 Welcome to a Sunday stream. Good morning, everyone. Open speed test, you got this. Morning all. Thanks, Cody. Matt, good morning again. All kinds of fun people here this morning. I should probably schedule these further out so people have a time to, I don't know, know what's happening, I guess. I do my best. I post it in here on YouTube, of course, but I also post it on Twitter, I post it on Mastodon. I'm not sure where else I should post it. It does go into my forums as well, listed as a live stream. So I do as much as I can to get the word out for people because people ask how to subscribe or get notices in YouTube. Well, YouTube doesn't always just make that easy because why would you want people to know? They want you to see a variety of content or something. I don't know. Their algorithm doesn't necessarily make sense to me all the time. I don't even know that it makes sense to them. But here we are. I'm glad all of you are here. All 50 of you. So we're going to start with some questions around security cameras. And I can clearly never cover enough of this topic. And then there's always, and I don't get too deep into the people who have clear misunderstandings of technology. Sometimes I will read some of their posts because they make me laugh. This particular person here, whoops, I didn't put my keyboard on the right side. I bumped the keyboard and here we are. Let's go ahead and throw this in here. Stumbling around dark and looking for coffee. Yeah. Greetings from the Bronx. Uruguay, New York. All kinds of place. Still booting up. Yes, it's still early, so we're still getting booted up. I wake up at 5 a.m. So this is like my lunchtime-ish, I guess you could say. I don't know. I don't know how that works. I just like waking up early. Well, I don't know if I like it. I just don't know how not to do it. I've always woke up early. But I'm going to pull up some of these comments. I accidentally refreshed the page and I'll share the screen here in a second. Where did that person go? There we go. Let's start with the craziest comment first. Because why not kick it off there? There's just a lot of people that have a hard time understanding how security works. Let's go ahead and zoom in to make this a little bit more readable. Do we have to scroll down further again? Yes. And hopefully you guys can read that. Can I go on a little further? Hold on. Did that get rid of the comments? We scroll like this. Yes. There we go. Now we can pull them across the screen. What I do is I zoom in until it goes to the mobile version. I will go to the bottom where the crazy comment is first. Here we go. And like I said, I don't obsess with the YouTube comments too much. But yes, there's just all sometimes people really, I don't know. And I don't want some person's comment to ever lead people down the wrong path of misunderstanding security like this person has. But the question is why bother with Chinese cameras at all? The only way I would even remotely trust them is to air get them at that point. And there's no point. Listen, I barely trust the couple of camera companies that are US camera companies. Cameras are 100% to each street for security, non-security. And comes down the price. That's a fair assessment right there. Your comment starts out fair. It is a price factor. People ask about what about insert name of, I think someone actually commented on my video today about Bosch cameras, Axis cameras. When you compare the price of those cameras, you'll see that they're not like a little bit more. You're not paying 20% more. They are a substantial step up in price. And that's what drives a lot of these is the price consideration. Now this person wanders off into Chinese law or something like that. I don't care about that comment. It's not relevant. This is the way they have a complete misunderstanding. The mere fact that you believe any networking protects you is just humorous. That just shows when someone says something like that. It lets me know they just don't understand how networking works. And I, in the way I see it, and it's not me just poking at the person, but it is the comment that when I see someone say something that's kind of outlandish, it's usually because they come from such a misunderstanding of how the technology work. It's very mysterious to them. So the way they come up with their comments is they're projecting their mystery onto you going, look, this is all just magic packets. And you think that rules will stop those magic packets from landing somewhere. Yes, I do because I understand how the packets work. I understand how the network engineering works. And this is where a lot of people get kind of tripped up on things where I know this is very complicated. If you don't understand it, does not mean someone else doesn't have an understanding of it. People a lot of times blanket their statements like that. And I've always tried to encourage, you know, I do this myself. Like if I don't understand something, I just stop and say, I don't get it. I don't understand how that works. And I think that's a way better answer. And a lot of people just kind of dive into this. It's kind of weird to comment you get on YouTube about that. There's another person up here that talks about, and this is another thing that's happened. And there's the tiniest bit of truth in it. And where was it right here? Let's see. This is false security of any logical barrier by just using a different subnet as easy as subvert if it's truly a rogue device. Simply sniff the network to find what other subnets are around and even on a switched network. And then the IP alias address other subnets and even has no internet. Now this rogue system can talk to your production systems and find a vulnerability, et cetera. That's pretty absurd as well. Now I will admit, one of the cheap, was it a trend net? Oh, let me look because I did a review of one of these devices. And that was one of the problems with them. I think it was a trend net. Let me look up the part. It was one of the cheap switches. And maybe that's what I have to search. It was a fee, well, an expensive budget TP. It was a TP link. And this is one of those things when people ask me about TP links. This is one of the problems with them. There was a TP link switch that you could simply change the IP address and get to the interface for it. I mean, I don't really feel or see anything in TP links history. It makes me think they're a company that cares about security first. They care about security enough to get you to buy their product, but no more. And that problem with that TP links, which I could literally just switch the IP address and always get to the management interface. Yeah, if you're using really low quality hardware, that's probably absolutely a problem. If you're using something like I do, or there's more than just Unify, of course, I'm completely aware Cisco as well. If you set up proper VLANs on a unified device, a Cisco or insert name of many other properly built equipment, you will have clear security for those. You can't just automatically VLAN hop by swapping IP addresses. Not to mention, I don't think these cameras are randomly swapping IP addresses to try to scan other subnets. So it's one of those things that just people start, you know, not understanding how some of the technology works. So they make assumptions or maybe they watch too many. Well, we'll just call them glamorized TV shows or movies where they hack everything and, you know, in some absurd way. So I think that's where people get off topic on the security things quite a bit. If you reply a couple of times to those people at some point, I'm not here to, you know, interfere with them about it. I think we'd all run high end America made cameras and we can afford it. Yeah, that's really what it comes down to. And not necessarily, it's not, and I was trying to find this a little bit better. It's not where the cameras are made. It's all about where the firmware is made. The reality is the iPhone is built in China, but the firmware on the iPhone is what drives it. It really comes on to who wrote the firmware for it. Because even the other cameras that may have be by other manufacturers, I'm willing to better probably not built physically top to bottom with all the chips and everything here in the U.S. Generally, it's just not the case. But the firmware being here is where all the differences. The firmware is really what it comes down to not as much the hardware. So it's whether or not the firmware was built by someone you trust. And there's a couple of problems with the firmware that comes on these cameras from China. And it kind of goes back to, and I wish I remember the podcast I was listening to. They were talking about one of the challenges in China that they face right now is a really interesting one. And you can think about this if you've worked in technology and you've worked, especially in the U.S. But I imagine it's like this in a lot of places in Europe. There's a lot of senior engineers or let's expand this out. You work in chemistry. There's usually a senior chemist. So even though you may have a chemistry degree, you're working in that field, there's usually someone with senior knowledge already working in the field. China is very different because they're more of a startup and they don't have as many senior engineers working in there. And it creates some challenges. It's not like this all the time there, but it does create challenges in the way they may build things. Also because they're trying to build things as cheap as they can frequently to undercut the market to get sales. The quality of the code is not the primary focus. When you're selling something, not cheaper, but like one eighth the price, where do you think the sacrifices are made? And because of that market competition, we sell these to be competitive because if I told someone and someone mentioned Bosch cameras, I looked them up. I mean, a similar to the Amcrest camera Bosch camera, I think was $700. $700 per camera. The Amcrest cameras bought in bulk are $89. So $89 versus $700. And when we're putting in 20 cameras, which bid do you think someone's going to go for? People ask for the, I've had plenty of people ask. I want a made in America. I want to access camera. No problem. Here's the two quotes. I don't have a problem doing it. I just, as long as you'll approve it, I don't care what cameras I install. It comes on the budget. If your budget allows for it, awesome. But anytime we've given that quote out, there's a pause and go, that's not a little bit more. That's not like a 20% price increase. I'm like, exactly. So it's a huge different, huge difference on that. So yeah, 100% correct. Manufacturer location versus software location. Yes. Would you still use UV? I wouldn't have used UV from the beginning. So UV is an interesting subject because they're doing all this. They're doing all this cloud stuff that they weren't clear about. Now, they weren't clear about it up front. Reality is, you know, I actually think I wouldn't watch the video done by the hookup. And I thought it was a good video. If you watch, watch the hookup and or take on the UV cameras. Well, I think it's a fair assessment. It comes down to what your risk is. Do you want these features? Do you want them in the cloud? Do you want a cheap camera? Now, the fact that they said no cloud is a huge problem. That's where they have a dishonesty problem. And it's not that I tell everyone you should never use the cloud because reality is, I just remind people like the ring doorbell is a really popular system. Do you trust ring? That's a in as long as you're aware, I always preach awareness. I like to give people data. I'm not the decision maker. I'm just the person trying to educate you because I don't sell the ring camera. I don't sell the UV camera. I think you should always be aware. And I think it's wrong that you fee obscured how they did things. But the reality is you should always just be an informed consumer. That's my stance on all of this. Do