Hot Topics:


Netflix introduces a super simple download speed test

From: Lynn Dixon 
I thought this is pretty cool.  Super simple, and it uses their CDN
networks for the payload.  And its HTTPS, so its very easy to tell if your
ISP is throttling your Netflix streams, or if your ISP is doing QoS for
speed test packets (giving full bandwidth to to make you
think your getting your advertised speed).

check it out at:

I was only able to get about 300 Mbps download, which is a bit
disappointing on my EPB 1 gig service.

Off Topic - Properties for rent?

From: John Dills 

I'm looking to move out of my current apartment and into a new one (Friend
got a better job so we're house hunting.)

I'm looking for a 2 bedroom apartment or house for rent. Needs to be $850
or less a month and allow pets.  If anyone here has any properties or knows
of anyone that's renting, please let me know. You can either reply to the
thread or just directly email me.

Thanks again!

John Dills

Anyone else noticing slow speeds with EPB lately?

From: Lynn Dixon 
For the past few days I have not been able to get any speeds above about
100 Mbps up or down from EPB.  Was hoping it was something temporary, but
its been persistent for several days now.

Was just checking to see if anyone else is noticing any slowness.  May have
to call their support today.

Ubiquiti EdgeRouter X SFP (ER-X-SFP) for sale

From: Lynn Dixon 
I picked up one of the Edgerouter's that we were all discussing a few
months ago just to give it a shot on our 1 gig connection.  Its a nice
router but will only sustain about 700 Mbps so I am going to offer it up
for sale.

I literally used it about 10 minutes to test its throughput and once I saw
it wouldn't do anything over 700, I put it back in the box.  The interface
is nice, and its very well built.  So if you don't need to fully saturate a
1 gig EPB connection this is a good little unit.

Make me an offer if  interested!

Public IP Address Weirdness (I'm on EPB)

From: David White 
I'm troubleshooting why I can't seem to connect to my OpenVPN server (on
pfSense) here in my home office, and have stumbled upon something really

Numerous websites including, Google (when
I search for what is my IP), etc... indicate that I have 1 IP address.

The WAN interface on my pfSense Dashboard indicates a different IP address.

When I look at the pfSense console, I have a /20 DHCP address, and the IP
address reported by Google, What Is My IP, etc... isn't an IP that falls
into that /20.

Is this some sort of EPB misconfiguration or weirdness going on?

I'm starting to think that my OpenVPN server is *not* the reason I'm unable
to actually connect to it... Because I moved a few weeks ago, and it was
working fine before I moved!

David White
Founder & CEO


*Develop CENTS*
Computing, Equipping, Networking, Training & Supporting for small
businesses and nonprofits
Providing: Web Hosting, Technical Support & IT Consulting

*Signup to our Newsletter at

EPB Hosting

From: Mitch Tuck 
I have a client that is using EPB for their web hosting.  When posting a
form with a textarea I am getting a 504 error return.  This was working
fine yesterday.  This only happens when the textarea has nested html tags
with attributes.  I can submit fine to the same url fine as long as the
textarea is html without attributes.  Anyone had a similar problem?


Possible to use switch behind EPB hand-off?

From: David White 
I have a client who has 2 static IP addresses that are assigned to 2
separate firewalls.

The client has 2 retail stores right next to each other. Same parent
company owns the retail stores, but different IP address for each store,
and the powers that be for each retail store requires separate hardware,
and doesn't want their own firewall touching the other retail store's

They even have refused to configure one of the firewalls to act as a
passthrough to the 2nd firewall.

I talked to someone from EPB earlier today, as I wanted to get a 2nd
hand-off from the white Alcatel-Lucent Fiber-to-Copper boxes that EPB has
on-site. That box has 4 LAN ports, but only 2 are in use (1 is for phones).

I was told that to get a 3rd port activated for the 2nd IP address, that we
would have to pay for a completely separate EPB connection.

So the guy I talked to suggested getting a router instead. But each of the
corporate firewalls are configured on the public IP addresses. So if I put
in a router, I would need to get a 3rd IP address, and then have the
firewalls reconfigured to use the router's public IP address as the
gateway, right?

I asked about putting in a switch in instead, and the guy said that
wouldn't work.

But I don't see why it wouldn't work, since the firewalls are already
configured on the public IP address.

Am I missing something?

