Facebook RSS
formats

The Brothers WISP 97 – Passive PoE Thievery, Mikrotik Extreme Performance, RouterOS Version 7



This week Greg, Mike, Tommy C, Andrew Thrift and Andrew Cox join their voices in chorus; we’ve been working on our acapella. Unfortunately someone didn’t wear headphones while recording so the audio is back to it’s old self…we’ll be back to normal next cast.

This week we talk about:
Greg has been blogging for over 10 years now
Michael Ducharme – Ansible yes/no bug…what a bummer. Fix is
Greg uses two passive poe injectors and a Y barrel cable to harvest power and pass it along.
Installing Cisco’s Virtual Wireless Lan Controller in Proxmox is easy
Please remind Greg that in Linux a period before a filename makes it hidden *sigh*
Miller found a GoalZero Yeti, temp replacement for a generator.
unms free cloud hosting (not sure if this has been discussed)
EU Strong customer authentication (SCA) for credit card payments live sept 14th — 3ds v2
Tom says in 6.44.5 if yo uhave a drop in/out input rule for invalid you must explicitly allow GRE/EOIP for tunnels.
Mikrotik Audience is on mikrotik.com, so likely shipping soon
New Mikrotik model strings in ROS: CCR-eOW-12x100G-36x25Gw, CCR-eOW-1x25Gw-2x10GC, CCR-eOW-1Gw-1G. “Extreme Performance”
LAG with CRS305 works, but switchOS sucks. Mikrotik LAGfast path on receive only. CRS326 does it in hardware. Eh, I’ll just use a Cisco4948.

Mikrotik V7 Below
Mikrotik releases V7…seriously. Released for ARM right now – HapAC2
Brock suggests going to http://butt.holdings
WAPGR LTE/4G/LTE-US testing, to get v7 ready for upcoming 5G products, according to Sergejs
MPLS/BGP disabled right now…aparently there’s RIP, though. Rumor milll says routing will be around very soon.
UDP OpenVPN – Yeah boooooiiiiiii
Cox’s keen eye spotted torrent support “download-directory”
split rib and fib – spotted by thrift

Here’s the video:(if you don’t see it, hit refresh)

formats

TheBrothersWISP 96 – Security Issues, Centurylink Outage, UBNT New Hardware



This week Greg , Nick A, Mike, and Thomas cover a lot of ground; must talk about all the things.

This week we talk about:
MikroTik CHR perf issues with AMD Epyc
30+ Cisco unauthenticated RCEs for various Cisco equipt.
Cisco IOS-XE critical (10/10 CVSS) auth vuln
Kubernetes DoS vulns
Webmin unauthenticated RCE vuln (supply chain attack)
Unimus 1.10.4 release
DIY USB Powered Fiber Tester
Pinpointing outdoor fiber damage
Centurylink’s mystery outage due to 4 malformed packets
Greg finally plays with a modern capsman install
Chad uses option 82 to send interface name back to sonar for authentication “remote agent ID”
Twitch hits 2.2 mil total concurrent viewers during WOW Classic launch – 10+ Tbps traffic
Ubiquiti Unifi Talk Controller – Ubiquiti voip system
Ubiquiti AirFiber60 – 60ghz dish antenna with 5ghz failover
Ubiquiti Sunmax Solar
Is the movie Brazil good or bad, and why it’s terrible
Great British Bakeoff is back(The world rejoices)

Here’s the video:(if you don’t see it, hit refresh)

formats

TheBrothersWISP 95 – Mikrotik 60Ghz Tuning, Neighbor Discovery, ROS Post Exploitation



This week Greg , Miller, and Tomas catchup about Mikrotik, Mikrotik, then a little bit of Mikrotik.

This week we talk about:
Miller – LHG 60 experiences
Miller – Neighbor discover over bonding interfaces
Mikrotik copper 10Gb SFP
Mikrotik newsletter 90
RouterOS post exploitation – local only method to gain shell access
Urgent 11

Here’s the video:(if you don’t see it, hit refresh)

formats

TheBrothersWISP 94 – Urgent 11, Yeahlink W/ 3CX, Ansible

Published on August 5, 2019, by in Mikrotik, Networking.



This week Greg and Mike sneak a cast in a day early(shhhhhhh, don’t tell anyone).

This week we talk about:
Urgent 11 – vxworx vulnerabilities – dell powerconnect, sonicwalls, etc.
Greg is learning ansible
WISPAMERICA Dallas March 16
4011s SFP+ issues with 6.45.x – acknowledged issue, could be repaired at this point.
Proxmox 6.1 is getting a networking overhaul – vxlan/eVPN
Resetting a yealink phone via TFTP
Yealink phones on 3cx requires you to add multiple accounts for multiple extensions
“Mike’s” Ansible for UBNT virus

Here’s the video:(if you don’t see it, hit refresh)

formats

TheBrothersWISP 93 – Copper 10Gb, Fiber Projects And Kit

Published on July 21, 2019, by in Mikrotik, Networking.



This week Greg and Mike sneak a cast in a day early(shhhhhhh, don’t tell anyone).

This week we talk about:
Mikrotik CRS copper 10G – CRS312-4C+8XG-RM
Generic and Cisco optics work well in Mikrotik kit
Physically securing Mikrotiks – 1/16th” steel braided cable
Mikrotik 6.45.1 requires a new version of winbox(3.19)
Greg completed backbone migration at one datacenter to ASR9000s
Nickie B came up with an ansible playbook to put rate-limits on ubiquiti kit
Fiber terminations – all I see anyone use is pigtails for splicing
Cheap splicers – SignalFire(AI-7 or AI-8) or Komshine All around $1K
Cox says that when ordering kit from aliexpress he recommends getting a handful of samples and testing them for a while
Cox found a GPON calculator from Huawei
Danny sends a link on doing midspan splices

Here’s the video:(if you don’t see it, hit refresh)

formats

TheBrothersWISP 92 – IPAMs, Verizon Cust BGP Leak, Linux TCP DoS



This week Greg, Tomas, and almost Tom Smyth(but not quite) catch up on a month’s worth of stuff. The show is complete with a Tomas rant(your life is now complete).