I have a UV camera? No. Do I have a ring camera? No. Do I have some other cloud enabled camera? No, no, no. I don't want one. So if you want my opinion of what would Tom buy, none of those things. There's a reason I'm using this analogy and I'm storing all of my surveillance footage locally. So I have definite opinions for what I should buy. But in the big picture, I offer, you know, what should you buy? And we have clients of ring doorbells that we helped put in. Why? It's a solution for what they wanted, the budget, and they are aware that at this public place that they have the ring doorbell, it's an easy way for them to be able to see the people coming to the back door of their business. They're aware that, you know, the footage goes to the cloud or whatever, but they're perfectly fine with it. And it's rather convenient for them. So that there is a informed consumer who made a decision and we put a ring in on the back of their building. So that's kind of my thoughts on a lot of that. I'm not trying to, I always try to just be a data point, not a decision point. It depends also on what camera is viewing. Chinese spies or what happens on someone are interested in what episodes back here. It is okay. Camera in your office is a bit different. Yeah, it comes down to what they're interested in, what they're going to do with the data. I don't know. You know, it usually, and China has been pretty forward about this in the big picture, China wants intellectual property. They are probably one of the absolute consistently large consumers of any of our intellectual property to get their hands on. So they can make it. Matter of fact, there's a lot of them that look at Kickstarter campaigns. I remember someone pointing this out. I thought it was interesting of manufacturing things, making it look like Kickstarter campaigns so they can get on the market faster. I mean, it's, it's just a money thing. It's not a nefarious spying without reason for mystery and conspiracy to some group of people. It's like, no, we want to see how that works. So we can make it. And then we can sell it to you. It's just business. A huge amount of it is that. So, uh, Willie says Bosch is OEM by several overseas manufacturers. Okay. Flip side of seeing engineers is that they tend to be rigid in their ideas. Yeah, there's, there are certainly the depictions of the gray haired senior engineer who is absolutely filled with extremely strong opinions on things. And any technology and this is, this is actually a funny anecdote here. My friend worked for Ford engineering for a while and we talked about some of the people how you, you know, you're trying to engineer vehicles. You're trying to be forward thinking your design for the consumer market and who would buy these vehicles. You do have some people that stop and like they stop progressing in their knowledge and things like that. But the anecdote about the Ford engineers was my friend that worked there said, he said, when they quit buying new suits, when their suits were from 20 years ago, they also was a sign that they were no more, no longer forward thinking. And I thought that was kind of a funny little anecdote. Not that I think we should, you know, use that as a absolute gauge of once they, you know, stop progressing their clothes that's always going to be analogous with they've stopped progressing. But I thought it was kind of a funny anecdote there when they quit buying new suits and sometimes when they realize the engineers might also be full of old ideas. But yeah, we know there's definitely some old ideas out there held on to by the, well, the gray haired folks that just kind of lock you in. And we're still, I met one of them that was really insistent we should still be using Internet Explorer. They were really upset about, well, Windows 95 being discontinued. And I'm like, you still work intact. That's, that's fascinating. Okay, cool. There's someone making chips here. Home Assistant setup IOT. Yes, I am definitely a home assistant fan. I'm the same thing. Yeah, if you kind of get where Tom's going, I like to keep things local such as my home assistant here. So absolutely. So would you push camera backups to C2? I believe that's what they have now. It depends that comes on the use cases as well. There's actually some advantages to using the C2. The encryption that they offer. Now, if you're encrypting it, yeah, I don't see a big deal with it. But sometimes you don't want it encrypted because you want to be able to share it. So maybe that's a reason and maybe that use case works because sharing your parking lot footage with a few other people via this C2 system, you know, maybe that's something you want to do. Now, Synology does support backups that encrypt prior to leaving. So I think that's fine. As long as you're aware, once again, preaching awareness here, and a lot of times, well, for compliance, we have to encrypt before it leaves. So if you are doing those things, you should be perfectly fine. And it's, you know, you don't have to trust the cloud place you're storing it. If you're encrypting it before it leaves, suddenly that doesn't matter as much. Need to understand VLAN rules for your home network? Yes. How much snow do we have? No snow at all. We have, let me find it here. Oops, I got to sign in. I'm not signed into my own Synology. That's a shame. Let me sign in real quick here so we can clicky-click. There we go. And there we go. No snow. Actually, we have some sun today. So there's my backyard. We had wind last night, so the buckets got blown around, but there. There's my front yard with no snow in it. Don't blame me on the senior sysadmin. Is Kemp better than PF-Century HAProxy? I don't know why I would use Kemp over HAProxy. I have no idea. I can't find a use case HAProxy's open source, extremely popular. Why would I use Kemp? I can't find some advantage it has other than you can pay for licenses for it. I guess if, you know, if that's what you want to do, but I don't really understand why you'd want to use it. I mean, maybe someone's out there promoting it because they were paid to promote it. That's definitely a possibility, but I, I'm not running around promoting it. So sometimes people ask, I don't know why people are, why ask, like I haven't found the use case. And we run into HAProxy in a while, but I've never run into a Kemp load balancer in a while. I'm saying there's no one using it. Just none of the clients that have contacted us are using it. Senior t-shirt and t-shirt and jeans. Yeah. Do you see much IPv6 in a while? Not really. It exists, but no. We actually had to disable it for a client because it broke something. It was curing up something on our network and we disabled it and solved their problems. So when we, we usually don't have to mess with it, but I can't remember what the problem was. It was one of my staff consulted on it, but turning off IPv6 magic fixed the problem. November has passed and still no PF sense. Yeah, it takes time. Yeah. If you haven't done it, still in C2 could save you or backups. This is true. I wish Unify would come out with some backups for protect. I wish Unify would just let us back up in general, like some type of local extra copy of the data in there, but I'm not going to hold my breath on that. Yeah, sun came out for the first time in a week. When I finished my home lab, CCTV beginning up IP cams. Do you have any recommendations as I will be adding Home Assistant? Also with them for VPN access. So I really like the Home Assistant combined with my Synology system. Cause by the way, these, you know, like my porch cam here and this, you know, where I can see my driveway. If you notice this is the Synology that I'm using for this. So I'm, I'm a big fan of the Synology. I have videos on it with the, and I have links to all the cameras. I use the Amcrest cameras on my Synology. And yesterday I made a video about, you know, really detail a little bit more detail about how I locked down the cameras. So I've not joined my current two weeks. I just shoveled one and a half feet of snow. Wow. That's a lot. I plan to build a PF sense router. I can't buy old PCs. So I thought I could invest a new PC. What processor would you get currently deals? I mean, I can't buy old PCs. I mean, the reality is it takes so little. It'd be kind of wasteful to build a new PC, but you know, find out what's on sale. Because it takes so little to run a PF sense. Even with gig routing, it's not something that takes a lot. So create past races or over 12 characters. Is there some hacky scripts available to protect from my understanding as they break on upgrade? Oh, yeah, yeah. That's this is the thing. A lot of people modify their unified dream machines to make them do what they want or their protect systems. But the break on upgrade, this is why we never use them in a commercial support environment because they'll type of things break on upgrade. Open source CCTVs after campus and your brands like to who a Hick vision. I don't know of any good one out there. I mean, what is that one? There's the one that exists, but I've never, every time I've looked at it, it was just garbage. It's been around for a long time. I can't remember the name of it. There's a couple of you type in like, you know, open source and VR. Let me find the name of it. See, is this new zone minder? That's one of them. So let's, uh, six open source and VR solutions. Uh, shinobi, um, zone minder, moonfire. Hmm. I haven't looked at these in a while. My problem is every time I've tested them, they were just not great. If someone knows one that's good. And it's funny because like this one here, motion iOS, let's go over to the GitHub real quick. If I'm not mistaken, um, oh, someone actually finally picked this up. Awesome. Literally very new. So, uh, motion. I project it up organization with new developer team. Please check out the dev branch for current development. I'm happy to see that someone's doing this. This is one of them. I like, but it, uh, it stopped. So I'm actually excited, um, to take a look at this, but I've never seen any of them that made me go, this is good. They usually said, uh, they're, they're not so good, but motion. I was a cool one. I actually did a video on motion. I, I've covered it before, uh, but I would not, none of them I've seen have even close to the features analogy has. Uh, they're often a lot harder to configure. Um, but you know, it, it depends on how much time you have. It's probably a good learning experience doing it. So I would definitely say that, um, it, it's a, you know, setting it up and building it with raspberry pies and things like that. So, you know, definitely, um, I think the learning opportunities there, if you need a project and I just don't really have time to dig into them all. Cause every time I, like I said, every time I looked with the exception of ocean eyes, the only one I said, Hey, this works well, I'm actually, I'm going to update one of my motion eye boxes. I actually have a few raspberry pie cameras I bought cause I liked playing with the motion eye system, uh, for doing internal surveillance stuff. So I'm excited to learn that. Hey, that's actually up and running again. Budget managed switch. You'd recommend. I mean, it kind of depends. Make or tick makes that, uh, a good switch. Like I don't think maker ticks bad, but you have a bigger learning curve with it. The. Unify ones are probably your highest quality budget friendly ones out there. Uh, that's why they're so popular. It's not just cause I'm a unified fan boy. It's when I look at some of the alternatives, I'm like, these just kind of fit the bill. Uh, they're inexpensive. They're easy to use and that combination makes it relatively good choice. Meeker tick less easy to use, definitely very budget friendly though. So maker ticks aren't bad as long as you're willing to take the time to learn them. Zone minder was one I was definitely thinking of earlier. The problem I have a blue iris is that it runs on windows. Um, and anyone here will look