Just.Oblivious

Here is a quick snap of my tinkering/engineering/coding/hacking workstation: Specs: HP EliteBook 2560P (i5-2410M, 8GB DDR3, 120 GB SATA SSD, DVD RW drive) running Pop!OS Linux. Monitor: Dell U2515H (25" 1440p60 IPS). Other items: Wooting One keyboard, Logitech G305 mouse, Edifier speakers, IKEA LED bias lighting, Flipper Zero, Anet A8 "AliExpress special" 3D printer, a dissected IKEA Smart Home sensor product with some wires poking out, a logic analyzer, and some random electronics/ESP8266/microcontroller stuff. Performance is still very respectable for a 10+ year old midrange business laptop. Miraculously it still holds a 3 hour charge.

@LinusTech Some remarks from a casual observer: Having premature “labs” testing data included in a product review only jeopardises the future credibility of the lab; don’t include it until the testing methodology for <insert category> has been finalised and tested for repeatability. Laboratories typically don’t share premature results with a wide audience, and what they share with the scientific community always includes clear remarks regarding the data being inconclusive with a detailed explanation of how they got to their results. I know you’re eager to show us what your shiny new equipment can do, but please only do it to entertain us. Don’t rely on the data yet to draw conclusions about products, don’t even share the data with us until you can vouch for its accuracy.

I would love to see a video explaining your actual IT infrastructure, not just the boxes and cables Like do you have AD-joined machines to provision software and set policies, or is it all just standalone boxes with local accounts? How do you ensure endpoints have the proper security controls in place? Does LMG or Labs make use of infrastructure-as-code to deploy things (e.g. Ansible)? Is there something like GitLab running to manage source code and automate deployments? How is the network laid out between the different entities and locations, like routes and stuff? How do the firewalls perform at 10G+ speeds with policies in place? And as someone who works in IT security: have you considered setting up centralized log management, EDR, SIEM, NIDS, etc. now that the company is growing towards more of an enterprise scale? This stuff might be a bit too technical for the general LTT audience, but I'm still curious to know.

/me: Dream, who's that?! Am I getting too old for this internet thing? Well, apperrantly there is about an order of magnitude more interest in Minecraft content on YouTube than I originally thought...

I love to see more Home Assistant content! I don’t know what your plans are regarding the Home Assistant platform, but given the number of devices that you plan to connect I would strongly advice you to skip the Raspberry Pi (kind of the go-to deployment platform for HA) and go straight for a dedicated X86 host; else the performance will be terrible and your SD card will die in a matter of weeks from all the database writes… By the way, Google Assistant works fine without the Home Assistant cloud subscription (no auth issues here), though admittedly the manual setup process is quite cumbersome compared to the Cloud setup.

So, time to go deeper: when is the ASML tour coming?

Do those Crucial drives have wireless SATA? Because I certainly didn't see any data cables... Still a cool concept case, just way overpriced for what it is (the Flex PSU isn't even included at that price)...

Both interfaces have enough bandwidth for gigabit Ethernet. It's going to come down to the individual chipset for things like latency, featureset and driver support. If you need a 10 Gbps dongle, then TB3 is going to be the only (rather expensive) option. For general use I'd just get the cheapest possible one...

Recovering from a bad flash is going to require some tinkering: https://www.stevejenkins.com/blog/2014/01/how-to-unbrick-a-netgear-wndr3400-n600-router-after-a-bad-dd-wrt-flash/ On the bright side, you don't have to do any soldering to recover this one.

There is always the chance that tinkering with firmware 'bricks' a device, though in reality I've only seen it happen once (out of the ~100 firmware flashes that I've done on consumer routers). And even if it does happen, the router can usually be recovered through a serial console (which may required opening the device and soldering some wires onto the board). If the router powers on and the web UI is accessible, you can usually revert back to the original firmware by flashing the firmware file provided by the manufacturer. But keep in mind that when a product requires warranty repairs it's often broken beyond this point, making it very hard (or even impossible) to revert the firmware before shipping it in. Whether or not tinkering with firmware voids the warranty of a product depends on local laws and regulations.

Another option is to ditch the idea of a x86 pc-based router. If you separate the VPN load from the routing/firewall tasks you can get by with a good low-power ethernet+SFP router (like the Ubiquiti EdgeRouter 4). Just run the VPN client on the desktop (or in the future on a VM) and you're good. BTW you absolutely don't need server-grade hardware for running a home-router, just keep the ISP router as a cold spare in case something fails... The only case where I would consider server hardware (and ECC memory) at home is for a storage server. If your stuff is mission critical you should always setup two boxes with automatic failover, don't forget a UPS-system with a generator out back and a second internet line, you know, just in case your cat blog goes offline

What type of cable is it that you get from them? There are a few dozen flavors of optical fiber cable, the SFP module you select has to be compatible with the technology used by your ISP. Not if you do it properly... Virtualizing routers, firewalls and security appliances is common practice in big enterprises. Breaking out of a virtual machine is a few hundred times more difficult than pwning a cheap-ass home router, believe me. Of course you should use a proper hypervisor and segment the interfaces, but that's a given with virtualization. Another solution is to get a hardware firewall with your virtual routing appliance behind it. As far as VPN performance goes, 100 Mbps should be doable with something like a Celeron-based Intel NUC.