David White
Founder & CEO


*Develop CENTS*
Computing, Equipping, Networking, Training & Supporting for small
businesses and nonprofits
Providing: Web Hosting, Technical Support & IT Consulting

*Signup to our Newsletter at

EPB NOC / domain registrar

From: David White 
I'm going to call NOC here in an hour or so, but I thought I might ask here

I have a client whose domain and website is hosted on EPB's setup
(Parallels panel on

Develop CENTS is taking over the website hosting, and we'll also want to
transfer the URL into a new domain registrar account.

Any idea who I need to talk to over at at EPB to get the EPP
(Authorization) code, make sure the domain name is unlocked at the
registrar, and approve the transfer when I actually put things in motion
(hopefully later today)?

- David

David White
Founder & CEO

*Develop CENTS *
Computing, Equipping, Networking, Training & Supporting
Organizations Worldwide

tech company office space / Innovation District

From: Mike Harrison 

> On Jan 19, 2016, at 1:17 PM, Phil Sieg  wrote:
> I have been in negotiations on that South Creek property. Parking is a major issue. 

Yeah, that’s what made "Signal Base” attractive. It had decent parking.

Which, as are way off topic kinda:

In a few months (variable, currently occupied), I’ll have another office area ready for lease at 1028 Signal Mtn Road:  

750-sh sqft, with 2 small bathrooms and kitchenette, with parking, utilities including EPB 1gbps fiber for $1k per month. 

It’d be a nice office for a small technology company. 

What I’m seeing is outrageous prices for space in the Downtown “Innovation District”.  
I’d even consider making it a co-working-ish/maker/coffee space. Share it with some people that got along professionally. It could easily be configured with two lockable offices and a common space. 




Fwd: EPB inbound mails from chugalug unblocked

From: Rod-Lists 

----- Forwarded Message -----
From: "Dills, John" 
To: "Rod-Lists" 
Sent: Wednesday, January 6, 2016 3:53:46 PM
Subject: EPB inbound mails from chugalug unblocked

Hey there,

I remember responding to your support email a week or so back (and seeing your emails in the Chugalug portal). I wanted you to know that you should be able to receive inbound emails again from chugalug. Sorry about all of the inconvenience.

If you do ever need anything else, don't hesitate to reach back to me (or us).

Thanks again,
John Dills
Tech Support
[Description: Description: Description: Description: Description: cid:image001.jpg@01CC6A62.846D0BE0]

Barracuda & Chugalug & EPBFI

From: Mike Harrison 

> On Jan 6, 2016, at 8:22 AM, Rod-Lists  wrote:

Thanks. Barracuda.. Sigh.. 

I’ve already had some response from an internal EPB contact and they are checking to see if they can remove that. 

EPB blacklisted Chugalug?

From: Mike Harrison 

> On Jan 5, 2016, at 6:37 PM, Rod-Lists  wrote:
> EPB has blacklisted the lists so I don't get it my normal e-mail

Can anyone else confirm that? 

I see a lot of:

…>: 250 2.0.0 GcVSa8FhK8BIRGcVUaUNeZ mail accepted for delivery

in the mail logs

If EPB is tossing mail, I’d like to figure out why and fix that. 

local company looking for Ruby on Rails devlopers

From: Rod-Lists 
It is the company my wife works for. I hove no info other than the contact e-mail
If interested send me an e-mail directly. 
EPB has blacklisted the lists so I don't get it my normal e-mail


Question for hardware embed guys

From: "Alex Smith (K4RNT)" 
I don't know if 45W is too much power for your requirements, but look into
the Wyse WinTerm J400. It's a VIA C3 1GHz, takes SDRAM and has a PCI riser.
It's original purpose was a Windows Embedded thin client, but can easily be
repurposed with an IDE flash module.

-Seattle, WA metropolitan area

" 'With the first link, the chain is forged. The first speech censured, the
first thought forbidden, the first freedom denied, chains us all
irrevocably.' Those words were uttered by Judge Aaron Satie as wisdom and
warning... The first time any man's freedom is trodden on, we=E2=80=99re al=
damaged." - Jean-Luc Picard, quoting Judge Aaron Satie, Star Trek: TNG
episode "The Drumhead"
- Alex Smith
- Kent, Washington (metropolitan Seattle area)

On Sat, Jan 2, 2016 at 7:37 PM, Rod-Lists  wrote:

> I'm planning to build some communication servers for a use case that
> presupposes limited electrical power available.
> Think on a sailboat or an emcomm situation with the site on limited backu=
> power.
> Found this.
> Specs.

OT: Site to site IPSEC VPN speed question

From: mdquerng 
Hi all

Short question: Can anyone tell me if a site to site VPN tunnel (IPSEC in
this case) is limited in both the upstream and downstream bandwidth by the
slowest bandwidth (usually upstream) of the slowest endpoint.