up. Um, it's blue iris. It's a popular system. A lot of people like it. I would never run it commercially. Um, it seems to be very customizable. Um, I've watched a couple of people talk about it and do some videos. Um, but it. Definitely. Um, let's see. Uh, I seven and the, uh, yeah. Microsoft windows seven newer equivalent. Um, oh, yes. So it does require windows and that's one of the things I never liked about it. Yeah. Motion is cool. But needs raspberry pi or similar SBCs, but I mean, yeah, the tricky part is building an enclosure to use them outside. Not going to be easy with motion. I, uh, but building little projects, like if you, if you follow my channel for a while, I used to have my old house. My sump pump camera was built with motion. I, uh, you can set all kinds of things to, you know, trigger events and, uh, watch different things. And for setting up internal home cameras. Uh, I think they're great because there is no cloud. I mean, you could send the data to the cloud, but motion. I is an open source project. So you can understand the code that goes into it, attach it to a small raspberry pi or a raspberry pi. It works with some of the, um, are the raspberry pi zeroes. It works with some of the smaller raspberry pies as well. And, uh, you'll work fine, even with the raspberry pi three. Uh, so you don't have to have a new raspberry pi for to run it, plug in a camera. And I think it's a great project for learning. Uh, can I play P, put PF sense behind my IC rotor. Really want to get my feet wet, but can't jeopardize users. Yeah, of course you can. Uh, you can double nap PF sense in a lab environment. Works perfectly fine. The, uh, PF sense lab environments. One thing you need to do is go in and check. I'll show you real quick. I think I can do this. Let's see. I would think it's going to be under interfaces. Yeah, right here. What do you have to do? Let me, uh, zoom it in. All right. Now I can share screen. Share this tab instead. There's an option to, uh, block private networks. Just make sure this isn't checked. Um, you, you want to uncheck those boxes for your lab stuff. That's, that will allow it to do that. If not, you'll run into a different problem, but you can, you can double that like that and stick it behind your ISP router. I miss my Linux box so much. Open source is much easier for the most part. Once it's configured. Yes. Uh, different IP of the subnet. Yep. On the other scale. Uh, have you done anything with CBS? Done anything to see what is a CBS 350? I'm going to go with, with, cause I have to Google what CBS 350 is. Answer is, oh, that's a Cisco business. You just didn't feel like taping Cisco business. I've tested it. Well, I need to finish the review of it. I like the switch. That's probably a decent switch too. That's in the budget friendly range. So, um, did you miss anything? Nothing you can't watch. I don't think I shared any earth shattering things on their Hans. I see need to find more expensive and Cisco new K prices. Yeah. Now finding hardware is a whole different one, but let me pull up that Cisco. Um, these Cisco business switches. Let me find, is there, I guess it depends. Let me share this tab. So I have a couple of these and I've been testing them. So I have not tested that Cisco business dashboard stuff. Depending on how inspired I feel today, maybe I'll play with that today. I have a lot to do. Um, but I can have it before Christmas. Yay. Or I can go in my office and, uh, my storage room and grab one. But yeah, the Cisco business ones weren't bad. They have a VLAN wizard in the web UI. So I thought that was cool. Do I recommend like sell manage switches? I do not like like sell at all. Uh, they've had back doors in our products. Makes me kind of not like them. Uh, unify needs a controller for every device. Unify needs a controller for many devices. Uh, device like firewalls use ARP spoofing to redirect traffic. Uh, monitoring. Why does this not work? My mainly do a better cap. And apparently some routers block this. Yeah, some things will block, uh, ARP spoofing. Cisco business switches. Uh, do you have any info about restocking? No. And I wouldn't recommend the USGs anyways. Uh, what do you generally even use up CCTV? Some of your clients other than Synology, a cheaper one. No, we don't know any cheaper than Synology. Synology is the cheapest ones we do. Uh, we actually do more expensive ones. I don't talk about as much because I don't think there's any interest on them in YouTube. Uh, we've done some large exact vision installs. Um, but when people see the licensing, it's probably not a YouTube audience thing to talk about exact vision. Um, there's another company too. There's a few other high-end companies that we've worked with. Uh, sometimes there's vendor, the, the, in the job we're doing is just the network integrator and network install and physical part. Someone else sometimes has chose the NBR and you know, that's fine. We don't have a problem with that. Uh, but there's not much interest, I think, on YouTube on those ones. They're just really expensive. So it, you know, some made a meme that I seen over on Reddit, uh, talking about YouTubers that, hey, we're just going to review this, say, $15,000 router and talk about it as if you could configure it yourself. And it's kind of how I feel if I were to do a video on a, uh, what do you call it? Um, some stupidly expensive, uh, licensed NBR system. I have a Huawei GPON, checked new one. Um, I've not done anything with GPON, so I have no insight into those. Uh, I'm hoping to order one accidentally, uh, one in Aruba on eBay. Aruba's work. Thus following your upcoming review. What do you think of Cisco dashboard? Uh, I think it kept crashing. So I don't know what was wrong with it and I kind of got sidetracked because their engineers couldn't tell me either. So I got to play with the installer again. I thought it was way harder to set up than it should have been, uh, because it just didn't work. And I was using their virtual machine version of it. So I got to try to, uh, clean a bunch to install of it. And then I'll tell you what I think if it didn't crash, I would have had a different opinion, but it crashed. So I couldn't really play with it. Uh, 30 minutes past. Nice. That's the mat model planning ordering. Cool. Um, have you taken wisdom teeth out? Just didn't your miserable. Yes. I feel bad for you. I have, I have empathy for people who have had their wisdom teeth pulled out because mine are as well. No earth shattering things. Shuck to 20 bait terabyte Amazon. Hey, nice. Any tips for unify iOS app working the controller behind HAA proxy? Um, I never use it on my phone. So I, I don't know. I don't, maybe I don't understand the use case. I just don't use the, um, I don't use the unify, uh, system on my phone at all. So, uh, why you wouldn't recommend the USG? People are always disappointed in the VPNs on the unified routing. So I usually don't recommend, uh, USGs because people go, cool. I want VPN. Oh, it doesn't work. Right. The number of people that contact us for consulting that we actually turn them down because we can't do what they wanted to do. They're like, Hey, I want to set up a multi user open VPN or a wire guarded, you know, common VPN settings. And we tell them that they can't do it on their USG, their unified dream machine, uh, pro, but they can finally, if you have a uni UDM, uh, pro SE. And I think Cody from Mac to come network says a recent video. Dennis, you can finally use where you're, uh, QNAP is terrible, terrible, terrible on security. So definitely Synology, um, over QNAP for home lab tinkering. Is there any issue using managed neck gear switches? No. If you understand how they work, um, they work provided you configure them properly. Um, we've had a handful of consulting where people seem to misconfigure neck gear switches a lot. I don't know why. I mean, they don't, there's nothing about them, um, that made them any more difficult than some of the other ones like me or tick, but I, and people, I think just cause people misconfigure Vlands a lot. Here's my $1 million server. Can't we play Minecraft on it? Yeah. Synology over QNAP all day, every day, OVA and ESXI build. Um, I think that you're asking about the Cisco business dashboard. Um, I was OVA and virtual box, which is something they recommended and it didn't work. How do you guys practice soft skills? Totally different type of question. Um, I don't know. I talked to people online. I don't, I have no idea. Um, the soft skills are not something I don't, I feel like I could really qualify to train on, but my studying being social is probably just more me reading books on psychology to try to understand how to talk to my fellow humans. Uh, but I don't really have a, I don't have any type of concise answer for that. That would be very helpful. But like anything, you get better at practice. So going to social events and trying to socialize, uh, there's actually, uh, a YouTube channel called answer in progress where they talk about the benefits of making small talk. Uh, I think it's if you type in like answer in progress, small talk, probably type that in for you. Um, answer in, let's see if they have that. Yes. You can find this video by answer in progress. They actually talk about this, uh, some of the psychology of doing small talk and I don't know. I found it interesting. Uh, I'm not someone who knows how to do small talk very well still. So I still think about it updated opinion on Omana. I still wouldn't, uh, buy it. I don't, I don't know. I just don't trust them when it comes to security. So I think they're probably fine for home users that want to play around with it. I wouldn't trust a business installed to it. How many servers have you deployed today? I have no idea. I've been in tech since 1995, thousands and thousands. I don't know. I've never tried to count. I've just a Cisco DB for a bit. The other day ended up being something that needs a lot of work to be useful. I do love the small business line. I like the price point that the Cisco switches were at, but, um, the licensing on it too is going to make people angry when I get to doing a review. People are like, how much is the licensing? Why is it so much? I'm like, because it's Cisco. What do you expect? Do you expect them to give you something? I mean, just because you bought their hardware, which is generally at a, you know, really high price and a great margin for them, doesn't mean they should give you the software for free. And doesn't mean you should ever have that software as a one-time fee. You should perpetually pay for it because that's, that's the Cisco way. Yeah, UDM, uh, SC has WireGuard. Any experience using squid on PF since throughout traffic via VPN interface? Nope. I don't use squid at all. It's a headache. If only could have QNAP hardware, technology hardware. Yeah. I, I get what you're saying. Uh, Tom has PF sense covered. We deploy Sophos. Uh, yeah, some people do like the Sophos one. I don't use it, but if you like it, go for it. Uh, is there easy way to make him blow away a VM on XTP and G like it was digital ocean? Yes. Kind of. You just have to build templates. Um, QNAP has too many security issues. Yeah. If you want to use a Sophos, I don't see, I don't know any reason not to use a Sophos. I never, I just don't have an interest in it. Um, but people do. So if it works for you, run with it. Are you a very incident significant difference between running tales count PF sensor device within your network? Um, well, yes. No, when it comes to tail scale, the licenses are per device. PF sense is a device. So if you're using it in a PF sense and you have many devices or you have devices that can't run tail scale, it may be better to run it on PF sense because you can't necessarily load tales calling everything. Um, and for those devices, you can't, you can load it on your PF sense and it can route there. So that's the only real difference, uh, between them. You know, and obviously if a device is connected through PF sense, the