After I learned the hard way in the past, set a timed reboot on the router/switch when you making your changes, if you make a mistake, wait for 30 minutes and it will re boot back into the saved config and not the running configuration. If all goes well cancel the reboot, and save the running configuration
Yes! You quickly learn to use "reload in 10" command (at least on Cisco). Once, I was making a change to a MPLS core switch and fumbled the ACS. I managed to take down the internet for the whole company. I had to rush to the data center to pull the power on the switch and reboot it. Ever since then, I will NEVER make a major config change on a remote switch without first telling it to reboot in 10 minutes. Just don't forget to cancel the reboot!
You can use mikrotik for your management oob networks. Can leave access and ports shut, use usb lte modem on managenebt router. Use script to read incoming txt messages, can send unique code/txt to signal oob to open management ports. Can theoretically also push serial configuration via sms to routers on oob network if you can't get ip link back in.
@@366KRGaming Also Telstra used their old Frame Relay network for OOB into the exchanges and IP network but that was turned off recently. At least Telstra has “Network Outage Phones” and “Outage Ethernet ports” connected to a satellite in their major exchanges so if their network goes down techs can talk to the GOC And download configs… but out of all the networks the TPG Telecom network seems to be the most reliable, they run the NSW Gov network and have clients like Qantas, KFC, Hungry Jacks and never go down
@3:40 "Hello Palo Alto/Cisco support, can you describe the situation?" "Yeah, all the routers just shat themselves." Yes, you typed sh it instead of sh int...."
Great as always Paul. This video remembers me; In a previous netadmin job we used raspberry pi as a kind of console server with own 3G modem, bunch console cables and ser2net which provides telnet interface for serial connections. These RPis was spread across different locations and all was connected to the home VPN firewall.
It's nice to see the physical connections for out of band management demonstrated in this video. Also the reminder to have alternate an authentication method for OOB login.
not only you need local passwords or certificates set up, but knowledge of all your important IP addresses and management interfaces if the local DNS and documentation server is down on the main network. I had luckily access to local backups of that info - and it helped me really well. Only when doing regular tests it will tell you if everything will work. The problem is to test production systems with strict SLA's
Lol Optus/singtel : "Our 90 PE Routers went into safety mode when a north American node propagated too many IPv6 routes and they overloaded because that's how they come default (cough) and that's Ciscos fault" Pikachu face
At $job-4 for a national "junior telco" (now owned by a "top 4" aussie telco), we used exclusively other telco's services for our out of band networks. And for more remote PoPs where primary connectivity was leased circuits from "A" we tried our very best to make sure OOB was from "not A". Having said that, i also lived through the 256000 routes apocalypse which was a non-issue for us because we understood how to make sure it didnt impact our network.
I was working at a WISP, where I quickly learned that the order of operations does matter a lot. I got cut off maybe two or three times, but Ubiquiti's test mode has saved my back much more times. My colleague was better though. He pushed a firmware update to a site on a Friday at 4 PM, just half an hour before the end of our shift. He did all the client facing APs first and then the uplink device, but that one didn't get back online. At 4:15 he called one of our field techs, told him the story and asked him to go back to reflash the unit locally. He was already a few hundred meters from the office, and he agreed only to return to the tower with the condition that my colleague is going to climb it (because at that site the switch was about 12-15m off the ground). That's when I learned not to touch a working device on a Friday afternoon. All the updates and preventive stuff can wait until the next working day :)
Just last week I locked myself out of a switch by updating the ACL a bit too quick before thinking about 'order' and where I'm connected from. Had to do the factory reset walk of shame.
The problem with doing it this way: you need to effectively double your switching/routing infrastructure or you add another "access vector" that needs to be secured against (if using a cellular device to maintain OOB access). It might work for a small office that you're an MSP for, but good luck justifying the additional expense/MRC to the company. 🤜🤛
It’s a real pain in the arse when somebody’s offshore company offshores the outsource into the offshore outsourcer, and they are known next to nothing about BGP causing and outage - Only a bunch of greedy charlatans would do that
Ah i remember taking down 1/2 call centre during the day when if forgot to add “add” to the vlan command then adding a new voice vlan to the trunks. I thought the switch took a bit to come back after the first link, then did the second link and that’s all she wrote. Then was scrambling to get in contact with someone on site that has access to the comms room to power cycle switch.