It all depends on how your ISP delivers its service. Does the fiber line go directly from the wall into the router, or does it go through a media converter with ethernet output first? VPN, as in connecting to a public VPN provider? 99% of the public VPN providers use OpenVPN, which uses a hell of a lot of CPU resources. Pushing 200+ Mbps over OpenVPN is a challenge (think Core i3/i5 server with AES-NI support and no other services running). If you want VPN just for making remote connections to your home network you can use a less resource-intensive protocol like L2TP/IPSEC. If you already have a server running (or if you plan to get a home server) you should consider building a virtual router, that way you can share resources and save power.

High level overview of my home infrastructure: It's pretty basic in terms of actual networking. Just a few VLANs, some routes, two IPv6 networks, two VPN tunnels and a load of firewall rules. The unRAID box runs a virtual router that tunnels traffic over a NordVPN link (primarily used for downloading), it's way faster than trying to run OpenVPN on an (already busy) EdgeRouter. I also have a cloud-hosted VPS for out-of-band management from other networks (that are often IPv4 only), it runs a dedicated IPSEC tunnel over IPv6 to my internal management-host. Unfortunately my ISP doesn't provide the credentials for their VOIP platform, so I have to use their stupid all-in-one router/VOIP ATA with another ATA right after it to get a usable VOIP line. Migrating the landline to a cloud VOIP provider is on the roadmap for Q4 2018.

I use my (stock) Anet A8 primarily for printing small spare parts. Recently I printed seat bushings, panel clips, bulb holders and other small things for a BMW Z3 that I'm restoring. My main filament is PETG, it's durable yet flexible enough for making spring-fit assemblies (like panel clips or a snap-fit lid for an enclosure). Almost all things that I print are a custom design (simply because most parts that I need have never been designed/published before). Tape is my preferred bed material. I'm not too concerned about surface finish or print quality, if the part comes out correctly and fits right I'm happy.

Samba's implementation of SMB3 multichannel is still very experimental. Making it work with non-Linux clients requires a little extra configuration : Samba has to report interface speeds and some capabilities to the client. On Linux, Samba can auto-detect the speed of an interface. But to support other platforms, and in order to be able to manually override the detected values, the "interfaces" smb.conf option has been given an extended syntax, by which an interface specification can additionally carry speed and capability information. The extended syntax looks like this for setting the speed to 1 gigabit per second: interfaces = 192.168.1.42;speed=1000000000 https://www.samba.org/samba/history/samba-4.4.0.html (under "EXPERIMENTAL FEATURES")

While good advice, depending on the router in use this setup might not be as secure as first thought. If the router is just a "dumb" (VLAN unaware) consumer router there is still a possibility for leakage to occur. Granted, you'd have to be a skilled attacker in order to successfully "jump the gap". The "best practice" way of separating two networks is by running different subnets on different VLANs, with a VLAN aware router-firewall combo in place to control the traffic going in and out of each network. Another benefit of this approach is the ability to easily apply bandwidth limiting and QoS-rules to different parts of the network. My idea looks something like this: It can also be done without the use of VLAN's or a managed switch (as long as the router has more than one individually addressable LAN interface):

So you're essentially running a NAT-router behind another NAT-router? That's not ideal. If you're in control of the main router I suggest setting up two isolated and firewalled subnets for you and your neighbor.

Give SyncbackPro a try. Make sure to download the pro version trial, the free version lacks some features. SyncbackPro has the ability to address a drive by serial number (or by drive label). You can also set a trigger that launches the backup task as soon as a particular drive gets inserted (or even by drive slot if I remember correctly). The UI isn't exactly user friendly, but it's a very solid tool once you get the hang of it.

Never trust a failed drive, that's straight up data suicide. It'd be interesting to see the SMART (self test) attributes, a program like GSmartControl can pull that info up for you: (this is for my old SSD: same idea, different parameters)

Search 3D Hubs for a service near you that can print a part of this size in the material that you want. Exporting it as a .STL file should be enough. The printing service will check if this model can be printed on their machine, you don't have to worry about slicer settings or anything. Just make sure that you verify all the important dimensions before sending it out.

Yeah, that's a router behind router or "double NAT" setup. That's not what you want. Best is to configure the second router as a wireless access point. This puts all devices in the same network, with the second "router" in place to handle switching and wireless.

What you're describing are subnets, not VLANs. It appears as if you're running some kind of a router-behind-router setup, but I could be wrong about that. Can you give a little more detail about your network setup? A diagram would be nice.

How is this random snippet of information going to help OP, or anyone else for that matter?

What? Why? Phone line boosters don't work for VDSL, putting one in will completely mess up the signal.