@johnpoz said in Reducing Power consumption:

Bet you switching out a 1 light bulb for a led would save you way more than the 2 bucks a year your talking..

To be fair, if you're chasing those savings, you've probably already done the heavy lifting of already swapping out electric heaters for LED lighting, installed solar, gone for energy efficient dishwashers, washing machines, fridges, etc. Or, saving 2W out of 14W means that when you get power cuts you've gained yourself an extra 10 or 20 minutes running off a UPS. The benefits don't have to be pure monitory.

@SteveITS

Hi,
Since version 2.7.1 was released, version 2.6.0 has passed EoL, which gives me some indication of the product life cycle.
In any case I understand that the right strategy is to move towards 2.7.1.

b56da4d5-f22a-439f-9d06-229e435bf891-image.png

THANKS

@stephenw10
Thanks!
This is exactly what I was looking for.

@stephenw10
To be fair, commercial solutions like Cisco Umbrella or Zorus do a really better job at this whole proxy thing.
I know there isn’t a home lab or SMB pricing that makes sense which is really the pain point here for mostly everyone.
Also I’m not aware of any commercial proxy to be used internally. Is BlueCoat still a thing?

@johnpoz BTW I have disabled admin login externally - I use QC only to view "surveillance station" camera's using synology app - Great App. But thx for your input

@Phizix said in Copyright Violation:

Peace!

Always accepted...thanks!

@Patch Never needed after sales support. They have been massively used by a large community of users, so I've always found every information I needed just by... "praying St. Google" 😄 .

Anyway here is PCengines support page and, from there, the bios update info page.

@georgelza said in advise/view of this machine for home use/FW:

what would everyone's view of of the 4 core/8Gb option, as a min bottom line spec.

The four core should be sufficient with 16 RAM... if your expected life cycle is 3 - 5yrs and depends on your home network needs...yeah, I know how one feedback can be puffing...you might have to be the guinea pig. Hope others chime in...

As far as I know that doesn't affect anything in the pfSense base install but I'm looking to confirm that.

Steve

@definitelynotmyusername Thank you for your insights on VyOS! I joined the VyOS community forum and got some positive feedback.

@Wolfgangthegreat if you change the order - you prob do have to refresh the page your looking at.

@AndyRH but firewalled is what they are - you put them behind a firewall or you put them on a protected network.. etc..

Why should the users freaking care? I have never worked at a company where you told the users anything about security or moving of server.. Service X will be down over the weekend, etc.. Is about the most they got.. If they asked you might tell them yeah moving the service to a new server, moving the server to a new location..

Users don't have a clue to what a firewall even is, or a network segment in the first place.. Throwing in such terms is just like speaking gibberish to them..

Might as well say sldjfsldf sjfojsdfj shoasdhjdf theh Service X lajdfnslslsfdhoet down alajlsjdjflsjdf til monday..

Looks like it's a MIPs device. pfSense CE is x86 only so...nope. 😉

I've been doing a research about these switches and it seems that their L3 functions are half baked.
You must use the switch as the gateway and DHCP server, there is no NAT, you need to use ACLs through the CLI to filter traffic and even if you save the configuration, it won't survive a reboot.

If you are going to use this switch as a L2 only, it will do the job nicely.

@michmoor said in Home/homelab network design - Am I overthinking this?:

The amount of VLANs here are , imo, a bit of an overkill

OK. Would you mind telling me what you'd do differently? And why?

Do not host an email server. There will be plenty of people here that will list the multiple reasons but chief among them is that it will be extremely easy to get your IP on a bad reputation list.

I know that's the conventional wisdom. I also know there are plenty of people out there who are doing it successfully and have been for years. I plan to use an SMTP relay so I don't have to worry about my IP being on a bad rep list.

If you are a novice as you state then the recommendation would be to not expose any services to the internet. If you need to make your NextCloud or any other app accessible to others than a remote access VPN would be best. If you dont want to do that then look at CloudFlare tunneling but i honestly just wouldnt do it if you are not prepared in all the things that could go wrong.

I'm already using CF tunneling. I plan to be prepared for worst case scenarios with a very good backup plan/system. If everything crashes and burns, OK. Great learning opportunity.

If you are going down this rabbit hole of simulating an enterprise then look also into setting up a remote logging server (Graylog), perhaps a SIEM (Wazuh) which i would highly recommend considering you are exposing web servers to the world.

Yep. Planning to use both of those. Maybe Zabbix and Suricata, too. All stuff I want to learn.