Pete's Log: Additional Home Network Notes
Entry #2547, (Coding, Hacking, & CS stuff)(posted when I was 46 years old.)
A couple follow-up notes to the Residential Gateway Bypass:
- I enabled a few blocklists on the DNS resolver and nobody has complained so far.
- I split the guest subnet into separate guest and work subnets, to keep my work devices (laptop and VOIP phone) safe from our malicious guests. Our main subnet is 42 and I made our guest subnet 84 (2*42). 84 became work and I was pleased to discover that 2*84 = 4*42 = 168. So on IPv4 at least, the new guest net lives on 192.168.168.0/24
- Less pleasing is that having only 16 IPv6 prefixes to spread around, none of 42, 84 or 168 are valid prefixes. So for now my IPv6 prefixes don't match my existing subnets but maybe I'll give in and renumber things.
- I have retired the pi Kubernetes cluster. As much as I learned from and enjoyed setting it up, the maintenance effort started outweighing the benefits. So now most of the pis are turned off as I plan their redeployment. I did install Home Assistant on one of them.
Also, it still makes me happy to sometimes just step into the laundry room and look at the firewall plugged directly into the ONT.