@@TallPaulTech I know of a few people who have done my fuckup on production networks. I watched a vendor do a source Nat rule incorrectly (not specify the source network range, and nated everything to a private IP address). that was fun taking a whole government department offline. But we were laughing on the other side of the pond when the whole OPTUS outage. (we use them for a few of our 8 redundant links in OZ). I think a lot companies/government departments have learned a valuable lesson. Diverse paths aren't equal to having redundant providers.
@@Darkk6969 Or you can use we used to create scripts to reload the device after X mins (or at a specific time) for high risk changes. For the Juniper devices we just run "commit confirm" and if you lose access the device will roll back in 10mins. I know People who forgot to do a commit within that 10mins and lost all their changes.
Lost network connection to remote devices twice in my career. First was downloaded the wrong ip to a field device. Luckily was a test device, but still needed to walk someone through how to reset it. Second was recently. Laggy connection to a production server, meant a mistimed click happened to hit exactly on 'eject this device' for the network adapter as it poppod up. I've never seen that prompt before for anything other than usb devices, but there it was. Needless to say I discovered that prompt _does not_ require a confirmation.
Out of band management is a security nightmare though. And regulators are starting to enforce them. Because it can make changes to the network. So you need to have that port only available through a session host so activity is monitored, recorded, and enforced. Ports where that is a webpage, like ipmi/idrac/I'll is even more or a pain
@@Darkk6969 yup. The https seasons have been the most difficult ones to deal with. Forcing 3389/22 thru a session host to record and manage data is easy. But when you need to deal with https, that gets a bit messy and a ton of gotchas in an enterprise environment
Thank you youtube, this (very good and well explained btw) tutorial will most certainly come in handy when I need to manage my single computer connected directly to my single router/modem by ethernet
Interesting concept… I run a number of retail sites across the country which all are on SDWAN, cloud managed connections. If their primary & secondary internet connection is down, the site is down and no work is being done. I can’t think how out of band management would help in this case? Unless someone just no shut the interface on the router. Every other case for shutting down portions of the network would be easily resolvable once the router has a cloud connection again. Maybe for different / bigger deployments this would be more important? Would love the input.
Excellent walkthrough but can I ask - how is connecting the RasPi to the management port any more beneficial than being into a standard port on the Switch but having out of band connection to the the RasPi such as a 4G modem? Also I love the desk - whats it called / where did you get it from?
I don't quite get your question. If someone's connected to the management port, then it's out of band... as long as the means to connect to that device connected to the port is truly out of band (ie, via a different network).
Would it be safe you if use something like Tailscale or zero tier to say link all your sites out of band and have the authentication remote on the ZT or TS control pc ? Are there any security risks of doing it this way ?
Ive done this mistake too many times, but youd think devices like these would be smart enough to give you a warning that youre about to kick yourself off
Or the machines think you're smart enough that you'll have a second way in... Also the chicken before the egg issue happens, you might need to lose access for a major upgrade and you can't have something reverting configuration when you have to make huge changes throughout the network.
@@jamess1787 they wouldnt need to think that because there is always a second way in via physical access, and i didnt mention anything about a revert, i just mean a warning that applying the new config will boot your current connection through this port. Maybe even list all the available ports to reconnect via and if there are none it gives you a second warning that you will lose access all together
Nah. Maybe for consumer stuff, but I wouldn't want that in enterprise grade equipment. Sometimes you just need the equipment to listen and run a command.
I see you did Management and serial connections to each. The console serial connections are all that's needed correct? The connected management ports just in cause you didn't have the console connection?
Well it depends how you want to manage it. In my example I could have don the 'enable port' on the GUI, or a 'no shut' on the CLI. Either would be the same. A serial is the real deal if you have to do some nitty gritty stuff, or see the boot up process.
I'm all for it. That PA-200 is on ancient code because the licence it once had has long expired. That's one of the issues with this industry. It's pretty wasteful of the hardware. It still does what it could do the day I got it though, unlike the shitty Tesla.
@@TallPaulTech the waste has gotten to a level of insanity lol. i chuckle every time i think about this last cisco live in vegas. major theme of the event was being eco-friendly and renewables....while hosting the event in the global capital of waste and excess lolol. the irony was just immaculate. what a world we live in lolol
The Palo is just kind of sitting there, as its code is old and can't get new without subscription, so as usual it all ends up as ewaste when it's perfectly good gear.
when i try to adjust the video quality a minute into the video the background color and the text color changes to white on mt mobile phone. is this something to do with how the bitstream of the video/audio stram is screwing with my youtube client. using offical cluent on android 12
strange a reset of the phone cleared it up. something strange with the packets must have been happening for just a minute that affected the operationand colours of the settings and editing dialog boxes. staight through my vpn and 5g connection. hmmmm. multiple times too.... very suspicious.
