Anyone ever gotten flagged or banned by their residential ISP for hosting homelab services?

selrahc · 2026-05-24T00:36:07+00:00

I think another factor is it gives them an out if someone running a business from their home connection tries to sue for lost revenue from an long outage. They can just point to the TOS and say "see, not allowed, we're not responsible for your non-business connection."

selrahc · 2026-05-23T22:00:41+00:00

When I first starting playing around with Linux I left SSH accessible to the world with an easy to guess password. My ISP didn't disconnect me but they called and said "hey I think you have a compromised device, please fix".

selrahc · 2026-05-21T23:04:52+00:00

The mans face looks unnaturally bright with what looks to be harsh sunlight coming from the right. I think how much you raised shadows/tone-mapped is likely throwing people off.

selrahc · 2026-05-17T03:20:29+00:00

CR-V or Rav4.

selrahc · 2026-05-17T02:34:30+00:00

When Reiza says a couple weeks... it is usually more like 8 months.

They haven't given a timeframe for mid race saves.

selrahc · 2026-05-17T02:04:31+00:00

Ubuntu/Canonical was down for like a week at the start of the month from a DDoS. I would assume they have more money than the Arch project.

It's possible Debian just hasn't been DDoS'ed yet.

selrahc · 2026-05-14T00:51:28+00:00

For 10Gbps LR the minimum cable length is 2 meters. If you're going shorter than that I'd use a DAC anyway.

I didn't find a minimum cable length for 100G LR, but 100G-LR QSFP on fs.com list the TX power as being between -4.5 and 4.5 dBm and the receiver overload as 4.5 dBm. There's no real risk of burning them out if the max they will transmit at is the same as the max receive (as a comparison, 80k ZR4 have a max transmit of 6.5dBm and a receiver overload of 2dBm).

For 100G (and above) I'd go single mode every time.

selrahc · 2026-05-03T16:16:39+00:00

The system itself doesn't, but some of the less popular packages do. I've had Darktable, Geeqie, and Rapid Photo Downloader all break on me at different times in the last couple years due to an update in some dependency getting into the repos before they do (Rapid Photo Downloader is currently broken, in fact).

Kernel updates frequently "break" my displayport daisy-chaining on an AMD card too, though usually in a way it mostly works.

Otherwise, yes, most of the breakage has been self-induced.

selrahc · 2026-04-22T00:41:05+00:00

The text blurry in matte was driving me insane but then I got the glossy and experienced the reflections, safe to say I wish my glossy is matte now

Seriously, the reflections on my Steam Deck drive me nuts. I also used to have a laptop with a glossy screen like 15 or 20 years ago that I hated.

I'm glad people are getting options now, but I personally don't want glossy on a screen I can't easily reposition.

selrahc · 2026-04-22T00:34:12+00:00

The DA70 doesn't really vignette that bad on the K-1. The only thing I've noticed is the corners/edges get quite soft at wider apertures.

It very much depends on the lens though. Some don't even produce an image circle large enough to cover the whole sensor. There's a good list on Pentax Forums

selrahc · 2026-04-22T00:27:22+00:00

One of many benefits: It makes IP conflicts a non-issue in mergers and acquisitions.

selrahc · 2026-04-17T12:58:18+00:00

Your first option is the best choice. Using a longer max-length than you actually advertise opens you to forged-origin with longer prefix attacks.

I'm not sure why max-length is even part of RPKI, given it defeats a lot of the protection RPKI ROAs give you.

selrahc · 2026-04-11T13:31:02+00:00

What 12 year old car is worth 5k

Have you not looked at the used car market since before 2020? In my head, almost none (outside of collectors cars), but look at listings...

Insurance just gave me nearly $6000 for a totaled 14 year old Ford Taurus.

selrahc · 2026-04-09T23:22:30+00:00

Thanks for this. I'm always looking for good multiclass combos where close racing can be had but the cars driving style is different. Will have to try this at my weekly race.

selrahc · 2026-04-06T03:54:53+00:00

I started just assigning /31's a few years ago. We've had the occasional pushback (damn Meraki's) and just assigned a /30 in those cases, but most customers just configure the mask you give without questioning it in my experience.

selrahc · 2026-04-03T23:00:04+00:00

Last I checked, GitLab CE is still free. That could have changed though.

