azl

I support this law (fuck cars), but if you step into the street thinking an oncoming car won’t destroy you like a pinata stuffed with ketchup packets, you have survived the luckiest lawsuit-free 28 years.

Pretty cool. I wonder if this could be scaled up to a more life-sized print? Maybe go-kart sized???

The STL files are $27 - not free, but I’m sure the designer put a ton of hours into this.

I don’t want to get in the way of your argument re. Usenet, but spinning hard drives will last longer if they stay on. Starting and stopping the spindle motor will impart the greatest wear. As long as you have the thermals managed, a spinning disk is a happy disk.

This also works for binary cable or interface connectors formerly known as “male” and “female”.

You would need to run the LLM on the system that has the GPU (your main PC). The front-end (typically a WebUI) could run in a docker container and make API calls to your LLM system. Unfortunately that requires the model to always be loaded in the VRAM on your main PC, severely reducing what you can do with that computer, GPU-wise.

The features sounded good enough for me to click with intent to buy (as a firewall/router), but no SFP and no PCIe expansion slot means I can’t use it with fiber. And with just one 10Gb port, the maximum it will be able to pass through is 2.5Gb/s (assuming the rest of the board is up to the task).

Looks like it would be nice for a small home server.

For what it’s worth, since it sounds like you will be hardware shopping soon: I am using a 2.4GHz Intel Atom C2758 running pfSense and get 2Gb/s down and around 1.5Gb/s up through it. I am using an add-on Intel-based PCIe network adapter, so I’m not sure if that is helping with the CPU load. But it works well.

I’ve been doing it this way for many years, before LetsEncrypt was around. Maybe some day I will switch so I can become dependent on another third party (though I do use LetsEncrypt for public-facing services).

Yes, telling your computer to trust a certificate chain that you are responsible for securing may significantly increase your attack surface. It’s easy to forget about that root cert (I actually push mine via GPO).

Saying files are encrypted when it is not true is an issue, regardless of who owns the host box. Even for a small instance that is private family or friends.

Just some advice for others who want to avoid the same experience: The larger the roads, the less interesting the roadsides. Interstate highways were made for getting from big city to big city and are rarely scenic or memorable.

Yes, this is totally possible and I did it for a couple of years with OPNsense. I actually had an OPNsense box and a pfSense box both on Hyper-V. I could toggle between them easily and it worked well. There are CPU considerations which depend on your traffic load. Security is not an issue as long as you have the network interface assignments correct and have not accidentally attached the WAN interface to any other guest VM’s.

Unfortunately, when I upgraded to 1Gb/s (now 2Gb/s) on the WAN, the VM could not keep up. No amount of tuning in the Hyper-V host (dual Xeon 3GHz) or the VM could resolve the poor throughput. I assume it came down to the 10Gb NICs and their drivers, or the Hyper-V virtual switch subsystem. Depending on what hardware offload and other tuning settings I tried, I would get perfect throughput one way, but terrible performance in the other direction, or some compromise in between on either side. There was a lot of iperf3 testing involved. I don’t blame OPNsense/pfSense – these issues impacted any 10Gb links attached to VM’s.

Ultimately, I eliminated the virtual router and ended up where you are, with a baremetal pfSense on a much less powerful device (Intel Atom-based). I’m still not happy with it – getting a full 2Gb/s up and down is hard.

Aside from performance, one of the other reasons for moving the firewall back to a dedicated unit was that I wanted to isolate it from any issues that might impact the host. The firewall is such a core component of my network, and I didn’t like it going offline when I needed to reboot the server.

There are some SRV and other records which you add for the AD-provided services (kerberos, gc, ldap). This allows your Windows clients to find the domain controllers for authentication via your non-Windows DNS. I think I might have followed a Microsoft or other article when doing the initial setup, but once getting those items in place I haven’t had many issues.

I do. 4 or 5 users and several computers plus virtual server members. I still use Linux for DNS which works surprisingly well after the initial setup.

I did it half for practice and half for fun, but having the authentication backend makes it good enough to keep around.

Nice. Might come in handy for others considering how common that USR modem design was. I would have liked to see a power-on shot to see how well the PETG lights worked.

Just want to clarify - after looking at Porkbun’s DNS offerings, it does not appear they do DDNS either. Is that correct? So they are not any better than SquareSpace for that service. Porkbun does have an API interface.

It looks like Namecheap has DDNS support (at least I get valid-looking results when I search for that on their website).

I haven’t changed registrars in 10+ years. I am in the same boat re. Google -> SquareSpace. Is DDNS deprecated in favor of API’s across the board? It looks more complicated to set up.