@@TallPaulTech if i set up port 48 as mgmt vlan and connect it to the management network (separated from main network), then this should work as a mgmt port. i can only assume the mgmt port has priority access to cpu and disabled all the extra protocols/routing/gateway (but this can be done on any port i guess).
It's a different data plane. What if you switch ports have say a loop or something so nothing works with them? ... or some other thing we haven't thought of.@@olaff667
@@Darkk6969 In a production environment this is a huge no-no. This is a huge nightmare for any STIG and configuration management office. The things you find on youtube lol.
@@TallPaulTech What does this even mean? I like the youtube video, it's a great idea...not really original. Lots of small companies use out-of-band management over 5G. That said, in any major organization this is a huge vulnerability and wouldn't pass any type of organizational accreditation. This is more of a hobbiest thing but still a bad idea.
This is standard practice to have fail over connections where if one connection gets lost, another still exists which allows for remote access. If you're a business or whatever and you do networking stuff or whatever that requires network management, you need 2 Internet connections into two routers, and then bridging them into a single VLAN utilizing BOTH connections and doubling speed since it's shared across both networks once they've been bridged to a single line, ISP's will offer businesses with redundant networking connections by installing a second line if there isn't one there already. While this ensures Internet will maintain a 99.9% uptime, you still also need multiple network switches for routing traffic between more devices and giving them fail over connections by plugging in multiple RJ45 cables into them to also ensure that if anything happens to one of those 2 connections or more that suddenly becomes inaccessible or goes down you still have a live connection.
Love the dig at Optus!
I don't know what you're talking about!
I was about to say that, I've read the full PIR they submitted to parliament
Allegedly, it said that hackers don’t need to hack a company that can bring its own network to its knees through pure incompetence.
After I learned the hard way in the past, set a timed reboot on the router/switch when you making your changes, if you make a mistake, wait for 30 minutes and it will re boot back into the saved config and not the running configuration.
If all goes well cancel the reboot, and save the running configuration
Yes! You quickly learn to use "reload in 10" command (at least on Cisco). Once, I was making a change to a MPLS core switch and fumbled the ACS. I managed to take down the internet for the whole company. I had to rush to the data center to pull the power on the switch and reboot it. Ever since then, I will NEVER make a major config change on a remote switch without first telling it to reboot in 10 minutes. Just don't forget to cancel the reboot!
You can use mikrotik for your management oob networks. Can leave access and ports shut, use usb lte modem on managenebt router. Use script to read incoming txt messages, can send unique code/txt to signal oob to open management ports. Can theoretically also push serial configuration via sms to routers on oob network if you can't get ip link back in.
If only the pickle-nuts at Optus had just half of your skill. Thank you for the super interesting videos!
Optus literally had Optus SIM cards for OOB at a lot of sites. So when their network went down they couldn’t even access the equipment
@@Tmm42s Really!? That's just shear incompetence. Unbelievable.
@@366KRGaming Also Telstra used their old Frame Relay network for OOB into the exchanges and IP network but that was turned off recently. At least Telstra has “Network Outage Phones” and “Outage Ethernet ports” connected to a satellite in their major exchanges so if their network goes down techs can talk to the GOC And download configs… but out of all the networks the TPG Telecom network seems to be the most reliable, they run the NSW Gov network and have clients like Qantas, KFC, Hungry Jacks and never go down
@@Tmm42sTelstra execs also have Sims from Optus and Vodafone as a last resort
Love the Optus dig. Those who know, know
@3:40 "Hello Palo Alto/Cisco support, can you describe the situation?" "Yeah, all the routers just shat themselves." Yes, you typed sh it instead of sh int...."
It’s called sawing off the branch you’re sitting on. We’ve all done it at least once. I did it by proxy once. 😢
Yes, I was surprised he didn't refer to it as such. Its an important rite of passage for all network administrators.
Great as always Paul. This video remembers me; In a previous netadmin job we used raspberry pi as a kind of console server with own 3G modem, bunch console cables and ser2net which provides telnet interface for serial connections. These RPis was spread across different locations and all was connected to the home VPN firewall.