This week we talk about:
Greg is looking for a reasonably priced OTDR
Lightning hitting a tree can take out your fiber
PHPIPAM for address management
Mikrotik CVE (linux in general) TCP DOS – fix in 6.45.1
Mikrotik 6.45.1 – API has changed so sonar and other systems aren’t working with it
Bridge filter in MIkrotik can block rogue DHCP servers without sacrificing hardware filtering.
Quick article on installing Mikrotik CHR on proxmox
Nick A. wanted a looking glass, and Greg’s favorite is routeviews
HFS webserver is a good way to test ports through a firewall – thanks Tomas
Physically security APs
Verizon customer leaked full routes due to a route optimizer
The “Tomas corner”:
Tomas loves his Linux Desktop – fully migrated from Windows to Linux on primary PC
RadMan – FOSS FreeRadius Management GUI
Unimus 1.10.2 release
Dealing with CAs as a non-US company is stupid

Here’s the video:(if you don’t see it, hit refresh)

formats

TheBrothersWISP 91 – Flapgate, MAAS, Hypervisors

Published on June 10, 2019, by in Mikrotik, Networking.



This week Greg, Dave, Nick, and Tomas try yet another podcast recording suite; spoiler, we didn’t use the audio from it this time, but will next. Don’t stop believing.

This week we talk about:
Mikrotik flapping issue CRS317 on SFP+ with newer firmwares – “flapgate”
Veeam has a community edition – 10 free VMs
Tomas didn’t like GUI options for Freeradius, so of course, he wrote his own. Opensouce link to come
VDSL2 media converters – 190Mb/110Mb
MikroTik L2 QoS – normally works on L3 only – but can be done for L2 as well
Hyper-v, Proxmox, ESXi, Zen – everyone has an opinion on which they prefer.
Alisdair using BFD
Dan fell victim to the Mikrotik LTE simcard; sometimes you just want to put it in upside down.
How many people go new on servers vs Gray market?
Cameo for all your B list celebrity shout outs.
D&D is hard to get started with and fantsy grounds is confusing.

Here’s the video:(if you don’t see it, hit refresh)

formats

TheBrothersWISP 90 – Ubnt Vs Cambium, Ubiquiti LTU, Nobody Sees The Same Internet



This week Greg, Mike, Dave, and Alex fail at using Zencastr for the first time. We have failed back to the old audio…it is a sadness. 🙁

This week we talk about:
Zencastr
Feature Request Doc
Ubiquiti v Cambium
Ubiquiti LTU
UniFi Certification
ChiNOG
NANOG
Dan was having unifi APs with wireless backhauls not find the controller and fall back to default 192.168.1.20 addressing. Miller says turn off “Uplink Connectivity Monitor” under unifi settings > site
Greg was today years old when he learned IPv6 doesn’t do fragmentation. Path MTU Discovery.
Limit MACs per interface on a Mikrotik.
Danny is trecking through the US soon; he needs mega uploads for his videos…anyone wanna help?
Nobody is looking at the same internet.

Here’s the video:(if you don’t see it, hit refresh)

formats

TheBrothersWISP 89 – CNheat, Unifi Access, Taking Custom Projects

Published on May 12, 2019, by in Networking.



This week Greg, Tomas, Dave, and Nick never stop never stopping. This is a long one, so put it on 2x speed and kick back 😉

This week we talk about:
Jim Jones recorded his tips video, thanks!
Cambium CNheat
Ubiquiti unifi access – access control system(strike and mag control)
Ken asks about VRRP on the inside and outside interfaces at the same time…how to have one transition when the other does.
Jim Jones was asking about a light web proxy, would Mikrotik work.
Michael Rhone asks for opinions on “Why run ipv6 in a small network?” – of course Nick says “Why would you not” LOL
Taking on custom projects – what are the signs you are in danger, and when to day no.

Here’s the video:(if you don’t see it, hit refresh)

formats

TheBrothersWISP Jim Jones’ Top 5 Tips

Published on May 8, 2019, by in Networking.



This week Greg talks to Jim Jones about his top 5 tips.

The Tips:

1. Show up.
– If you’re early you’re on time. If you’re on time you’re late. If you’re late, you’re fired.
– Never be late… especially to a client.
2. KNOW DNS.
– It’s never DNS… till it is.
– Use DNS!
3. Be humble. Ask for help.
– Have a network of peers.
– Don’t wait too long to call support! That’s what they’re there for!
4. Backup all the things.
– File data
– Systems
– Configs
5. Don’t be married to vendors. Use the right tool for the job.
– Windows vs Linux
– Mikrotik vs Cisco
– Cisco SMB vs Bruhcade
– Unifi vs Meraki
6. Bonus: Learn. Go outside your comfort zone, silo.
– Podcasts.
– Books, audio.
– Youtube, pluralsight, etc.
7. Bonus: Teach. Mentor. Give more than you take.
– Don’t limit this to tech.
– True happiness is in serving others.

https://packetpushers.net/series/full-stack-journey/
linkedin: https://www.linkedin.com/in/jjonesjr/
facebook: https://www.facebook.com/jimjonesjr
instagram: https://www.instagram.com/jfjonesjr/

Help support us by becoming a patron! <==join our Slack team! Keep contacting us: contactus (at) thebrotherswisp.com or https://facebook.com/thebrotherswisp

Here’s the video:(if you don’t see it, hit refresh)