only way you'll ever connect to that device is if that device is connected to the network that PF senses. And I'm saying that and for example, a laptop that may come in and out of the network. If it's loaded with tail scale, well, it doesn't have a reliance on PF sense. I never had good luck with anything in virtual box. I use virtual box all the time. I think it works wonderful. Um, I think the Cisco does business dashboard had lots of Java problems. Uh, is there extra analogy project repackage knowledge software so you can DIY Synology like thing? Um, yeah, there is, but I don't think some things work on it like the surveillance station. So Q net problems. Don't make public facing problems solved. Well, you still have to deal with low quality software. You just have to have less risk with that low quality software because you're keeping it inside. Let's see. I go with animals for small talk. Oh, dogs are way easier to talk to. I like dogs sometimes better than people. Um, there's no doubt on that. For a blue iris, uh, should it be on the camera or VLAN or main trusted network? Uh, I would put the NBR. I don't know enough about it turning windows. I mean, put your windows on untrusted network, which creates, you know, you, you don't just get blue iris. You get whatever problems come with windows. Uh, do you recall any problems using next DNS? Uh, comment server never use next DNS. I prefer quad nine. I haven't had a use case that said, Hey, I should be using next DNS over quad nine. People seem to ask about it. Uh, what web filtering using commercially? We use Zoros personally. I use none. Uh, well, I take that back. I'm using, um, you block origin. If that counts as, uh, if that counts as web filtering to you. Cisco small business links this with a different brand name. Yeah. 25 license free. That's correct. They do offer. Last time I read, um, the, uh, 25 licenses are the up to 25. And I figure and I forget what the license fees are for the Cisco small business dashboard. Um, where the fees are, but there's a fee after the 20, once you get to 26 devices. There you go. Here's your license fees. Uh, why does open, why use open sense or pf sense? Uh, I prefer pf sense. Why? Why does LTT, uh, LTT talked about it in a video because it had a driver they were looking for. Uh, older Cisco SMB re-brand links that's in that case in many years. Yeah. I'm subject of open source. Have you done anything with IDP smart card authentication? No. Uh, do you have a CC and ACER? Do you recommend those in IT? Not in a networking role? Not in a networking role. I really recommend, um, if you don't know what to do, the certifications can help because you're not sure what path to choose or which search to get, but you're not sure how to get to a learning goal. Search can be really good for that. Also think about the jobs you want and do they require certifications? Uh, I've been unemployed for almost 20 years. So, because I've worked for myself. So no one asked me if I have, I mean people ask me here. The only places I get asked if I have certifications is pretty much YouTube. Outside of it in my business world, no one asks me if I have, well, rarely when people are asking, getting in the industry, but I don't have any search myself. Uh, I just never bothered with them, but I also have a clear defined goal frequently of what I want to get done. And so I am, I use that to read all the things I need to do and learn all the things I need to learn to get to the point where I need to be. So I've never bothered with search, but that is not the right answer for you. The right answer for you is going to be do you need certifications to get to the job you want? Or if you're not, you know, well enough into your tech career to understand what you don't know. Uh, sometimes going for that certification will bring all that knowledge in a concise way to get you to that goal. Can you elaborate more on, uh, camera, VLAN DNS, uh, firewall, the, uh, Synology NVR needs DNS in order to do its lookup so we can do things like updates. So I have the Synology allowed only to get DNS lookups, but not the cameras. Can a USG behind the PF Sense, so the USG will show network stats and unify mapping. Uh, it's not, it's not useful. Could you be done? Yeah, but I wouldn't consider it very useful. Uh, running PF Sense in the VM under Proxmox struggling to make VLANs communicate with each other even with full open rules. Any tips on that? Um, a lot of times when you virtualize PF Sense, it doesn't work well with VLANs anymore because you can't push VLANs across those virtual network adapters. I don't use Proxmox. I know that is true though in XCPNG. So, uh, well, I trade my wife for a dog. Probably not. Uh, currently open VPN on PF Sense would recommend updating wear your tail scale on improved speed. Um, it depends if you need the speed. That's really what it comes down. Do you need that speed? I mean, that's the better answer. Uh, I want to say thanks for the YouTube channel forums. Help me set up my VPNs and better security. Awesome. Glad to hear, uh, glad to hear that. Windows, definitely entrusted. Uh, $30 per drive a year over here. Lawrence System converted me using Quad9. I'm very happy with this. Quad9 is solid. Uh, $30 per Cisco device a year in the UK 25 free. Okay. It's not terrible. A well-designed infrastructure of one XCPNG hyperbolic true nest scale unified backbone where 14 steps qualify, uh, as a Q. Can you use it? I guess I mean, I don't understand the question. A well-designed infrastructure of one PF Sense for XCPNG imparties one sureness scale of five unified switches and a two tanking backbone 14 subnets. I mean, I don't, I don't see the questionnaire, but will it work? Sure. I never said what is open, VPN or wire guard. Why it's different and conventional VPNs like Nord or Surfshark. Uh, wire guard and open VPN are protocols. Nord and Surfshark are privacy VPN services. One's a transport layer. One's a service. Do you recommend buying a PF Sense or build your own, uh, SFB box? Um, you know, for businesses, I do like purchasing the hardware for homelab people, especially cause it doesn't always fit their budgets and homelab doesn't, it's often lends itself to people who are getting started. Uh, so I don't feel bad when people go, Hey, I want to buy some of these inexpensive boxes. They get the job done, you know, um, in a, in a fit your budget. I'd say use an old computer, but I think the problem with old computers and, uh, many people and maybe someone were following on this particular live streamer in Europe, and I know power costs are higher in Europe. So old computers can kind of create that challenge for you. Uh, so they may not be the most effective, but there's some relatively, uh, inexpensive boxes you can build PF Sense on right now. If I recall, uh, when I had, when I had at work to config switch VLAN 495 or something like that, effectively creating a trunk port and hyperrider stack a long time since I'd done that. Yeah, there's, there's some trickiness to doing it. Um, I don't do it. Actually pull up. Well, the networking, here we go. So when I build my PF senses and Zen server, you notice the each one of these is like the dot three studio 100 to two studio 200. If we go over to my pool of Zen, look at my networking, you'll see, um, I gotta go. What? Let me just show all. There we go. We designed each of these to be their own VLAN. So these studio ones are their own VLAN VLAN 100 VLAN 200. So by doing this, we're not dealing with VLANs inside of PF Sense. We're doing them all inside of Zen server. So by doing them inside of Zen server, it saves me any of those problems that you may be running into. Inside of trying to create the VLANs against the interfaces. I let the hypervisor handle the VLANs and to PF Sense. These are all just logical ports. I'm in the question like there might be someone too much to ask for here. I don't. I mean, I have forums where people can ask more in depth questions. You're just insane. I've seen many users falling behind you explain it so well and speed it up too. So I don't know how you managed. Oh, I love speed run questions. I like doing Q&A for some reason. It's really fun to me. It's like a game show where people just go throw questions at Tom and see which ones he's going to screw up on. Do you recommend buying a PF Sense or build one Dell OptiPlex? Build it. Buy it. Personally, I consider you an expert on PF Sense. Curious who you would use set up budget, set up use BGP OSPF and PF Sense. So you need to learn more about how to set up a configure. I might do a video on it someday. We don't do it that often. So there's not a ton of them. So I kind of mumble my way through those ones. When I do a video on something, it's usually because I've done it so many times. And this is kind of, you know, alluding back to someone and say, hey, Tom, you're going to Q&A. But the thing is, you guys are asking questions about stuff that I do every day. So it makes it really easy for me to answer. And my videos are just stuff I do all the time. And my team does all the time. So it's easy to answer. When there's things that we do and it's kind of a one off because we're not setting it up every day. I usually have to really sit down and build a lab and practice at it. But I've been wanting to do like a BGP video for part of an explainer on there. The problem is when you dive in those complicated topics, it's a lot. And the downside about being a lot is that I have to then put together that context is going to be for that video. And it's just me going, I'll do that later when I get to it because I have these other things I want to do. So when I find some time, I'll probably sit down and do a video on it, though. I'm working as I'm probably going to have to hire someone for my YouTube channel soon next year because it kind of needs to happen. I need more people to help set up everything. My staff is so busy doing business things that they don't have time. So I've kind of had to, you know, it's put a few things on hold. But I think that'll change. Once I find someone, and I'm preferably going to find someone local to do this because it's just easier to come to my lab and start building that way. I don't even have to build it. Someone can test it. So she's the Wi-Fi testing. I don't even know how to have a remote person do that unless I shipped everything to them to do all the testing and then brought it all back to do the review. And that just seems, I don't know, not out of the question, but a little bit harder. Power cross are horrific at the moment. Yeah, I've heard that. Top five P.F.Sense feature requests. I don't have a top five for that. Yeah, I can't really, that doesn't ring a bell. Like usually, I'm going to say for the businesses, people usually want some type of global dashboard. I always look at a global dashboard as a good and bad. Like it's a single point of attack, but it's also convenient to be able to log into everything. And I want to do a video on this at some point. It's our project tunnel bear. And this is actually a reverse VPN that we have set up with a single IP address. And it has a lot of systems connected to it. So maybe one time I'll do a video on how we built our own dashboards with P.F.Sense. And that might be an interesting video where all of the clients have reverse tunnels that go to here. I don't know. That'll topic for another day, but that is probably the one really frequent request. I don't have a top five, though. Peplink routers. The Peplink seem to be really popular for failover. I've only used them for that. Do you run XOA in the same infrastructure? Do you run your XOA in the same infrastructure as your managing? Yes. Power over here is a large consideration. People train yourself. Core 2's file, P.F.Sense box is run. Yeah. Definitely power issues. You take your take on Unify Access. It feels like a very immature, basic product. People seem to like it, but I've talked to some people that have bugs with it. I haven't really done, we haven't done any