Sounds perfect!
It's nice to see the physical connections for out of band management demonstrated in this video. Also the reminder to have alternate an authentication method for OOB login.
not only you need local passwords or certificates set up, but knowledge of all your important IP addresses and management interfaces if the local DNS and documentation server is down on the main network. I had luckily access to local backups of that info - and it helped me really well.
Only when doing regular tests it will tell you if everything will work. The problem is to test production systems with strict SLA's
They are all good points.
*reload in **00:10:00*
before doing any work. When you ultimately lose access, it'll reload 😁
Lol Optus/singtel : "Our 90 PE Routers went into safety mode when a north American node propagated too many IPv6 routes and they overloaded because that's how they come default (cough) and that's Ciscos fault" Pikachu face
Haha
At $job-4 for a national "junior telco" (now owned by a "top 4" aussie telco), we used exclusively other telco's services for our out of band networks. And for more remote PoPs where primary connectivity was leased circuits from "A" we tried our very best to make sure OOB was from "not A".
Having said that, i also lived through the 256000 routes apocalypse which was a non-issue for us because we understood how to make sure it didnt impact our network.
I was working at a WISP, where I quickly learned that the order of operations does matter a lot. I got cut off maybe two or three times, but Ubiquiti's test mode has saved my back much more times.
My colleague was better though. He pushed a firmware update to a site on a Friday at 4 PM, just half an hour before the end of our shift. He did all the client facing APs first and then the uplink device, but that one didn't get back online. At 4:15 he called one of our field techs, told him the story and asked him to go back to reflash the unit locally. He was already a few hundred meters from the office, and he agreed only to return to the tower with the condition that my colleague is going to climb it (because at that site the switch was about 12-15m off the ground). That's when I learned not to touch a working device on a Friday afternoon. All the updates and preventive stuff can wait until the next working day :)
Oh yeah, you don't make changes just before leaving on a Friday.
Fkn beautiful O-PUS problem walk through there! Well done as always.
Just last week I locked myself out of a switch by updating the ACL a bit too quick before thinking about 'order' and where I'm connected from. Had to do the factory reset walk of shame.
Some switches won't save the current configuration till you tell it to so you can recover by a simple power reset.
Made it plain. Helped me understand how out-of-band management is applicable in a enterprise/soho setting and why it’s important. Nailed it.
The problem with doing it this way: you need to effectively double your switching/routing infrastructure or you add another "access vector" that needs to be secured against (if using a cellular device to maintain OOB access).
It might work for a small office that you're an MSP for, but good luck justifying the additional expense/MRC to the company.
🤜🤛
We used to always use phone lines for OOB. Now unfortunately that ties to those in data centers are extremely expensive or non existent.
Same here. We used to remote dial in via ISDN to MX480s for OOB management.
It’s a real pain in the arse when somebody’s offshore company offshores the outsource into the offshore outsourcer, and they are known next to nothing about BGP causing and outage
-
Only a bunch of greedy charlatans would do that
Oh come on now.... that would never happen.
Ah i remember taking down 1/2 call centre during the day when if forgot to add “add” to the vlan command then adding a new voice vlan to the trunks. I thought the switch took a bit to come back after the first link, then did the second link and that’s all she wrote. Then was scrambling to get in contact with someone on site that has access to the comms room to power cycle switch.
Haha, I should make a video on how people have fucked up networks... there would be some interesting stories.
Ya, done that on my own home lab switches. Long as I don't save the changes I can recover by power reset.
@@TallPaulTech I know of a few people who have done my fuckup on production networks.
I watched a vendor do a source Nat rule incorrectly (not specify the source network range, and nated everything to a private IP address). that was fun taking a whole government department offline.
But we were laughing on the other side of the pond when the whole OPTUS outage. (we use them for a few of our 8 redundant links in OZ). I think a lot companies/government departments have learned a valuable lesson. Diverse paths aren't equal to having redundant providers.
@@Darkk6969 Or you can use we used to create scripts to reload the device after X mins (or at a specific time) for high risk changes.
For the Juniper devices we just run "commit confirm" and if you lose access the device will roll back in 10mins. I know People who forgot to do a commit within that 10mins and lost all their changes.
Lost network connection to remote devices twice in my career.