Much longer explanation: I have a customer in Chattanooga that has EPB's 100
Professional service (100 down/100 up, SLA, etc.). They have a branch office
that has Comcast Business (asymmetric) service and another one that has
Charter Business (asymmetric) service (I know). I have created site to site
static VPN connections from the branch offices to the Chattanooga office
using Cisco ASA-5505 devices at each location.

The bandwidth requirements over the VPN are extreme for this particular
client. Basic internet speed testing from all the branches establishes the
following rough internet connection speeds:

Chattanooga office: (EPB speed test) 94 down/85 up
Branch office 1: (Comcast Business speed test) 91 down/11 up
Branch office 2: (Charter Business speed test) 83 down/7 up

When I do an iperf speed test across the VPN tunnel where the Chattanooga
office is the iperf server and each branch office is the client, I get the
following results:

Branch office 1: (iperf to Chattanooga) 10 down/10 up
Branch office 2: (iperf to Chattanooga) 6 down/6 up

I have never really thought about this before since my client's VPN speed
requirements have been very modest to this point. It appears that the speeds
I'm measuring over the tunnel with iperf at each branch office almost
exactly match the limited upload bandwidth at the respective branch. This
leads me to believe that IPSEC VPN tunnel bandwidth must need to be

I understand that IPSEC will certainly require some overhead on the
bandwidth available and I've also looked into tweaking TCP MTU/MSS settings,
possible interface issues, etc. However, it seems very odd to me that the up
and down bandwidth through the VPN tunnel at each branch almost exactly
matches the maximum available upload bandwidth of that branch's ISP. I've
gone so far as to test this theory with another client that has fast
symmetric bandwidth at their main office and slower asymmetric bandwidth at
their branch office and I get identical results.

Before I move forward with further troubleshooting, opening a TAC case,
investigating other/better ISP options, I thought I'd ask the Chugalug
collective brain on this one. Thoughts?


View this message in context:
Sent from the Chugalug mailing list archive at

EPB Gigabit

From: asg 
Yesterday, I upgraded my EPB account to 1Gbps instead of 100Mbps. EPB =
made the changes on their end and said they wouldn=E2=80=99t take effect =
until midnight. This morning I=E2=80=99m still running at 100Mbps. The =
tech person at EPB says the equipment is provisioned properly but that =
it is auto negotiating a 100M link with my router. I have a Ubiquiti =
EdgeRouter Lite so I know it is capable of 1Gbps. I plugged my laptop =
directly into the EPB jack in my house and the laptop negotiated a 100M =
connection as well. When I plug my laptop into my gigabit switch, it =
negotiates a 1Gbps connection. Any other things I should try before =
calling EPB back?

Stephen Haywood
Owner: ASG Consulting

Ubiquiti Networks EdgeRouter ERPOE-5

From: Eric Wolf 
Summary: The EdgeRouter is a great device. It's a true router. The web
interface leaves a lot to be desired but it can be configured at the CLI.
Don't bother with the ERPOE-5 and just get the 3-port EdgeRouter Lite. Use
the savings to buy a proper POE switch.

Folks asked about this and it seems relevant with EPB trying to push 10Gbe

A couple weeks ago, I got fiber to my house via my municipal utility. The
local utility built the network in 1997 but a state level law passed at the
urging of Comcast and Qwest (our Baby Bell, now part of CenturyLink)
prevented the city from selling internet access to customers. A local
referendum in 2012 changed this and the city has been rolling out fiber to
the home as fast as possible.

My service is 1Gbps-symmetric. I spoke with the installers and the city ran
10GB to each distribution node which serves a maximum of 8 households. So I
don't have to worry about noisy neighbors, at least in the bandwidth

Once I unplugged my DSL modem from my NetGear R6200 router and plugged in
the ONT, I was disappointed to see a maximum of about 320Mbps. Then I
plugged my laptop directly into the ONT, I got right around 930Mbps.
Evidently the problem is the NetGear R6200 can't process NAT fast enough
for a 1Gbps connection. A little Googling returned that there are two
integrated WIFI routers like the R6200 that can handle the bandwidth.

I also read about the Ubiquiti EdgeRouter Lite, which is a dedicated router
that can also handle the bandwidth. Being a geek, I ordered the 5-port
version of the EdgeRouter for $170 from Amazon. I splurged for next-day
delivery. The router itself is the size of a small switch. It has a nice
metal case and a detached power brick, not a wall-wart. The power brick has
a three-prong connector so it really feels like a serious piece of gear.

