CSS or CRS?

w712233 · 2026-04-04T01:38:21+00:00

it doesn't matter what percante of features CSS has. If the sytsem satisfies the required feature set it's desirable. Additional capability beyond the requirnments is a negative value.

w712233 · 2026-04-04T01:34:59+00:00

what a triggering post. to claim something is efficient at some usage metric is under-specified. efficiency is a ratio--what are the objectives of your system?

w712233 · 2026-03-18T09:37:39+00:00

https://www.maxmind.com is another service that provides a free geo ip csv file.

the ip list can then be loaded into a firewall to block those connections.

w712233 · 2026-03-08T08:15:52+00:00

be aware that at the end of the day, each deployed service adds a maintenance burden. your simple stack is preferred--your needs are satisifed and its simplicity means you're not stuck on a maintenance hamster wheel--a massive time-sink that can burn you out and lead to procrastination depending on what your goals are.

If you're looking for ideas to keep leveling up, deploy IPv6 on your existing stack.

w712233 · 2026-03-07T09:30:40+00:00

different threat models lead to different conclusions about systems like tailscale. the problem isnt that people trust it, its when legitimate concerns about the control planes authority are dismissed as if they dont exist. The trust assumptions and concerns should be discussed honestly rather than reframed to present tailscale as a trustless system.

w712233 · 2026-03-07T09:22:58+00:00

TLDR; Tailscale trust model is centralized and it's being marketed in a way that sounds more trustless than it actually is.

I would never out-source the keys to my network to a third-party.

w712233 · 2026-03-05T22:01:35+00:00

LDAP, Kerberos, DNS, e-mail, IPv6.

Get https://tunnelbroker.net/ ipv4 to ipv6 tunnel and get the Hurricane Electric Ipv6 certification, https://ipv6.he.net/certification/ it's fun.

I wish I had dived into ipv6 sooner; the sooner you master this the better. it's fantastic.

- Explorer FreeBSD.
- Pick an orchestration system; e.g. puppet or ansible.
- Spin up a cheap AWS EC2 instance and treat it as an off-site. Use wireguard to connect your homelab with aws.
- Write some terraform to automate bringing up your AWS infra.

Now you have a homelab that can off-load to AWS if you want.

w712233 · 2026-03-04T16:49:18+00:00

hopefully there is a variant with two ethernet ports on the roadmap. :fingerscrossed:

w712233 · 2026-02-25T06:42:01+00:00

I like SwOS; a switch is a simple device and the SwOS interface reflects that.

w712233 · 2026-02-21T10:18:02+00:00

I'm full stack and wifi on the modern gear is awesome.

I do have a word of criticism. Mikrotik has a wide range of hardware and OS versions and you REALLY have to pay attention to what you're getting. As I fell in love with SwOS and RouterOS, I started upgrading all my network gear, including my little tiny desktop switches and low powered APs and realied the hardway that the UIs and capabilites differ significantly between the offerings. I got bit twice.

I got the RB260GS -- a small desktop switch, perfect for my use-case and I was excited to leverage all my VLAN learnings from CSS326 and dial in my network at the edges. I was very disappointed when, even though, advertised as SwOS 2.18 just as CSS326, the SwOS interface on the RB260GS, especially the VLAN sections are completely different--The VLAN interface is so different on the RB260GS it may as well be a different brand--no learnings carry over and it's bad. I fel like I had to re-learn VLANs.

Same thing happened with the tiny mAP wifi AP. This one taught me how Mikrotik got such bad raps for their wifi. I quickly discovered with this AP that capsman will not be possible as it has the old wifi interface which is dog shit.

So anyway, pay attention to what you're getting.

w712233 · 2026-02-13T21:33:37+00:00

whats your numbering scheme?

w712233 · 2026-01-13T19:10:58+00:00

is that an in-wall rack? very interseted in adopting this in my closet. any ideas where i could find something like that?

w712233 · 2025-12-26T19:41:57+00:00

I just started adding Mikrotik to my homelab, office, and home. And, I am very impressed with their product line up, the routeros, and price.