First was downloaded the wrong ip to a field device. Luckily was a test device, but still needed to walk someone through how to reset it.
Second was recently. Laggy connection to a production server, meant a mistimed click happened to hit exactly on 'eject this device' for the network adapter as it poppod up. I've never seen that prompt before for anything other than usb devices, but there it was. Needless to say I discovered that prompt _does not_ require a confirmation.
Good stuff. Yep, we've all shutdown our path into a network :) Nice relevant reference to BGP overload mate. hehe.
It was just one example of the many possibilities.
There is still an old 56k modem at site connected to the router on an old dedicated POTS line for OOB management.
Hopefully a couple of the Optus engineers are watching this!
Haha, topic is a must and a bit basic even but your presentation is so captivating I had to watch anyways :D
Also, hands up over here 👋
When people forget the basics, the biggest dramas seem to happen.
Wow great examples! Thanks for sharing! ❤
Out of band management is a security nightmare though. And regulators are starting to enforce them. Because it can make changes to the network. So you need to have that port only available through a session host so activity is monitored, recorded, and enforced. Ports where that is a webpage, like ipmi/idrac/I'll is even more or a pain
You can build something like a jump server where it will only accept trusted IPs from the network.
@@Darkk6969 yup. The https seasons have been the most difficult ones to deal with. Forcing 3389/22 thru a session host to record and manage data is easy. But when you need to deal with https, that gets a bit messy and a ton of gotchas in an enterprise environment
Oh yes, I’ve cut myself before. Superb learning moment 😂
When the out of band network is less reliable than the in-band one then you wish you also had in-band management.
Thank you youtube, this (very good and well explained btw) tutorial will most certainly come in handy when I need to manage my single computer connected directly to my single router/modem by ethernet
Interesting concept… I run a number of retail sites across the country which all are on SDWAN, cloud managed connections. If their primary & secondary internet connection is down, the site is down and no work is being done.
I can’t think how out of band management would help in this case? Unless someone just no shut the interface on the router. Every other case for shutting down portions of the network would be easily resolvable once the router has a cloud connection again.
Maybe for different / bigger deployments this would be more important? Would love the input.
You lost me at 'cloud.
Excellent walkthrough but can I ask - how is connecting the RasPi to the management port any more beneficial than being into a standard port on the Switch but having out of band connection to the the RasPi such as a 4G modem? Also I love the desk - whats it called / where did you get it from?
I don't quite get your question. If someone's connected to the management port, then it's out of band... as long as the means to connect to that device connected to the port is truly out of band (ie, via a different network).
3:32 ahahah Optus anyone?
That name keeps coming up, but I don't know why!
Would it be safe you if use something like Tailscale or zero tier to say link all your sites out of band and have the authentication remote on the ZT or TS control pc ? Are there any security risks of doing it this way ?
The Deathstar was too big to fail 😂
G'day mate 😀! What model laptop are you using ?
Whatever the cheapest half decent one I could find a few years ago was
Hand up here!
We all know it's true :)
Ive done this mistake too many times, but youd think devices like these would be smart enough to give you a warning that youre about to kick yourself off
Or the machines think you're smart enough that you'll have a second way in... Also the chicken before the egg issue happens, you might need to lose access for a major upgrade and you can't have something reverting configuration when you have to make huge changes throughout the network.
@@jamess1787 they wouldnt need to think that because there is always a second way in via physical access, and i didnt mention anything about a revert, i just mean a warning that applying the new config will boot your current connection through this port. Maybe even list all the available ports to reconnect via and if there are none it gives you a second warning that you will lose access all together
Bullshit to the nanny state warnings. @@Extra_Mental
Nah. Maybe for consumer stuff, but I wouldn't want that in enterprise grade equipment. Sometimes you just need the equipment to listen and run a command.
If only you released this a week or so ago...
...
Yeah.
I see you did Management and serial connections to each. The console serial connections are all that's needed correct? The connected management ports just in cause you didn't have the console connection?
Well it depends how you want to manage it. In my example I could have don the 'enable port' on the GUI, or a 'no shut' on the CLI. Either would be the same. A serial is the real deal if you have to do some nitty gritty stuff, or see the boot up process.
Not related to the video topic, but how did you mount your monitors to the shelf-rail of the Bunnings Rack-It system?
I can't believe this is the second comment about that. They're just bolted to it. Monitors use standard bolts in the back.
