Today we had a 3rd power outage for the week, I am sure some 3rd world countries have more stable power then we have with BGE.
Well with the news of the new cyber security issue facing the US that came out today. See here While I am confident that where I work has things in place to help prevent this, one can never be to paranoid. So to protect my home network just in case, I setup a VLAN for my work computer (VLAN 10) I have blocked both ways, devices on my home network can not access the “work” network I setup on VLAN 10, nor can devices (well just device, the work laptop) on the “work” network can not access my home network. I have a drop from work lan -> home lan and also a drop from home lan -> work lan. With 2 more rules, requests to my DNS server only on port 53 from work lan -> home lan, and an Allow Estabished and Related rule so that if a request is made the DNS server can respond. I have tested if I can connect to my work place’s VPN (that all I really care about for the work laptop to connect to, as once that in place all traffic from the laptop goes to my work place) So now from my work laptop I can not ping any IP on my home network, nor can I ping my work laptop from my home network.
This should 1) protect my home network just in case (I doubt it will happen) and 2) if my home network gets compromised (I also doubt this will happen) it should help protect my work system from it. Also to go with this, my guest WiFi network is also off of either of these 2 network, so if I have a guest over that has a compromised devices (this is my biggest fear, as not all my friends are tech savy) it will not be on either my home network nor my work network.
Hope you made a good Pie to celibate Pi day. I will be making a dutch apple pie later today for Pi day.
This is the core of my network, Here you will see at the top my Unifi USG router, with the main WAN going out to my Verizon FioS modem, and the second WAN going out to a WiFi access point, that connects to my T-Mobile Hotspot as a fail over in case my Verizon connection goes down.
Next to the WiFi access point is a hard drive that is connected to a Pi that serves not only as a SMB server (for my local NAS) but that same Pi also serves as my DHCP server and the VPN endpoint into my home network when I am out and about (if we ever can leave our homes again) Above that Pi is another Pi that serves as a DNS server (Pi-Hole) and the Unifi Controller server.
Also you see on the wall there my main switch that has 3 lines going out, on to “Desk 2” to distribute the network into my computer room, one goes to the bed room to send out the network to the bedroom, and the third one goes out to the living room to distribute the network out there.
Also you will see the USB drive is not plugged directly into the Pi, as it could not put enough power to the USB drive so it goes into a powered USB hub, then to the Pi.
And there is the core of my home network, and yes it a mess and no cable managment.
I wish BGE could keep the power on more then a few days. Today at 11:30pm we had yet ANOTHER power failure.
Since I have played around with the NAS, I had the thought I should share out my main data directory on my main computer, and then mount them on all my computers. This way I don’t have to worry about scp the file over do the work and then scp it back. This way I can just have my document directory mounted on all my Linux boxes, and if I need to work with a file, it is already “on” the computer and when I save it will be saved over at the main computer’s file system. I just had to set the “owner” of the files when I mount it on all the other Linux boxes. Took a little bit of work today, but it might save me time in the future, as no need to copy files back and forth.
Along with the other backups I do of my data; I use SpiderOak for off sight, and also sync it with MS one drive [Yes Linux data being synced to OneDrive], I also take a tar.gz backup of it, and store in the local computer, then scp a copy of it to a file server on my network, also I sync the one drive down to another computer. I am now going to do a nightly rsync of the data directory to the NAS I setup. I know maybe I am doing to many backups of the data, but I want to be sure if something happens to my data I can have a chance of getting it back. I will also being coping a copy of my nightly backup tar.gz files up the the NAS.
The funny part is I could have uploaded it to the cloud faster then doing the init sync of the data to the NAS, while in the long run it will not mater, now it is going slower as the Raspberry Pi only has a 10/100Mbit Ethernet port, so it will take longer to load the full 1.3TB to the NAS. Funny as I could upload to the internet in half the time as I tend to get upload speeds of 200Mbits when uploading to the internet now, I have seen as high as 500Mbits, but 200Mbits is about the average I seen.
I have 2 Raspberry Pis (as I have talked about a lot and they are doing network services for me) I am not using m the external hard drive I had attached to my PS4 Pro a while back so I cleaned up games from it, and also from the external drive that I will not be playing anymore on the PS4, especially since I have the PS5, and the PSVR is attached to the PS5. I was able to free enough room up on both the internal and exernal drive, that I am able to move all the games still on the PS4 to the internal drive. So I am going to format it and attach it to on of the Raspberry Pis and turn it into a 2TB NAS drive. The work I am doing on my home network is making it look almost professional. Firewalls, WiFi Mesh network, custom DHCP, in house DNS sever to both fillter out ads/malware sites and get updates from the DHCP server so I can connect to local boxes via a name and not just an IP address. Now I will have a nice little NAS (2TB) setup to go with all of this. Some of this is just repurposeing older hardware.
