why is your network like this?

Well, at the moment my network is actually flat :)

This is an experiment I'm doing because I wanted to have all the management stuff on a different subnet (eg. adguard dns is on the "regular" subnet everyone uses, but its web interface is on the special subnet only select devices can talk to).

Of course (like with most stuff in my homelab), it's not like I really have a super-compelling security reason to that, it's mostly that I wondered "what if?" :D

Oh. the ping option you are referring to is -I (upper case) and takes either an interface name or an ip. I did try giving a .10/24 IP to the PC and the results were consistent with scenario 1 (pings where source and destination are on the same subnet work, pings acrrss subnets don't), so I didn't mention that in the OP

I don't think I quite explained the situation well enough: my server only has 1 ethernet port (same as my PC), otherwise I wouldn't have bothered with vlans (well, I would still have bothered, since my house still only has one "backbone" cable running through it, but I would have configured it on the switches only).

Anyway... a few of the things you say/imply go against my understanding of networking, so one of us would better go back RTFM as you suggest :) (just kidding - most probably I just don't understand what you mean)

Thanks! Forwarding is disabled. I don't want the server to steal the router's job :)

So the request goes trough but the replies are discarded ? That could actually be it!

I think there was an option to allow that... I'll search it and give it a try. Thanks!

I tried dropping the default routes (one at a time) and it doesn't make a difference, which isn't (I think) surprising as all traffic is local as far as the server in scenario 1 is concerned. Also IIUC only the default gateway with the lowest metric actually counts.

If going the route of a backup solution, is it feasible to install OpenWRT on all of my devices, with the expectation that I can do some sort of automated backups of all settings and configurations, and restore in case of a router dying?

My two cents: use a "full" computer as your router (with either something like OPNsense or any "regular" linux distro if you don't need the GUI) and OpenWRT on your access points.

Unless you use the GUI and backup/restore the configuration (as you would with proprietary firmwares), OpenWRT is frankly a pain to configure and deploy. At the moment I'm building custom images for all my devices, but (next time™) I'm gonna ditch all that, get an x86 router and just manually manage OpenWRT on my wifi APs (I only have two and they both have the same relatively straightforward config).

It’s a pain that I know can be solved with buying dedicated access points (…right?)

Routers and access points are just computers with network interfaces (there may be level-2-only APs, but honestly I've never heard of any)... most probably your issue is that the firmware of your "routers as access points" doesn't want to be configured as a dumb AP.

Does it still? Looks like the bubble is about to explode

How much data are we talking about?

A free mega.nz account should be fine for everything except family fotos and legally obtained music/movies.

Personally, I always regarded UUID as one of those overcomplicated and frankly unneded "enterprisey" standards (similar to SOAP and XSD, XSLT and various other XML techonologies). After reading this article my opinion didn't change.

Also... do they even know what "version" means? That they choose that word over "type" or any other alternative says it all.

UUID Version 7 (v7) is generated from a timestamp and random data.

Use v7 if you're using the ID in a context where you want to be able to sort. For example, consider using v7 if you are using UUIDs as database keys.

Please, do NOT rely on that and just add to your tables a field with the actual timestamp.

Not sure I'm getting the issue here (what does "join table" mean in the scope of JSON/XML?), but... doesn't how you lay out your data in JSON/XML file have zero impact in your application's queries? You won't be querying the JSON - you'll be loading data from it into memory and query the memory.

I last used it a good while ago (like, 10yrs?), so you'll have to verify how what I am about to say applies to current versions (it probably does).

Jasper is an old-school, enterprisey tool similar to Crystal Reports that attempts to give you a WYSIWYG editor for building your reports.

All in all, I'd say that it might be good if you have a reporting department full of people that only do reports and you don't want to train as programmers. If the ones doing the reports are gonna be actual programmers, they'll be much better off generating html/latex/whatever and converting that to pdf.

I'd say a good middle ground could be making that stuff only visible from your mom's user (or even setting up a completely separate server)?

It depends on what YOU want to do, really... personally, I would be ok hosting religious nonsense if asked, as long as it's not generally available in kids' accounts and stuff (also, porn), but I would come clean and outright refuse if it was neonazi,racist and/or conspiracy stuff. It depends on where you decide to draw the line.

BTW: there's also the passive/aggressive, cowardly option of sayng "I'll rip them when I have time" and then sequester all the DVDs and only ever find the time to rip the ones you don't mind

man this is getting real popular (kinda like "why not both?" a while ago)

IMHO Ansible isn't much different than a bash script... it has the advantage of being "declarative" (in quotes because it's not actually declarative at all: it just has higher-level abstractions that aggregate common sysadmin CLI operations/patterns in "declarative-sounding" tasks), but it also has the disadvantage of becoming extremely convoluted the moment you need any custom logic whatsoever (yes, you can write a python extension, but you can do the same starting with a bash script too).

Also, you basically can't use ansible unless your target system has python (technically you can, but in practice all the useful stuff needs python), meaning that if you use a distro that doesn't come with python per default (eg. alpine) you'll have to manually install it or write some sort of pythonless prelude to your ansible script that does that for you, and that if your target can't run python (eg. openwrt on your very much resource-constrained wifi APs) ansible is out of the question (technically you can use it, but it's much more complex than not using it).

My two cents about configuration management for the homelab:

• whatever you use, make sure it's something you re-read often: it will become complex and you will forget everything about it
• keep in mind that you'll have to re-test/update your scripts at least everytime your distro version changes (eg. if you upgrade from ubuntu 22.04 to 24.04) and ideally every time one of your configured services changes (because the format of their config files may in theory change too)
• if you can cope with a rolling-style distro, take a look at nix instead of "traditional" configuration management: nixos configuration is declarative and (in theory) guarantees that you won't ever need to recheck or update your config when updating (in reality, you'll occasionally have to edit your config, but the OS will tell you so it's not like you can unknowingly break stuff).

BTW, nixos is also not beginner-friendly in the least and all in all badly documented (documentation is extensive but unfriendly and somewhat disorganized)... good luck with that :)

With the very limited number of drives one may use at home, just get the cheapest ones (*), use RAID and assume some drive may fail.

(*) whose performances meet your needs and from reputable enough sources

You can look at the backblaze stats if you like stats, but if you have ten drives 3% failure rate is exactly the same as 1% or .5% (they all just mean "use RAID and assume some drive may fail").

Also, IDK how good a reliabiliy predictor the manufacturer would be (as in every sector, reliabiliy varies from model to model), plus you would basically go by price even if you need a quantity of drives so great that stats make sense on them (wouldn't backblaze use 100% one manufacturer otherwise?)

IIUC you can flash LineageOS on the shield (if you try, let us know how it goes)

https://awesome-selfhosted.net/tags/personal-dashboards.html :)

Good catch on my megabit vs megabyte blunder!

One of the most exciting additions to the Raspberry Pi 5 feature set is the single-lane PCI Express 2.0 interface.

IIUC PCIe2.0x1 means 0.5GB/s, which is slower than USB 2 (I'm talking USB 2 specs - no idea how USB actually performs in PIs). I can't wait for people to buy that NVME hat and mount WD Blacks on that :) READ BELOW

One thing you can try doing before throwing away the router (which is probably the exact same one your neighbor use) is checking the channel situation in your condo with an app like WiFiAnalyzer and also try moving the router around (some spots are better than others - and hi up is usually better)

That said, ISP routers are often terrible.