[NNagain] FCC - delete, delete, delete

Daniel Ezell dezell at stonescry.com
Sat Mar 15 14:49:15 EDT 2025 

This is one of the most helpful posts on this list ever. I appreciate the whole scope of the discussion, but from time to time you guys drop a gem of helpful advice for my real-world needs. Nothing may ever top Dave’s 2021 email with the crontab script for updating OpenWrt, but this will certainly be a reference for me as I prepare my home for the upcoming revelation of 10G Sonic Fiber later this year. Thank you Bob, and thank you all. 

Daniel Ezell
https://chronos.academy

> On Mar 15, 2025, at 11:16 AM, Robert McMahon via Nnagain <nnagain at lists.bufferbloat.net> wrote:
> 
>> 
>> In case it's not clear. I am NOT happy with how device manufacturers ship old
>> code and never update it.
>> 
> 
> I was unhappy about my home network and my paying job is to provide
> components for such.
> 
> My home network wasn't resilient enough to carry entertainment,
> productivity (including distance learning) and medical traffic.
> 
> The fixes so far have been:
> 
> o) Don't use an all in one AP anywhere, just use it for wireless bridging
> o) Use a fronthaul architecture (2.5G - will go to 100G when Fi-Wi is ready)
> o) Use a dedicated firewall & dhcp server with AQM such as fq_codel (I
> use a protectcli vault)
> o) Connect the APs (4 for me in 100 sq ft) configured in bridge mode
> and optimize spacetime, allow for proper RF overlap - not too much,
> not too little, but just right like the story says.
> o) Use AP's that support the 6G band
> o) Use keep connect devices to detect AP failures and power cycle them
> (hammer approach)
> o) Use separate ethernet switches where 802.3 switching is needed
> (don't use the AP integrated switches, they go down per the crappy
> gateway sw you're likely talking about)
> o) Implement DHCP guard to protect against rogue DHCP servers
> 
> Then for monitoring
> o) Install rpi 5bs with INTC BE200 and pcie Wi-Fi adapters in the
> rooms that need monitoring
> o) Install kismet and integrate with kismet to monitor
> o) Turn on firewall & WAN port monitoring services
> 
> Only access to devices is ssh with encryption keys, and configure ssh
> passwordless access.
> 
> Now, my family can be entertained, do their work and learning, and use
> their medical instruments with high in-home reliability.
> 
> It's a thankless job we Dads must do. The home frustration level goes
> way down and the complaints of "Dad, the internet isn't working again"
> have gone away - except for when the OSP goes down. The OSP provider
> tends to send information to me when that happens so my family can
> work around it.
> 
> Bob
> <Medical-Devices-with-Wi-Fi-03-15-2025_10_41_AM.png>_______________________________________________
> Nnagain mailing list
> Nnagain at lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/nnagain

More information about the Nnagain mailing list