I been watching a lot of streamers and apparently they are doing a game called outriders. And watching the streams, it does not seem like I want to play it. All the streamers are doing the same thing hour after hour. They run down a hill turn left then run a bit turn right run up a hill, kill a few bad guys, then run back down the hill to let the last bad guys kill them. Full process takes less then a minute. I am sorry when that seems to be the game the demo is showing it does not seem like a fun game. If you want people to get excited for your game make it so there more for the streamers to do then farm the same 60 second event over and over. At this point I have no interest in Outriders.
Well had another power failure (BGE has very bad at keeping the power on) So I have bout my modem, the router and the main switch, on a UPS. Since the DHCP and DNS servers are on Raspberry Pie I have a 30K mah battery pack I have not been using since we stuck in shutdown still, I put them on the battery pack, and plugged it in. So the core of my network should stay up when the power goes out (sad that I have to plan for power outages as they happen so often here, we have power stability that is as reliable as some 3rd world countries)
Yet another power failure by them no wind no rain no snow clear weather and yet another power failure. I wish they would fix the bloody power they can not keep the power going. Why do we even pay them if they suck so bad
I been using Pi-Hole to block ad sites, and analytic sites that are used for tracking. Well since I added a custom list to block all google’s analytic sites I noticed that my google drive started to fail. So when I started to look into it, I found it uses the URL www.google-analytics.com and that the only way to upload to them, even 3rd party applications have to use that URL. So what am I to do, let google track me. Or, I do have a subscription to Office 365 from MS, along with said subscription they give you a 1TB of one drive storage. The program I used in the past to sync my google drive with my local storage also can sync with OneDrive (program is called inSync) And as I am not nearly as anti-MS as I was in the 90’s or early 00’s I am not opposed to using MS products now. I tested it, and I don’t have to let some tracking site be accessible from my home network to use it. So I went and deleted the files out of my google drive, then went and canceled my google extra storage space, and setup inSync to sync my main document directory to OneDrive (from under Linux) So now that $3 I don’t have to spend for 200GB of storage, as I have the 1TB from MS. Best part as MS is not a advertising company I can be a bit more secure in knowing they are not going scanning my documents to get advertisement data. So now as I type this, I am uploading the 111Gb of data I have in my main Data Directory. So in googles “need” to track everything they lost $3 a month from me. Why they would make the google drive go thought the main analytics URL is beyond me, but hay, I am now off of google there. I don’t even us Gmail, for email I have a rack space account for my email.
I just looked at what WiFi analizer shows for what is on the WifI airspace around where I live, in the building I live in there are 11 units, 1 is empty, and below is what the WiFi airspace looks like. This is one reason for things that need a good connection to the internet you want to hard wire them. The amount of traffic on the air is very high, and there are not that many people here.
Well it been a week and a half since I put the USG in as a firewall/router for my home network. On data point that I find interesting, is I look at my average transfer rate on my home network. I have a 1Gbit connection from Verizon, but do I really need that speed? The answer apparently no. looking over the 1, hour, 1 day, 1 week average, I never really go over 200Mbits and that is rarely and not for very long, only see it on the 1 day averages. But most times looking at the 1 week averages and the month one (not fully filled out) I vary rarely get an average over 50Mbits. So while I am going to keep the 1Gbit, as I started at a 75Mbit, and they offered me for $10 more a month when my 2 month contract was up 1Gbit, so for the few times I would like the higher speed, it will be nice to have, and as I said it is only $10 more then I was paying for 75Mbits. But if you are looking to get new services, think about how much you really need, do you really need 1Gbit? I am a single person, and even when I am streaming 1 HD videos I use about 50Mbits of data speed. Also remember for gaming you don’t need high bandwidth you just need low lag, and this not a measure of speed of data being downloaded but how long it takes for a message to be sent to the server and back, the data is not that much data, probably could be done in a few Kbits, it just how long it takes to get there and back. Yes it is still nice to say I have 1Gbit, but truth is I don’t need more then 100Mbits. See stats below for my last week of usage.
I am for fun watching the logs of my Pi-Hole (the local DNS server on my network) and it interesting to see how many requests are going on per second, and a lot of them are being blocked (resolving to 0.0.0.0) the requests for all kind of tracking sites (mostly google tracking sites, and many facebook tracking sites [and I don’t even have facebook open, they are really tracking people hard]) And this is while I am just sitting here doing nothing on the web (I do have many tabs open in my web browser like I normally do, probably ajax calls) I am just sitting at the computer watching the requests scroll by. Below is the stats for the Pi-Hole