business installs because we wouldn't want to support it. Best solution for triggered PTZ to a closed contact detection over IP rather than hardware. I don't have a suggestion for you on that one. How many services, services you run in your home? Probably 100 plus. Oh, not that many. Start with a BGP 101. Yeah. If the VM scenario is a little too odd, is a little odd behavior, DHCP, the VLAN apparently works fine. Devs are getting proper IPs when the intercom, nothing, suggestion we go bare metal. Yes. There's actually a lot of weirdness. If you don't set in P.F.Sense, and this goes to XCPNG specifically, you can actually get an address, but you'll find your traffic restricted in kilobits when you have the hardware offloading not set properly or the settings not proper on your virtualized network interface. Those are problems people run into is connection problems, throw problems. Those are both real problems you run into when you start virtualizing P.F.Sense. You have to know how to set it up right. Hello from cold Switzerland. How's the weather in Detroit? It is sunny here in Detroit. Look at my front yard. Sunny and... 37, well, this is partly cloudy, but it's 37 degrees and partly cloudy. Good day from Australia. What would you have a YouTube person do? Edit, make videos, always curious, someone branch out. I need someone just to test all the stuff. I don't mind me and no one making the videos. It's everything that comes before the video is the hardest part. The testing, the configuring, the making good notes about how the system works. And going, hey, these are the problems we encountered. These were the challenges. These were the little hiccups when you set this device up. Those are all the pieces. I don't mind being the one to present it and put the whole script together. That part I'm fine with. And it's not the part I spend the most time on. The recording and editing of the video is a part, but the bigger part sometimes is how many hours did it take to do the testing? And like, for example, people go, hey, why don't you do the new comparison time between the latest version of TrueNAS 13 and the latest version of Bluefin, which is technically in beta right now? Great. That requires someone to build the machine, do all the tests of Pharaonix, then reload the machine with the different version of TrueNAS, do all the same tests of Pharaonix and compile the tests together. The video is about five minutes long. The testing is about four or five hours of repeated tests at different sizes and making sure you had all the parameters right. So that's kind of like, that's what that person would do is do all the testing. We're having a quorum of setting up wireless internet solution for our University campus housing. Can you please advise how to get started with Ubiquity Equipment to be the best suited for indoor, outdoors, devices and such, and we're having 160 housing units. Take a look at those in-wall HDs. We've done dorms with those. They work really well. We've done hotels with them. I've got some large Unify installs. If you look for some of the large Unify install videos, I do have some on my channel. Absolutely. The Unifies are a good way to go setting them up for that. Have you ever had problems with MySQL not migrating between hosts? No, have not. It generally doesn't care. We've moved windows around between different hosts all the time. I don't think anything of it. We really haven't had any issues doing that. Proxmox, OpenSense, DualGig, Nick having difficulty landing. That's why we don't recommend virtualizing it. I don't use Proxmox enough to tell you what to even suggest. Post in their forums. With XCPNG there's a write-up about how to set up PF Sense in there, but I don't have any knowledge. I don't use Proxmox, so I don't really know. Their forums are probably better on there. I want to mesh two ISPs into one PF Sense box, fire through one telephone cable, an additional network. Didn't get any inner addresses, any guide. I don't know what you're doing wrong there. That's a little bit harder to figure out. PF Sense with DualWan works great. Got videos on it. There's write-ups in the PF Sense documentation on how to set up DualWan. I don't know why yours isn't working, and that is something you'd probably have to jump in my forums or the PF Sense forums to lay out all your details to try to figure out, you know, are you getting an IP address on each one of these WAN interfaces? Can those IP addresses get out to the internet once they're assigned? Are there any routing as the gateways, you know, set properly? You take on... Your take on Vercata? What is Vercata? I don't have an opinion of Vercata, because I don't know what Vercata is. I've never used Vercata. So, I have no opinion on them. Apparently Vercata is a company that managed devices across with web-based platform. Oh, they're one of these. There's a few companies that do this. We put it all in the web. And it's just expensive. I don't know. So, I don't have an opinion on them. If you have a chance to take a look at the more in-depth at StoreJ, I signed up. Nope, that was something I might do today is play with StoreJ. StoreJ is pretty cool. I'll actually pull up StoreJ so people can know what I'm saying. So, StoreJ as far as unifying if I haven't entered the partner sector to break into larger customers, they actively avoid the partner sector. Personally, I'd rather you make me stop doing all the chaff and doorbells stuff. Yeah, that'd be interesting. Do you test or deploy maker tech products? Not often. I've done some maker tech videos, but only a few. We don't really deploy commercially much maker tech. Hi, Tom. I want to learn how to terminate in splice fiber, but splice machine is too expensive and impossible to do without expensive machine. You know, I don't know. We don't splice fire. I don't, I should say I have people that do. They always have the expensive machines. I mean, that seems to be the best way to do it. So, that's probably something to look up on YouTube. I'm not, I'm not someone who splices fiber. So, I'm not the best person to answer that. Recognition or sell backup? Cradlepoint. The Cradlepoint one seem to be popular. We have a few clients using Peplink and Cradlepoint. I think Peplink's the name of them. Peplink and Cradlepoint seem to be the ones that are popular for that. We are so lucky here in Detroit for our local clients that we do not have to deal with this very often. I have three fiber providers and two cable providers at my office. Three fiber riders. Detroit actually has a surprisingly amount of coverage. So, almost all of our coverage is just failover with one of the other providers. In Starlink has become a popular failure. We've actually had a handful of clients in rural areas that Starlink was a good choice. Why not access cameras? Because they're expensive. They're about eight times as much as the equivalent Amcrest cameras. Do you know any good dashboards to manage HomeLab? I guess I don't know what you're trying to manage. 180 watching, 39 likes. Yes, please hit that like button. Yeah, 187 people watching. We'll pull this up over here. So, thanks for the advice. Just started using Home Assistant. Loving it so far. What are some of the best brand devices you'd recommend? Why don't some temperature sensors only have TP-Link plugs for now? I don't... I haven't done anything really with the temperature sensors in it. So, I don't really have any specific advice when it comes to temperature sensors. But there's a... If you look around, there is actually... Let me find this company, because they're really cool. So, if we pull up devices, there was a place that is... And we can probably share from here. You can look up certain ones and find them off their site. So, the Home Assistant site will actually help you with some of their things by showing you the ones that work best with them. But I don't... I've not spent any time on these, and I actually myself will... If I'm looking for something on Home Assistant or I'm curious about it, I should just go to YouTube, because there's some great YouTube channels. I don't remember the names of them off the top of my head to recommend them right now, but I've looked up things like, you know, how to do this at Home Assistant and watch the video on it myself. The biggest gripe with XOA is the backups. It's hard to track how much space a single backup is taking and mapping the guide at PM. I don't know. I don't find that as a problem. Mapping it to where it needs to go. I mean, I look at the backups from this standpoint. I know how much they're transferring. I know how much goes into my backups. You don't know until they're compressed. You're right, it doesn't tell you how much space, but my backup target, which is my NAS device, does know how much backups take. Go here, storage. Currently, my off-site backups are... My production backups are 2.7 terabytes. Make this a little bigger, easier for people to see. Which ones are lab backups? NFS? Production backups? One of these is off-site, but yeah, 2.7 terabytes. I know how much my backups are taking because it's here. I don't expect Zen to tell me how much the backups are. Zen can, though, if you go to settings, I think it's under remotes. It tells you how much in total is used right here. It does understand what's there. Zen lab backups. I don't really see that as a problem. Besides, Peppelin, what other backup cell provider would you use? We just so rarely use them. Hello from Alaska, awesome. Interface statistics show 53 errors land out. I would show you that error land. I don't know. Do you have any experience with UB phones? I have not tested them at all. In rural Texas, we were working to play Starlink, but the delay on getting them is a killer. Yeah, that's probably a problem. Do you have any new videos for dual-wan failure on PF Sense? I'm interested in various failovers and restore various tiers of PF Sense. I'm going to do a new one soon because there's some changes since I made the other one, and they do a couple things different. I think I have a video on it, actually. Let me look. I'll go to the... I feel like I did one recently. One of those fun things is I have to think about all the videos I did by free, sure, when. Oh, I did... I'm wrong. I did one on this. How do packet loss and latency monitoring work in PF Sense? So I did this one, and the next one I'll probably do is a one on the dual-wan, because I want to talk about how policy routing works because I didn't cover my dual-wan, and people are always confused about the policy routing. It's actually easy, but I want to make sure that gets covered. The new version of Unify Network Settings have a router section for third-party gateway Sense on Tangle as our router, so I changed it to Vault Network to third-party router. I don't know. I've never really... I don't know what that setting does, so I don't know. I think we'll see... I think we'll see improvements in the further 7.3 that have posted their community form yet. Glenn is helpful. I don't know. We'll see. It's only for you to get. You can choose between layers. Switch, switch, and router. Got it. Makes sense. So Codi has play with it. So the answer to the question is, no, it's not useful. Thanks for the videos. Always really useful. Awesome. Cisco sees same super useful at Lawrence Systems. Awesome. Hello from Switzerland. For the backup sizes, I'm sure you go to backup tab and then restore and you can see the size of each of your backup. Yes. This is true. So if we go over here and we go to the restore in our backups, we can see the size. We can even store by size for the backups. So what's the largest backup Tom has in here? Gray log. No shock there. I have 7 versions of gray log. Why do I have 7 gray logs? I should probably consider my retention policy. Yes. Because 1.5 terabytes of backup seems like kind of a lot. Let's go over to overview. How many am I retaining here? Oh, yeah. I am retaining 7. Never mind. It's me. It's my fault. I've decided I need 7 copies of