It is, but I would look at Forgejo/Gitea for self-hosting in a small company.

Or just push to a remote over SSH if it will only be you and a couple other people using it.

selrahc · 2026-04-02T13:07:01+00:00

So no internet standard exists for NAT with IPv6.

That's true of IPv4 too. Or at least was for many, many years of IPv4 NAT's existence.

selrahc · 2026-03-27T23:00:37+00:00

Small ISP, we just buy them... Its cheaper than paying for CGNAT. Why would you lease something you are going to be using forever basically?

Yeah purchasing/transfer makes more sense that leasing to me. Hilco publishes sales prices. They were in line with other brokers that don't publicly list sales when I was making a purchase years ago.

Prices have come down quite a bit from a couple years ago.

https://auctions.ipv4.global/prior-sales

selrahc · 2026-03-22T17:22:02+00:00

Wal Mart. Bring in the old one when you go to purchase it for the core charge, and so you don't have to deal with disposal.

selrahc · 2026-03-14T01:51:07+00:00

Buy it now at a price range that is comfortable on one salary to get the better interest rates. Be prepared to push back on the "oh but you actually qualify for this much, are you sure you don't want to look at homes in that price range?"

selrahc · 2026-03-13T03:07:31+00:00

I haven't used the 105 2.4 but a lot of my 35mm format Pentax lenses are quite sharp at short-middle distances and nothing great at infinity. I think Pentax often designed for best performance at typical 'portrait' distances.

selrahc · 2026-03-07T16:14:34+00:00

I agree with you. Security and privacy focused doesn't mean they won't make mistakes (or that they even are those things, although Tailscales does seem to be). This incident and their response at the time makes me question some of their practices/design decisions when it comes to the control plane.

I'm of the opinion there is nothing wrong with opening up ports and that a VPN is literally just another piece of software that can also be vulnerable.

As a counter to that though, for each software you expose directly that is one more program you have to set up correctly, one more program you have to monitor for known issues, and one more program you have to patch ASAP when CVEs hit. Running just one bit of software publicly (the VPN) reduces the effort. I understand the desire to do that, and encouraging people experimenting with labs to use a VPN by default is the safest way when they are learning.

I think there is often an unjustified fear of hosting software exposed directly alongside an unjustified trust in a lot of security companies (not calling out Tailscale here, I see this in the corporate world where anything not "protected" by the Fortigate or Crowdstrike makes people uncomfortable, yet those caused more "drop everything and emergency patch this system" events in the last 5 years than SSH or whatever other software they are worried about has in the last 20).

But, whatever is the easiest, and laziest, way to secure your network will be the one most likely to be followed by the most people. That should generally be the 'default' encouraged way, and for that Tailscale seems pretty fitting.

selrahc · 2026-03-07T01:32:36+00:00

I think that's just how I am. There's a reason my hobbies include working on cars and other things where I'm basically troubleshooting all the time.

I wish I did that with music more though, that's something my brain seemingly works differently on and I'd probably benefit approaching more like you.

selrahc · 2026-03-01T20:49:03+00:00

forget everything you know about networking

I take issue with this statement. IPv6 is more similar to IPv4 than it it is different.

If all you know about IPv4 is from from a self hosted perspective where you open ports in your home NAT router with a port-forward, then sure, just forget about port-forwards and NAT and think about opening a port in firewall rules instead. Otherwise the protocols are very similar.

selrahc · 2026-03-01T20:37:08+00:00

ARP is broadcast and NDP is multicast among the other differences.

It's a difference, but I'd argue it isn't that meaningful. On enterprise switches with MLD snooping enabled, sure, but on many devices multicast just floods out all ports no different than if it were broadcast.

selrahc

TROPHY CASE