech-savvy users.

Routers are desirable targets for attackers as they sit at a very sensitive spot on a network — right at the edge. They are a centralized point and connected to every single device in the network. Routers read all of the data that each device sends to the Internet, and if these connections are unencrypted, the router could easily inject malicious scripts and links.

Read more here..

Categories
BGP Networking

BGP local Pref and you

One of the bgp topics that comes up from time to time is what does “bgp local-pref” do for me? The short answer is it allows you to prefer which direction a traffic will flow to a given destination. How can this help you? Well before we start, remember the high number wins in local-pref.
Let’s assume you are an ISP. You have the following connections:
-You supply a BGP connection to a downstream client.
-You have a private peer setup with the local college
-You are hooked into a local internet exchange
-You have transport to another internet exchange in the next state over
-and you have some transit connections where you buy internet.

So how do we use BGP preference to help us out? We might apply the following rules to routes received from our various peers
Our downstream client we might set their local pref to 150
The college we may set them to 140
Preferred internet exchange peering: 130
Next state IX: 120
Transit ISPs: 100

Now these don’t make much sense by themselves, but they do when you take into account how BGP would make a decision if it has to choose between multiple paths. If it only has one path to a certain route then local-pref is not relevant.

Let’s say you have a customer on your ISP that is sending traffic to a server at a local college. Maybe they are a professor who is remoting into a server at the college to run experiments. There are probably multiple ways for that traffic to go. If the college is on the local Internet exchange you are a member of, that is one route, the next route would be your transit ISPs, and obviously your private peer with the college. So, in our example above the college, with a local pref of 140 wins out over the local exchange, wins out over the next state IX, and wins out over the Transit ISPs. We want it to go direct over the direct peer with the college. Mission accomplished.

local-pref is just one way to engineer your traffic to go out certain links. Keep in mind two things:
1.Higher number wins
2.local-pref only matters if there are multiple paths to the same destination.
3.Local-pref has to do with outbound path selection

Categories
Data Center hosting Networking Security WISP

Homeland Security US-Cert e-mail on Network infrastructure

A few days ago Homeland Security published an e-mail on threats to network devices and securing them.  Rather than cut and paste I exported the e-mail to a PDF. Some good best practices in here.

TA16250A The Increasing Threat to Network Infrastructure Devices and Recommended Mitigations

Categories
Mimosa Networking WISP xISP

Mimosa G2 first look

So Scott @ On-Ramp Indiana ordered a few of these and figured I would borrow one for a few days and do a first look and review on them.

Mimosa G2 Box

Nice and compact box.  I am a fan of the cover.  If this way on a store shelf I would notice.

G2 Insert
The very first thing you see is this wireless information card. Very handy for the home user. Many of my clients throughout the years save such things so having this in a bright card is a nice touch.  Another nice feature of this card is it has sticky tape on the back.  You can actually peel it off and stick it somewhere.  Not everyone has a network rack, so affixing it to there might not be the best bet.  We are in the day and age where there are not “telephone stations”.  The only thing I could come up with might be in a desk drawer or something like that.  I could see guests asking for the key so you would want this handy.  Any thoughts on a good place to put this?

Information Card
On the back of the card is a very handy diagram on the 3 modes of this device.  You can use it as a Wifi router. You can also use it as a repeater.  In this mode it works both wired and wireless.  As with some other manufactures it will auto-configure itself to join in with the rest of the network.  It learns the configuration and away it goes.  Thirdly, is a simple pass through mode. This is helpful if there is another router involved.

G2 contents
The box contained the unit, a slip on power plug, and the compliance paperwork no one reads. Thank you Lawyers.  One of the first things I noticed about this unit is the well made feel to it.  The plastic does not feel cheap, and it feels heavy.  That is always a scientific measure right?

G2 Ports
Mimosa has done a good job of helping the uneducated user on the use of this product.  A good example of this is plug, which is in the POE port.  This plug takes a little bit of effort to remove.  As you can see in the picture, it is also marked with a red label to distinguish this from the customer side.  This is so the customer doesn’t feed 48 volt to their router, laptop or whatever gets plugged in.

IMG_3553
Also, you have holes on the top and bottom for cooling.  On the side is a very easy to get to reset button. Another nod to Mimosa paying attention to common issues home users run into is there is a very clear sticker on the top of the unit which has the Home network SSID and passphrase on it.  A user can simply walk to the unit, look down and easily read the needed information.

G2 Plug

The power plug simply slides in a groove and snaps in place.  Nice clean setup.

In closing, my first impressions of this product are positive.  Packaging and instructions are put together well and easy to understand. The product feels good and has a good number of things to address common issues. Look for part two of this for a look of how this actually works, configuration, and testing.

If you are a manufacturer and have a product you think we would be interested in reviewing please contact us.