gray log. I don't have a good reason for that. Because I can, because I have the storage. So next runner up, invoice Ninja V4. We do have a lot of 15 deltas, 2 foals. So 108 gigs of windows lab base. Lots of data here. I love the backup system in XTPNG. It just makes life easy. Hello from space. Haha. You need a switch that supports VLANs. They're going to often call the managed switches, but you need a VLAN enabled switch in order to have VLANs. Hello. Is there a trusted list for tech a little on my practice been studying more other science views? I don't know that there's a trusted list because a lot of times. I don't know. I don't have an answer. Well, maybe I do open source. I like open source things. So open source is a more trustworthy firmware. Maybe that's the way to put it. How is home assistant these days? WT backup I've been using WT for years, but during switch to home assistant as far as home assistant goes for backups. There's a couple different options. You can go to where's it at? Is it I forgot where the backups are now you can set it up so that automatic system right here system and you can pull your own backups and then download them. So you can just say, Hey, I would like, you know, this backup and I would like to download this backup so you can have it and I have mine set to do this or it creates a backup on each time there's a update. But yeah, you can absolutely do the backups pretty easily. There's I haven't tried it. Someone said there's a plugin to send send the backups to place as well. So each time it backs up it sends it somewhere. Oh, that's a more accurate answer from don't call VLAN is technically a layer two thing. The switch does need to be capable of doing those settings. How do I separate to land on a unified switch and how to use to land you just create a separate land you create when you create a when you create a separate VLAN. It can be a treated as a completely separate network when you do things. Wiki how do you manage internal documentation including secrets we have a very locked down customized version of a wiki combined with bit warden bit warden is where the secret stuff goes the wiki is where the write ups and details go but we don't want our wiki public facing it all so the wiki is right down to the having two factor and restricted by IP internal IP so even being on my network doesn't give you wiki privilege you have to be on the approved IP list and then have a username a password and a second factor authentication because we just take our documentation we try to keep it as locked down as possible but yeah we still use a wiki for now because I haven't found anything else I like if you search by hunt for a VLAN people switch sometimes they hide it in the specs is 802.1 Q that's correct a backup for every HA update that's a lot of backups yeah I purge them and there's no I always do I what it does is it runs a backup in case the HA update goes bad honestly I even an HA update go bad home assistant is updated a lot and the backups just work so do you have MFA in your home home assistant instance I should I'll fully admit and call me out call me a security fraud for not doing it I don't have currently home assistant attached to 2FA but I also don't have home assistant set up where it's accessible outside of one single network so it's also on its own restricted network so yeah I've restricted it that way but I honestly have not set up 2FA and home assistant and look I'm assuming there's a spot to do it because was this a trick question oh it does yep I can't enable to utp on it okay maybe I will because it's it's not accessible externally so I didn't think about it I should have 2FA on everything so hey you called me out on it and honestly I never really looked into it till this moment so thank you I watched your video about sitting up here since the UDM pro did the steps speed at UDM when it goes 200 normal speeds which side 200 but only 35 Wi-Fi same Wi-Fi same as above that's a tough one a troubleshoot Wi-Fi is finicky and getting consistent speeds on a Wi-Fi this is one of the reasons I just don't do a lot of Wi-Fi speed testing just drives me nuts and is aggravating so I don't really know some setting got changed is my best guess but I don't know for certain loving snort any more videos on it um maybe I do Syracata mostly but start works um I don't know there's the video I did several years ago nothing has changed I could do a new video but I wouldn't tell you anything new um so the sort and Syracata videos are I don't have anything to add to them is part of the problem AGS so many updates looking forward to slightly reduced update speed the updates haven't bothered me I click them they go back up dual WAN and PF Sense have an issue where it goes from WAN to forge you back up just fine doesn't always switch back to main WAN yes this is normal that is expected behavior because states created stay where they're created even when the other becomes available I need to make that clear in a video because this seems to confuse people about how states work uh they're sticky they don't want to disrupt because when you have two connections and one of them gets disrupted they go to the other connection now that disruption is noticeable I'm on a call I'm not on the call if I were to uh lose my main internet connection while doing a live stream my live stream would go over to the failover connection but you would notice you would go hey Tom glitched out Tom stopped working for a moment and then the live stream started once the live stream starts again it you don't want it to glitch out and switch back over to the other way so eventually everything will wander over to the new connection but in a short term things will stay on whatever connection the state was created on it doesn't force them over now this is where in the one use case that is really good for sd-wan is when you combine the two so the states always go over a sd-wan and the sd-wan is managing the connections for you that way it's more seamless and can be switched over but um sd-wan is another set of problems because sd-wan itself requires a service to be running to manage the sd-wan and a endpoint which is going to be someone's cloud that you're paying money for uh and then your internet connection isn't your endpoint your endpoint so is the sd-wan and that has an expense and overhead with it so it's not like the oh this magic will solve it type solution i have a video i did an sd-wan explain that too i have lan from pf sense how to connect those networks so unify 16 port switch just you go i have a video on pf sense and unify vlan so i recommend watching that video because i go in depth on explaining that one you add the to tb stickers so that acne and pf sense can update mail in a box dns i assume you need ssh to update it you can't find it in agui uh i don't know i've never used generally because i when you're using acne search um you'll have to figure out a way to pull them out of your pf sense if you're using the pf sense to update acne um and you want a copy of that certificate somewhere else you're gonna have to build maybe an ssh um with keys to go in and grab them out of your pf sense or write your own automation uh script to get that somewhere so i'm not exactly sure um about that that's a bit warden password list feature haven't tested it yet any idea on how to diagnose a track down the root cause um do speed tests on each segment of the network set up set up something running iperf that you know can operate at the maximum speed or at least above the speed which the wi-fi does and iperf each device moving it between network to network to use design center unifier alternative heat map software um we don't always use the heat mapping software the unify design works fine if you want to use that people overthink the hell out of that uh you know we we do large projects all the time with spreadsheets and people are telling me i can't do it and i'm always kind of i was shook my shoulders i'm like i don't know at what point does it fail we did a project it was like a quarter million dollars of you know install pretty big install a lot of drops a lot of things going out there um all done with the spreadsheet and just some basic planning with an overview for putting these in i don't know i followed your phyto to a tutorial in and i really want to use it in the has been a lot it was tricky question um use it on has i'm not sure what has i was thinking that is hardware as a service but that's the wrong grouping of letters wi-fi sucks uh here's a good speed test one meter up bam half the speed absolutely a problem move one meter more good again i have a better one we actually put a laptop and if you don't know what a lazy susan is like for serving food where it's a little thing that can just spin we put a laptop on a lazy susan and just by spinning the laptop to different angles we were getting different wi-fi speeds like pretty big differences 25% speed differences from angles and the wi-fi was like a few meters away it's just aggravating we also found out if someone stood in between the wi-fi this is the weird part if someone stood in between the wi-fi and the laptop it went faster but if someone walked away it went slower thank you wi-fi for making life testing hard and why i decided not to do those just about to update 2.6 pf cents plus 21 don't think there are much differences outside of support i have a video where i think i highlight some of the differences between them your videos and youtube came in super helpful for me for a long time thanks it's on just last night morning i was able to add pf cents in front of adn pro so i could run tail scale in a pinch for time awesome i am so glad you're helpful and thank you very much for the donation it is greatly appreciated how would you approach c level guys picture placing crappy maraki mx and bell start ringing you say did you know the us navy uses pf cents and you never have to say the reality is people in the cc don't even care about open source you're adding too many words if you brought that up we're going to you know this is how i sell things because you know i'm selling to businesses and the businesses if they're not technical i don't add technical words in there like open source we have a best in class solution firewall we're going to install secure your network it's going to come with support contract and agreement through us to guarantee that the uptime will be kept that the patches will be kept in your security will be done in the best way possible there we go i never had to use it open source and i'm talking about pf cents quit quit you know hey i got this free solution that's what makes you look like someone who's just trying to pitch them on things you don't need to use the words open source and sell it and you know a lot of times they don't google it whatever i do point out that literally the u.s navy there's a blog post about the u.s navy using pf cents would you set up a virtual ip for a win to solve the dual win failover restore issue so i uh no no oh has this home assistant but that's too many s's it's h as home assistant i guess i guess you could i don't know i see what you're i see how it was truncated now experience of installs a free piece of software saying you need x amount of ap's do you have any physical suggestions on how to performing periodical internet speed test using our perfect uh login results to keep an eye on the provider let's say not really um and a lot of times the provider i doubt any consumer grade providers isps would you'd have to figure out what their minimum is even if they sold you work we're going to give you a 400 gig internet connection it i don't know that it would be 400 gigs all the time um and i doubt they have agreement that would guarantee it to you so it's kind of like you're just wasting bandwidth and eventually by doing this you're going to uh because more and more places have bandwidth caps you're going to start running into overages and bandwidth caps just to do a speed test