[NNagain] FCC - delete, delete, delete

Robert McMahon rjmcmahon at rjmcmahon.com
Sun Mar 16 13:50:20 EDT 2025 

Hi David,

I'm glad it helped.

The reason for the breakouts are a few things:

o) reduce the fault domain when a failure occurs, including a power supply
failure which is exacerbated by POE. (I don't use POE)
o) leverage different non recurring engineering (NRE) pools, i.e. each
domain is done by engineers specializing in that domain. Any group that
claims deep expertise in all are fooling themselves
o) Gateways tend to use a programmable forwarding plane, typically via CPUs
or NPUs. This is both a fault and attack service. 802.3 forwarding is so
well known it should be done in RTL and realized in transistors.

An all-in-one gateway goes against this. It's cheaper and easier but not
robust enough by my opinion.

As an aside, the Space Shuttle computer system handled byzantine faults
similarly, 4+1 redundant computers that voted at check points. Coded by
different contractors.

I started my career working networks for the initial Space Station design.
We had to identify fault domains first, then build fault tolerance and
redundancy per those. It was called FDIR - fault detection isolation and
recovery.

I then went to Cisco where router engineers thought it ok to have buggy
code and hammer resets because the protocols were designed for self
healing.  But that healing takes time and causes disruptions, e.g latency
spikes.

APs are closer to the latter. Fi-Wi with remote radio heads will be closer
to the former.

Bob


On Sat, Mar 15, 2025, 11:49 AM Daniel Ezell via Nnagain <
nnagain at lists.bufferbloat.net> wrote:

> This is one of the most helpful posts on this list ever. I appreciate the
> whole scope of the discussion, but from time to time you guys drop a gem of
> helpful advice for my real-world needs. Nothing may ever top Dave’s 2021
> email with the crontab script for updating OpenWrt, but this will certainly
> be a reference for me as I prepare my home for the upcoming revelation of
> 10G Sonic Fiber later this year. Thank you Bob, and thank you all.
>
> Daniel Ezell
> https://chronos.academy
>
> > On Mar 15, 2025, at 11:16 AM, Robert McMahon via Nnagain <
> nnagain at lists.bufferbloat.net> wrote:
> >
> >>
> >> In case it's not clear. I am NOT happy with how device manufacturers
> ship old
> >> code and never update it.
> >>
> >
> > I was unhappy about my home network and my paying job is to provide
> > components for such.
> >
> > My home network wasn't resilient enough to carry entertainment,
> > productivity (including distance learning) and medical traffic.
> >
> > The fixes so far have been:
> >
> > o) Don't use an all in one AP anywhere, just use it for wireless bridging
> > o) Use a fronthaul architecture (2.5G - will go to 100G when Fi-Wi is
> ready)
> > o) Use a dedicated firewall & dhcp server with AQM such as fq_codel (I
> > use a protectcli vault)
> > o) Connect the APs (4 for me in 100 sq ft) configured in bridge mode
> > and optimize spacetime, allow for proper RF overlap - not too much,
> > not too little, but just right like the story says.
> > o) Use AP's that support the 6G band
> > o) Use keep connect devices to detect AP failures and power cycle them
> > (hammer approach)
> > o) Use separate ethernet switches where 802.3 switching is needed
> > (don't use the AP integrated switches, they go down per the crappy
> > gateway sw you're likely talking about)
> > o) Implement DHCP guard to protect against rogue DHCP servers
> >
> > Then for monitoring
> > o) Install rpi 5bs with INTC BE200 and pcie Wi-Fi adapters in the
> > rooms that need monitoring
> > o) Install kismet and integrate with kismet to monitor
> > o) Turn on firewall & WAN port monitoring services
> >
> > Only access to devices is ssh with encryption keys, and configure ssh
> > passwordless access.
> >
> > Now, my family can be entertained, do their work and learning, and use
> > their medical instruments with high in-home reliability.
> >
> > It's a thankless job we Dads must do. The home frustration level goes
> > way down and the complaints of "Dad, the internet isn't working again"
> > have gone away - except for when the OSP goes down. The OSP provider
> > tends to send information to me when that happens so my family can
> > work around it.
> >
> > Bob
> >
> <Medical-Devices-with-Wi-Fi-03-15-2025_10_41_AM.png>_______________________________________________
> > Nnagain mailing list
> > Nnagain at lists.bufferbloat.net
> > https://lists.bufferbloat.net/listinfo/nnagain
>
> _______________________________________________
> Nnagain mailing list
> Nnagain at lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/nnagain
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.bufferbloat.net/pipermail/nnagain/attachments/20250316/bcbdce2b/attachment.html>

More information about the Nnagain mailing list