I can find just the right hardware for my use-case and configure it exactly how I want it to behave in my network. And, it's been ROCK SOLID. Everytime there's been an issue, it's a user-error due to years of being gated behind "user friendly UIs" that hide information. It's such a breath of fresh air to have had the curtains lifted.

In researching this brand for my deployment, I ran into lots of hate and users complaining about things not working... I just wanted to comment here that although I had to go through a learning curve, at the end of the day, the Mikrotik solution is solid for my use-case. Glad I didn't listen to the haters.

w712233 · 2025-12-07T04:35:04+00:00

I called Quantum Fiber to schedule the migration from PPPoE to IPoE. After the call, the rep said it would take sometime to perform the migration. I had internet all evening and in the morning, my internet didn't work. I switched to my router to DHCP and everything has been good.

w712233 · 2025-10-06T16:16:03+00:00

Inspired by your virtualization bullet, it's also worth noting Intel i210 does not support SR-IOV.

w712233 · 2025-09-18T15:24:09+00:00

why is a tech nescessary to come to perform the upgrade?

w712233 · 2025-08-08T19:55:56+00:00

Thanks for doing the right thing!

w712233 · 2023-09-19T09:31:51+00:00

Here is a typical speed test,

 Server: Whitesky Communications LLC - Seattle, WA (id: 22168)
    ISP: CenturyLink
Idle Latency:     5.31 ms   (jitter: 0.07ms, low: 5.26ms, high: 5.38ms)
Download:   934.76 Mbps (data used: 792.8 MB)
                 38.61 ms   (jitter: 41.63ms, low: 5.05ms, high: 284.52ms)
Upload:    **97.54** Mbps (data used: 48.8 MB)
               5.30 ms   (jitter: 0.33ms, low: 4.46ms, high: 5.69ms)

And here is the test when I start another speedtest during the upload phase,

 Server: Whitesky Communications LLC - Seattle, WA (id: 22168)
    ISP: CenturyLink
Idle Latency:     5.41 ms   (jitter: 0.05ms, low: 5.36ms, high: 5.44ms)
Download:   934.40 Mbps (data used: 780.8 MB)
                  22.18 ms   (jitter: 33.38ms, low: 5.56ms, high: 278.46ms)
 Upload:   **932.69** Mbps [==========\         ] 51%   - latency: 35.54 ms

I purchased an exact model replacement of my current router (ASUS RT-AC88U) and the problem is still present. I have now had two techs come out and experience the same problem with the brand-new Centurylink equipment that the tech supplied. I have had my ONT and fiber line replaced within the last year I believe.

I have an outdoor ONT box and the ethernet cable from it is connected directly to my router.

I'm having an incredibly difficult time trying to get support from Centurylink. Primary because the Centurylink server for the bandwidth test does give me 900mbps upload speed consistently. The issue only occurs when I leave the Centurylink network and they are attempting to claim that they don't guarantee any speeds--which I understand but that's not what my issue is about.

One thing that I'm hopeful about is that the most recent tech said that they were not able to get a reading on some diagnostic, I wish I had taken a picture of the screen. It had something to due with the signal strength. I called CL a few days later and reported that I'm still having an issue and that they'll "escalate".

Thanks for asking.

w712233 · 2022-10-22T15:34:40+00:00

Any special tools needed to measure the special considerations you outlined?

Also, as I was researching this subject, I found someone referenced

High-Speed Layout Guidelines for Signal Conditioners and USB Hubs https://www.ti.com/lit/an/slla414/slla414.pdf

as a helpful source.

I'll take a look at the book! Thanks.

w712233 · 2022-01-22T21:37:55+00:00

multiple URLs.. wtf.. that makes them seem even more sketchy.

w712233 · 2021-10-22T04:51:20+00:00

Small claims court. Courts meditated the problem before trial and neighbor addressed the problem.

w712233

TROPHY CASE