which doesn't make a lot of sense to me so also have a point of diminishing returns depending on what you're doing latency matters more than speed for most people's use cases outside of i want to download something really really really fast which sometimes is limited not by your internet connection but by the upstream provider who just throttling going well i don't care how fast your pipe is our pipe is this fast therefore we are going to slice it up into smaller pieces and we're going to do q s and every download that comes from our server so they can only download at x speed um so i don't know i don't think as much about the speed i don't have even the top tier for my house because why i don't need it uh i wish i had faster upload i bought my tier based on how fast of the upload i actually can go downloads a little bit faster if i wanted to but i don't see the point so i bought the fastest upload speed possible because i need to get my youtube videos uh uploaded uh changing ssh to fallport dealing with apps like rsync copy id uh port different i missed the context for that one wi-fi is voodoo yes it is um it is very voodoo smaller ap is more of them seems to be the common logic that is definitely my logic by the way i'll take the hate and the comments on that one people tell me i'm wrong that's fine tell me i'm wrong i'm going to keep selling them and uh we actually lost a bit and we're getting it back um so we did a series of jobs but we told we had too many uh access points and even the people who bid the other jobs that we were trying to oversell my access points so they got the job because it came out cheaper to put up less access points um that that particular site doesn't work right because it doesn't have enough access points so now we are coming in to fill in the gaps left by the other company who said we are wrong and uh hey whatever whatever i i got nothing people uh tune powering channels like auto like your recent video you pointed out on auto yes pfcents on ongoing costs no licensing sell it with no license yep a lot of big corpse don't disclose what they're using this is very true a chance you're doing a pfcents on radius assigned vlan for wifi uh maybe i we have we've done this and i might do a video on it it's a maybe it's just the limited use case people ask more about it it's not something that everybody uh sets up and it has its own set of issues when you do it um so anyways uh because of my current living conditions i don't need direct access to my isp modem and i am running my stuff on wi-fi separate peter dwrt then get direct connection and don't require it okay you can have cheap st solution with zero tier and pfcents works good not sure if tail scale can do aggregation i don't think tail scale can do aggregation wi-fi sucks which i had more wi-fi at work yes can't believe how many corpse uh want to do all wi-fi for the users and then complain when it falls on his face yes understood thanks awesome wi-fi doesn't change from coverage based on capacity always assigned for capacity this is aruba uh cisco yeah capacity it's it's capacity and coverage are the two factors not speed most of the jobs we do commercially are all about you know can i have x number devices in this area and does that area have coverage we do a lot of commercial warehouses and those commercial warehouses care about coverage speed is not even on their list matter of fact we set them to the narrower bands because they have better penetration wider bands are faster but speed is not the issue at all matter of fact they just need connectivity for a laptop that might be scanning something or working out in a warehouse uh lots of of the banner tools that they have they send kilobits of data getting those kilobits of data faster to their destination makes no difference to anyone heatmaps can relate to playing the cost um yeah they yeah in reality is the heatmaps are only so good if you really want to do it right you actually get and i think chris from crosstalk had one of these things um you get like a stick that you can put a wi-fi device on and you hold it up where it's going to be and then you test that area like actually test the area and that makes a big difference in doing it not just assuming what's in uh what may cause interference but actually going there and doing it and uh that's a lot of people aren't willing to pay for that just throw more wi-fi devices out there sell off some u6 pros replace them with two u6 lights or maybe nano hd's cool i pair plugins on psense wi-fi laptop they hook up to each other just looking for a high level understanding before i didn't do that you can use iprf on psense you can use iprf on a raspberry pi works all over the place you can have too many ap's but you can never have too many ap's mm-hmm lots of people understand the shared medium has uh sending time slots per channel so more ap's is better yes that look up how that works it's amazing when you dive into the details of how that works so uh fiber straight onto the box in the pf sense i mean if the it depends on how they're providing the fiber to you if it works in an sfp and are giving you an ip address it should work but i don't know i don't know how your isp is providing it uh he's on standard desk facing upwards that's a weird way to do it but it'll work put your wi-fi stick on the lazy susan there you go i've changed default port of ssh seems like everything from scp are seeing all ids seem to use different ways uh to tell them the port is different is there a better way uh if you change the port you have to set it to whatever parameters of however you're doing it i mean when you're using an on default port you just have to put those parameters and you're right the the command line switches may be different for each one of those tools but if you change the port you're gonna have to change your tools to match whatever port you're using thoughts and uh chat gpt and how we can use the networking use it to create scripts and it's amazing um i don't know i'm i'm still reserved on it i've been watching a few things on it but i i will wait and see no real no real concrete thoughts on it it seems to be a lot of excitement about it right now we'll see how it works out hence 40 channels over 80 for stability it worked in solar winds uh with sirens eye watering expensive never saw their heat map um king king of how much is block we do a lot automotive workshops uh have seen companies query why you put so many p's in but the coverage and reliability is key especially with large moving vehicles yep you'll debate speed versus bandwidth and thinking about just running os2 out of the house but not sure why so many cables run yeah it's ready tips and tricks your wife had roaming handshake to make it seamless i know ubiquity had issues of software versions ago i've not had any problems with it uh in the last few years with ubiquity i think there were some early ones i know it really hated roaming on they had some iphone problems and oddly samsung problems um but i haven't really had any issues of roaming right now with uh what there's chat gbt literally walked me through my psn failover huh i maybe i'll try it for that and see how good it is at answering networking questions wait can my live streams be replaced with chat gbt that's what we need to know hey you're looking to bypass my sp with a pf sense as a p custom build need their box ip tvs or any way easy way not that i know of i don't know any way to bypass that there might be a way i just don't know it i'm not seeing there's not a way i'm just saying tom doesn't know which way do you prefer pf sense fire all behind unify vlander use unify networking firewall standalone i don't use unify net uh unify routing devices so i your video about unify uh pf sense how do you configure to land on unify switch i have a video where i explain pf sense unify vland you've asked that question before and i'm going to keep giving that same answer for that one uh and answers follow-up questions i mean it's no laurence q n a but hey yeah how long till i get replaced in all the youtubers here replace you know i gotta hurry up and try and make some money and save it up because pretty soon i'm going to be obsolete by some ai chat bot ah this is a good point right here chat gbt chat gtp is showing answers from the internet chat gtp doesn't know what it's showing always double check the solution i got several uh wrong and dangerous answers so this is actually a fun fact and steve gibson covered this in security now and a lot of security researchers uh this is fun there was some an answer and uh a stack exchange that was wrong there was a coding answer that was answered wrong repeatedly but it always got upvoted as the same answer therefore lots of people kept using the same code later it was discovered it was wrong it wasn't known to be wrong or insecure way to implement something but so many people used that uh stack overflow uh or whatever that site is that people look up uh code snippets anyways if enough people vote to the top or assume an answer is right even if it's wrong it is the result that many people will find as the top or most seo uh you know result so it's gonna reach the top of the search engines because so many people said it was right and this is where the flaw of any of these chat engines could come in or as it happened a security vulnerability that shouldn't have happened but so many people copied and pasted this bad answer into their own code as a solution to their problem for setting something up that this security flaw was actually found in way more places than it should have been all because of someone had posted a top answer uh so yes this is actually a problem that chat gt chat gtp sorry weird combination for some reason in my head uh this is a problem that they could end up having where the wrong answer is the most popular answer so it could end up propagating bad information on something like that so that would be interesting does that mean we get a lauren spot yes i know this is not always correct you have to double check to everything in lab environment first yes uh sauce for taquitos ooh um uh yuka pull it up this is definitely um the right answer to this i don't know if they can give good can i bot give good give good hot sauce recommendations i mean come on and uh this stuff's just wonderful it's it's cheap it's not the most expensive stuff it's just great i asked to create a firewall software using swift and it did uh it does work but also uh coded thing right in front of me matter of time yeah gpt you know me i'm thinking opp yeah and hey gpt is opp where other people's property uh it's just using all of our knowledge to build upon it uh they do state gpt page that they get things wrong is not a definitive answer for anything how long until twitter is gone that's a complicated topic we don't know um we don't know if it will go away we just know that it's a big dumpster fire that seems to be um bleeding money at an incredible rate but that's not the real story the real story is the twitter's just a bunch of noise the real story is it's causing damage to the other brands that elan built and that is actually a more expensive loss so i don't know when the runways out he's got plenty of money to fuel the fire um so i don't know i don't i'm not even interested in taking bets i still tweet why do i tweet because i have an audience there i also post on mastodon because there's a building audience there quite a few people actually using mastodon now so i post on both these places if those places become or any of these places become a place not to post or untenable i stop posting there so yeah it's as simple as that i don't i don't uh i separate news from noise i've talked about this before man i have a linkedin post and if anyone wants to follow me on linkedin by the way um in my post i always make them public because i have no problem with you know the things i post the necessarily rants i'm posting i don't really rant on anything uh where do i where does it