@@TallPaulTechso just bolted straight through the rail with a longer M-size bolt for the monitor to cater for the depth of the rail...
what is your monitor cage/rack? custom built? cheers🎉
Do you mean, how are my monitors mounted? If so, then with a few bolts through the back of that workbench thing.
@@TallPaulTech thanks no i mean the bar cage thing .. is that a custom frame or a known piece of kit?
We should start a petition to have palo send you a 440 lolol
I'm all for it. That PA-200 is on ancient code because the licence it once had has long expired. That's one of the issues with this industry. It's pretty wasteful of the hardware. It still does what it could do the day I got it though, unlike the shitty Tesla.
@@TallPaulTech the waste has gotten to a level of insanity lol. i chuckle every time i think about this last cisco live in vegas. major theme of the event was being eco-friendly and renewables....while hosting the event in the global capital of waste and excess lolol. the irony was just immaculate. what a world we live in lolol
Thank you!
Are you using PAN for your firewall again? I've seen you use PAN in the past, *sense firewall and Raspberry Pi with NFtables.
The Palo is just kind of sitting there, as its code is old and can't get new without subscription, so as usual it all ends up as ewaste when it's perfectly good gear.
I ask this question in interviews and most of the experienced guys are not able to answer it... How oob mgt works.
What do they say?
@@TallPaulTech’it starts with yes’
If you want to live life on the edge a little...add some fail safe... *reload in.... :P
can't stop pinging 127.0.0.1
ip route 127.0.0.1 255.255.255.255 null0 0
when i try to adjust the video quality a minute into the video the background color and the text color changes to white on mt mobile phone. is this something to do with how the bitstream of the video/audio stram is screwing with my youtube client. using offical cluent on android 12
cant edit comment eithet
strange a reset of the phone cleared it up. something strange with the packets must have been happening for just a minute that affected the operationand colours of the settings and editing dialog boxes. staight through my vpn and 5g connection. hmmmm. multiple times too.... very suspicious.
half way through the video after reset the comments disappeared subscribe definitely not right with the client or the bitstream its recieving.
Take it easy... Just not as easy as Optus.
OPTUS...
what are the pros of mgmt ethernet port instead of separate vlan for mgmt?
I thought that was pretty clear in the demo. Which bit didn't you get?
@@TallPaulTech if i set up port 48 as mgmt vlan and connect it to the management network (separated from main network), then this should work as a mgmt port. i can only assume the mgmt port has priority access to cpu and disabled all the extra protocols/routing/gateway (but this can be done on any port i guess).
It's a different data plane. What if you switch ports have say a loop or something so nothing works with them? ... or some other thing we haven't thought of.@@olaff667
@@TallPaulTech good point. thanks for the answer!
Wooowwww!!!!
BGP propagating invalid routes?? Hehe is this video because of Optus.
Yeah...that's a huge security issue. Any breach would get you fired immediately due to being an idiot. People, don't use a raspberrypi for management.
Idiots don't tend to get fired. Old school super techs that cost money seem to get fired.
Nothing wrong using the Pi for management long as you use pure OS like Debian with only needed packages installed. Keep it Simple!
@@Darkk6969 In a production environment this is a huge no-no. This is a huge nightmare for any STIG and configuration management office. The things you find on youtube lol.
@@TallPaulTech What does this even mean?
I like the youtube video, it's a great idea...not really original. Lots of small companies use out-of-band management over 5G. That said, in any major organization this is a huge vulnerability and wouldn't pass any type of organizational accreditation.
This is more of a hobbiest thing but still a bad idea.
@@MotFPSout of band management networks are common place in any critical network environment
This is standard practice to have fail over connections where if one connection gets lost, another still exists which allows for remote access. If you're a business or whatever and you do networking stuff or whatever that requires network management, you need 2 Internet connections into two routers, and then bridging them into a single VLAN utilizing BOTH connections and doubling speed since it's shared across both networks once they've been bridged to a single line, ISP's will offer businesses with redundant networking connections by installing a second line if there isn't one there already. While this ensures Internet will maintain a 99.9% uptime, you still also need multiple network switches for routing traffic between more devices and giving them fail over connections by plugging in multiple RJ45 cables into them to also ensure that if anything happens to one of those 2 connections or more that suddenly becomes inaccessible or goes down you still have a live connection.
192.168.whoop-dee-whoop. Man I miss Australia sometimes 😂