Firewalld Configuration for DIY Linux Home Router Gateway

This is part of a series of posts about building your own Linux home router using systemd-networkd. The posts are organized as follows: Connecting to CenturyLink using PPPoE and systemd-networkd Network Architecture and VLAN configuration Firewalld policy-based access control between zones This guide assumes you have a working knowledge of Linux, networking and routing concepts. This guide is built on Arch, but should be roughly translatable to other Linux distributions which have Systemd Networkd, Firewalld and pppd packaged at a relatively recent version.

Arch Linux Home Router Gateway using systemd-networkd

This is part of a series of posts about building your own Linux home router using systemd-networkd. The posts are organized as follows: Connecting to CenturyLink using PPPoE and systemd-networkd Network Architecture and VLAN configuration Firewalld policy-based access control between zones This guide assumes you have a working knowledge of Linux, networking and routing concepts. This guide is built on Arch, but should be roughly translatable to other Linux distributions which have Systemd Networkd, Firewalld and pppd packaged at a relatively recent version.

CentryLink Fiber PPPoE on Linux Router

This post is part of a series of posts about building your own Linux home router using systemd-networkd. The posts are organized as follows: Connecting to CenturyLink using PPPoE and systemd-networkd Network Architecture and VLAN configuration Firewalld policy-based access control between zones This guide assumes you have a working knowledge of Linux, networking and routing concepts. This guide is built on Arch, but should be roughly translatable to other Linux distributions which have Systemd Networkd, Firewalld and pppd packaged at a relatively recent version.

Programming Myself

The past year was a nightmare. Aside from all the things that happened in the US, my girlfriend and I moved to NYC on February 1st, 2020. We had grand visions of the exciting restaurants, bars, shows we were going to get to experience. We were aware of the strange new virus spreading in other parts of the world, but of course we had strong cognitive dissonance about it coming to the US.

Productivity Mystery

I listen to Planet Money and The Indicator pretty regularly. One theme that’s come up a few times is the issue of the productivity mystery. This was the topic for The Indicator yesterday. The mystery is: As technology advances, we should get more productive. However in the last few decades we have not observed that periodic advancement. The formula is roughly: Stuff produced / Time spent working Like mentioned in this episode, I believe there is no mystery.

A Tale of Two Sessions

What are sessions? Sessions are the means to identify users of your websites during subsequent requests without requiring them to pass along their username and password with each request. Typically this is done by associating a unique session ID with a user in the database. Sessions make use of cookies as the means of communicating the active session between the user agent or browser and the server. Cookies are a special type of HTTP header passed to the server for every request that the cookie is valid for (typically any request made to the domain).

Your Kafka Consumers: A Metamorphosis

It’s 4am Saturday. You jolt awake to the blaring of an air raid siren. You make a mental note to change your pagerduty ringtone before logging in to see that the data pipeline is fucked. While working to find the root cause of the lost messages and late deliveries, you consider selling everything you have and starting a goat farm somewhere remote. Hours after fruitless shuffling the consumers have all caught up and producers are no longer dropping messages.

Novena first thoughts

I recently received my Novena desktop edition which I ordered during the crowdsupply campaign. I’ve been anxiously awaiting it since the beginning of February. The box arrived in good condition with no obvious signs of being dropped or damaged. Opening it, I was greeted immediately with the schematics booklet which I proceeded to show off to my coworkers. I loved that the novena logo is everywhere on the hardware too, it looks great.

dhclient, resolvconf and Expected Behavior

I came across an interesting problem recently which was made more complicated by the lack of good documentation and the inability to narrow search results due to broad search terms. Additionally, it was made worse by the apparent lack of understanding surrounding how these programs interact. The problem had to do with the way that DNS resolution is handled on linux systems: /etc/resolv.conf This file contains the nameservers glibc uses when calling getaddrinfo in socket programming.

New Home Network Layout

For a while now, I’ve wanted better insight into network behavior on my home network. While I’ve been a long time advocate of OpenWRT as an alternative to proprietary embedded management systems, it’s frustrating to work with such limited hardware. Things like logging and packet capture become cumbersome because you have to forward those to other machines to consume, store or analyze. So this lead me to begin looking at other options for a home router.