First, I upgraded the firmware on the EdgeRouter. This was fairly painless.
I had to download the binary to my desktop and then upload it via the web
interface. I wish it just had a "check for updates" button in the web
interface but that's something they can add later on.

I use static IPs for a lot of my network to help avoid conflicts with my
work network when I use the VPN. So I started by putting the NetGear (still
plugged into CenturyLink DSL) on a different subnet and configuring the
EdgeRouter for my static network.

Configuring the EdgeRouter is not at all like the NetGear or any other
consumer-oriented router. Each port on the EdgeRouter is individually
configurable. Typically port 1 would be the WAN port. I plugged this into
the ONT and set it up to grab a DHCP address. You can also designate up to
three of the ports as a switch and configure routing for a switch as a
group. You then have to write enable masquerading to get the switch to
route through the WAN port. Once that's done, you can start writing
firewall rules for each port (or the switch group). The web interface gets
clunkier and clunkier the deeper you get into configuration. I was lazy and
ended up deleting my firewall settings because I thought they were
conflicting with my new Ooma VOIP device.

I set my NetGear R6200 in AP mode and plugged it into one of the switch
ports. That will suffice until I start getting devices that want more than
802.11ac. I don't have any POE devices but I've read that the EdgeRouter
doesn't provide a standard POE voltage. UBNT makes a nice line of APs that
use their POE voltage. Once my wifi needs iterate again, I will add the
UBNT devices.

I had to rearrange my office network some. I put the NetGear in a more
central location in the house and moved my 5-port Gig-E switch closer to
the router. That last step would not have been necessary if I could have
configured the fourth port to be part of the switch group in the router. So
far there has been zero advantage to getting the 5-port EdgeRouter over the

I haven't really worked with the CLI yet. But it's a Linux box underneath.
It's pretty straightforward. But I haven't done routing and firewalls at
the CLI in 15+ years. There are wizards in the Web UI but they assume a
particular subnet and I didn't want to have to renumber all my static

Speedwise, the EdgeRouter has kept up with everything I can throw at it.
See the before/after results from Ookla on my Amazon review:

EPB Announcement (Conference, 2PM)

From: John Dills 
EPB is holding a conference at 2PM today to make an announcement. You can
watch here:

John Dills

EPB introduces CGNAT on Residential Circuits

From: Dave Brockman 
Hash: SHA1

Just curious if anyone else received the CGNAT upgrade from EPB last
night?  If your "WAN" IP is between -, you
are now behind CGNAT.  Checking your outside IP from or
similar should give you a different IP address, the range mentioned
above is not globally routed (think RFC1918, like 192.168.X.X).
  I suspect the NAT portion wasn't working correctly first thing this
morning, but even after they restored "Internet" connectivity to my
circuit, I could not complete IPSEC tunnels across the CGNAT.  Debug
logs show the initial ISAKMP packets are correct (the Tunnel-Group Name
and Secret are successfully exchanged), but subsequent ISAKMP packets
appeared to be manged by the state/NAT machine (ISAKMP proposals were
stripped from ISAKMP packets beyond the initial exchange, although the
modified packets did reach both ends).  Very strange behavior indeed.
  To be fair, EPB did put me back on a real IP address upon request.
But I really wish they had applied the effort and expense spent upon
CGNAT deployment on IPv6 deployment.  I hope this current round of
short-sightedness from whoever dictates what they will sell to whom for
how many donuts has not spread to the people who design the network and
plan its future expansion.  100Mb/s or 1000Mb/s just makes CGNAT suck
harder and faster, not any less.


Version: GnuPG v2


EPB rocks and a Pro-Tip

From: Phil Sieg 
I am having a great day.

In my new house (been building for a YEAR now), EPB came by to hook up 
the internet & TV locations. I asked them if they could put a "few" ends 
on my CAT5 pulls... They said SURE!

So 18 cat 5 runs = 36 ends. Next I said can you tone them out and label 
them please? They said NO PROBLEM SIR!

Can you test each one? ABSOLUTELY!

Pro-TIP if you do a house, remodel, business wiring and you get EPB... 
They will do all the hard shit FREE and be nice about it!!!

They just gave me an entire day of my life back!

Phil Sieg
SeniorTech LLC / snapfo-n


"The computer is the most remarkable tool that we've ever come up with. It's the equivalent of a bicycle for our minds."

Steve Jobs, 1955-2011