Below you will find pages that utilize the taxonomy term “Networking”
One Year With a $290 AliExpress Firewall: Lessons From the Homelab
A while back I came across someone’s write-up of a 1U firewall appliance they’d picked up from AliExpress for $290. Intel N100, four 2.5G Intel i226-V ports, a PCIe slot for SFP+ modules. Runs pfSense. One year on, they reported zero freezes, zero reboots, quiet as you like, cool enough in a home office with no air conditioning.
That last detail stuck with me. No AC and it just keeps going. That’s the kind of reliability review I actually trust, because nobody’s trying to sell you anything.
CGNAT, ISPs, and the Luck of the Draw
Been down a rabbit hole this week reading through a thread about self-hosting and CGNAT, and honestly, it’s one of those topics that sits right at the intersection of “deeply nerdy” and “genuinely important infrastructure that affects real people.” Bear with me if you’re not in the IT world — I’ll try to make this relatable.
For the uninitiated, CGNAT (Carrier-Grade NAT) is basically your ISP hiding your connection behind a shared IP address. Think of it like living in an apartment block where everyone shares the same street address — great for the landlord who doesn’t have to manage individual addresses, not so great if you want people to actually find your specific door. For those of us who like to self-host services at home — a personal media server, a game server, a home automation dashboard — CGNAT is an absolute pain in the neck.
Port Exposure and Reverse Proxies: Why the Extra Layer Actually Matters
I’ve been mulling over a question that popped up in one of the tech communities I follow recently, and it’s one of those deceptively simple queries that actually opens up a fascinating discussion about security practices. Someone asked why using a reverse proxy is considered safer than directly exposing service ports, and honestly, their follow-up question was spot on: “Doesn’t it just bump the problem up a level?”
The question really resonated with me because it touches on something I see all the time in my DevOps work – people implementing security practices without fully understanding the underlying principles. It’s like following a recipe without knowing why each ingredient matters. Sure, you might end up with something edible, but you won’t know how to adapt when things go sideways.
The Looming Shadow Over Tailscale: Another Tech Service at the Crossroads
The tech world is buzzing with news of Tailscale’s latest funding round, and my notification feeds are lighting up with concerned users discussing what this might mean for the future of the service. Sitting here in my home office, watching the autumn leaves fall outside my window, I can’t help but feel a familiar sense of dread.
Remember when Reddit was just a gathering place for communities? Or when LastPass was the password manager everyone recommended? The pattern is dishearteningly familiar - a beloved service gains popularity, attracts investor attention, and then begins the slow descent into what’s now termed “enshittification.” It’s like watching a slow-motion train wreck, and many of us in the self-hosted community are bracing for impact.
Rediscovering the Joy of Home Phone Systems in the Digital Age
Remember those days when every house had a landline phone? The familiar ring echoing through the house, the satisfying click of picking up the handset, and that curly cord that would inevitably get tangled? While most of us have long abandoned traditional landlines in favor of our smartphones, there’s something fascinating about bringing this technology back with a modern twist.
Reading about someone’s recent DIY VoIP phone system project got me thinking about our increasing dependence on mobile phones. The setup they described - using FusionPBX and FreeSWITCH on Proxmox - sparked my inner geek’s interest. It’s precisely the kind of project that would keep me happily occupied during those scorching summer weekends when staying indoors with the air-con is the only sensible option.