The #OpenWrt update procedure at https://openwrt.org/docs/guide-user/installation/generic.sysupgrade has me concerned, though. A complete wipe for every security update? Yikes.

I used #openwrt on a WRT54GL even more years ago. I switched to a solid-state x86_64 box with #pfsense (later #opnsense) for more features. I might just put OpenWRT on that (it has 4 Ethernet ports which suit me well.)

I've been using #OPNsense for years (and before that, #pfsense) but its #IPv6 support is so buggy I think I'll have to switch. Suggestions for what to switch to? #OpenWRT is my leading contender due to its #CAKE anti- #bufferbloat support.

#OPNsense bugs: IPv6 NAT uses the wrong IP address after WAN gets a new one https://github.com/opnsense/core/issues/6530 , same with NPTv6 https://github.com/opnsense/core/issues/5284 . Not IPv6, but it uses the wrong MAC sometimes https://github.com/opnsense/core/issues/6512 though I was able to work around that.

VLAN article finished. 🎉
Delightful 18 minutes of explaining VLANs in general, on Netgear switches, on OPNsense and on OpenWRT. And a bit about my "implementing VLANs" day.

https://blog.mei-home.net/posts/vlans/

#HomeLab #VLAN #OPNsense #OpenWRT

I believe I might have finally gotten the hang of VLANs. MY OpenWRT WiFi AP is now also equipped with VLANs separating the management interface from the actual WiFis.

For now, I'm having all WiFi devices in a separate VLAN which can only access the DMZ and the Internet. My own devices then use WireGuard. I will have to see whether I will switch to MAC filtering for my own stuff in the future.

#HomeLab #OpenWRT

So, any #openwrt #sysadmin doing dnscrypt that can give me a pointer or two? I had dnscrypt-proxy (not proxy2) working, but with slow ipv6 last night, and I went to refresh the resolver list as the public list showed a bunch of viable looking options, but instead I now have a list with seemingly nothing valid to pick from ("Unable to retrieve server certificates" galore).

My new toy is coming, a fantastic GL.iNet GL-AXT1800 (Slate AX), running #OpenWRT

Yaaaay!!!! 😁😁

Finally, I have new toys:
- Nano router TP-Link, I'll flash #openwrt as soon as it arrives, I want to try to use as WiFi AP for my IoT devices.
- Mini pc with Intel n5105, 16gb RAM and SSD 512 gb. It will run #Proxmox, with #Nextcloud as my personal cloud. Everything secured by a VM running the ngfw #Sophos Home Edition.

I will see how it performs...

OpenWRT is trying to fight me when installing a certificate generated from my Vault CA.

When installing the Cert via LuCI, Firefox spits angry "no cipher overlap" errors. Which I don't get. With the self-signed OpenWRT cert, it's showing me TLS 1.3 ciphers being used. 🤔

#OpenWRT #homelab #selfhosted #100DaysOfHomelab

@reproducible_builds

Monthly #reproduciblebuilds report:

https://reproducible-builds.org/reports/2021-07/

It's great to see more discussion of #reproduciblebuilds and #bootstrappablebuilds related to #supplychain vulnerabilites.

Really excited to see the work on reproducible live images for #debian .

Always nice to see developments in other #foss projects #ArchLinux #OpenSUSE #alpine #mirageos #openwrt as we are all in this together.

Personally, I had a good month submitting a few patches!

in case anyone is interested, I bought this device

https://www.tp-link.com/it/home-networking/wifi-router/tl-wdr3600/

it's a refurbished one, flashed with #openwrt

From someone know

So I avoided a purchase on Amazon

And given the level of the device I also saved a few euros

After seeing another news about IPFS I decided to test. Seems like I was able to almost kill cheap router here in hotel. IPFS is amazing protocol. I'll continue with testing at home, with my good #openwrt powered #mox router!