show my activity there we go just make sure i'm not showing any messages but if you're looking for another social platform to follow me on uh you can follow me where i mostly post about tech things and occasionally some humorous things uh on there but yes lots of discussion this got me quoted so this particular one and you can see my analytics here on linkedin which is kind of funny um 15 000 impressions and i'm actually shocked at some of the things uh 12 people reposted it and i ended up uh getting a comment someone a few people followed me one of them is a writer and wrote an article and had me quoted in there for my ranting on the rack space outage and things like that so yeah uh but i have a post in here buried somewhere uh here's a humorous one if you if you're looking for a reason to follow me on linkedin i like to post my uh nerd humor i post this on twitter as well so we'll leave that pulled up but i have a whole thing where i talk about understanding news from noise and how i look at things i we share a lot of how i think not necessarily because i want you to think the same this way but i like to offer like show your work some of the ways and methodologies i come up with the conclusions i do so oh pp other people's property come on it's a classic song thanks for making the strive entertaining time to go and solve some ap's awesome have fun installing those uh hi tom which pf sense recommendation office with 30 40 pcs um mix a land and went i mean the 6100 is one of my go to boxes we put in a lot of businesses 4100 is good 6100 is better so it's got the 10 gig connections uh keep redundant social media like cfs redundant backups uh yeah whatever redundant social media if you want to call it that always retain your ownership of things so all the different things i post i especially if i take the time to write something um i often keep my own copies of all this quarry drow has really good write ups on how he does things how he uses sites and platforms like medium but also retains all of his own copies of everything in case there's a problem with any of those sites in the future at a future date where they no longer host your content so always be in a possession of your content if you want to keep it don't rely on those other companies who always maintain your content save all your memes somewhere how do you go about sizing a firewall do you trust the data sheets amount of users know it's different ton of variables just want to hear how you approach it uh yes i use the net gate data sheets because they're accurate um net gate knows their product very well so the net gate data sheets and sizing are accurate hmm i know the song it is figured it was some gang oh yeah will i host a mastodon server not likely uh i don't see that happening anytime soon um but you can find me on mastodon um right here so i'm on mastodon but i don't i don't have a reason to host my own server i don't post enough that i care or feel like maintaining it i have enough things to maintain like with my forums so i waited out going do i want to build my own i don't feel like dealing with headache for now maybe one day in the future i'll i'll have so much content i'm posting a mastodon i'd like to make sure i'm the one backing it all up um that is not today if you look at my mastodon posts they're uh same as my twitter posts going live today i literally post it both simultaneously so hey look these look a whole lot like the same posts so um uh yeah there's nothing interesting here nasa takes photo of ghost in space yeah i think all my posts here are the same and mastodon as they are in twitter i don't think there's any difference so there's nothing and by the way nothing's um something i have to really think about backing up and saving because who cares that this went live uh today you know a year from now it'll be on youtube until it's not i don't really back up my live streams on that now stepping aside from strictly unify what are some personal tips and going into mixed environments that people will inevitably set up mixed environments wrong because they're not familiar with all the different products so you'll find a bunch of security problems that's my take i mean we have people with mixed environments all the time it's part of the consulting we do and we just find things misconfigured all the time because they knew how to configure one device but not the others um it's not always the case but it's frequently the case and that's often how we get called and for consulting uh because those things aren't configured properly it's a good learning experience to play with so uh multiple things what do you recommend speed for workstation for non-tech office uh internet speed what are they doing are they cloud heavy that's the real question you know are they doing something that needs a lot of speed we have a carpet store turns out they need a little more speed than you think but not much uh because they get designs sent to them to do carpet layouts uh but a a you know a 40 meg circuit would actually be perfectly fine for them but then you have an office with engineers using a bunch of cloud stuff and they're uploading things all the time or many connections that may need more so you really just gotta think about what are they doing and are they cloud heavy or are they all watching youtube and netflix because yes that happens in businesses more than you think or more than it should i don't know about more than you think but more than it should standing under the ap right now at 35 down yeah that happens un-tag native vlan chairman now catches people out uh it's the same but a rubus Cisco naming yes un-tag native vlan one all three different ways to say the same thing hmm when is there going to be a groundbreaking technology i don't expect one anytime soon because there's not a demand for it um technology is driven by a need a goal something going hey we need to achieve this and then it has to do so without too much pain of change so ipv6 ipv6 has been around for 20 years ipv6 isn't in use because there's not enough pain to make people switch so even though we're very well aware of ipv6 we haven't moved to it in mass because there's not enough pain created by the current implementation so uh that's more of the reasoning behind that uh how do you start documenting a client when you take over it service company you should have a template um you can easily google a template like all the things you should know network layouts and things like that for a business you start with a blank template and you don't stop until it's filled in um it's really you should have a list of the things you do for onboarding and run down that list and that's how you're going to achieve it so having that template helps you not forget things because there's a blank spot on the template then that's the blank spot you need to keep filling out uh can you read a home network with wi-fi speeds uh my wi-fi speeds are irrelevant because i never test them i i've never tested a wi-fi speeds but maybe i'll do how i set up wi-fi at my home with my one single well i have two access points i technically do have two one in my wife's office an in wall hd and one more in my basement that covers my upstairs but it's awesome raspberry pi corporations uh blocked on mason i didn't know they were blocked got blocked i read i don't know what you're talking about um so i see hosting in on max i don't see that they're blocked my guess is it looks like some confusion it looks like jeff jarvis did uh post on it i don't know there's a lot to um there's going to be a whole lot coming forward in the future uh because once you've distributed moderation through the fediverse there's going to be all kinds of new fun things that we're going to be learning about that so yeah it's going to be tricky many people in office use youtube and spotify music uh where they work and it does suck up a bit of bandwidth yes as long as you have a provider on t okay people talk about that what's possible bandwidth for a 300 room hotel uh should you have a backup ip load balance i don't know about a load balancer but um a backup isp yes uh what kind of bandwidth i mean is as much as possible because people are always streaming things because they're bored in their hotel room um i won't speculate as to what they're watching in their hotel room but i bet it's uh streaming uh something streaming so i don't have a template handy i don't think uh maybe i do in my forum somewhere but you can google there's a ton of sample templates out there for that but uh go with gig internet and you should be fine uh go with the backup internet because if you want to see angry people at a hotel take away their internet um i set up pf sensebox box uh for my home network and love it the head else my five get fiber internet that's perfectly all my 10 get connected computers run and great good to hear i i love the idea that the isp can give out like 17 million times the number of publicly download pieces all like yeah yeah it's crazy how it seems to solve problems but really is ipv 6 still isn't really there didn't move an inch it's 95 welcome to wi-fi and why i don't bother with wi-fi speed test what's your idea about pf sense versus x86 box running next which everyone works for you they're both both uh good solutions i like the netgate boxes for business so we have a repeatable warranty box that we can uh that people can use but you know for home users hey whatever fits your budget you should try a local speed test because public servers be used by many people yeah hopefully you are using a locally installed speed test well i'm going to wind this down here um because i've been going for almost two hours so let's see if we can get a few more likes that'd be great because i have a 161 concurrent viewers and 91 likes so if anyone wants to throw a few more likes at me that would be great oh you can throw money at me as well i see you know a few people through money and thank you for those who did but um oh cool i can choose between options in here anyways feel free to throw money at me too it was nice running to you at OLF i learned i learned of your podcasts and only after the party saturday night be nice to interact with people without knowing anything about them the i that was definitely ohio and excess was a lot of fun i didn't like meeting all people that was definitely great much appreciated um like thank you very much to experience with ppoe i don't have any um we just don't use it as much here in the united states so i have very very limited ppoe experience so i'm not the best person to answer questions on that topic well i appreciate it but yes you cannot do multiple likes one like at time that's all that's all they allow unless you have many unless you have a lot of different um youtube accounts does it look nickels that up man the pennies that up the nickels that up i'm not you know i don't discriminate against the size of the currency if you can't if you don't have any money don't throw money at me so there's that there i like that comment there i feel that way occasionally working with tech ah oh yeah yeah see you know you've probably heard the term make it rain when you're throwing money at people but there's also make it hail when you throw coins at them too so there's you know there there is that but see if these are all virtual uh when you're sending it in a digital form uh i'm less worried about getting hit by the nickels ah you liking the streams really growing it ah liking got it nice clever little plan words love your videos for time of cotton enjoy you think uh thank you for everything keep it keep being awesome alright thank you much appreciated much appreciated i don't know if we talked about everything we were going to talk about here i don't know if that really matters as long as we had fun yes we did we talked about security cameras networking at home lab so i guess i did cover everything but thank you for the donation is greatly appreciate it what do you want to know been running ppo and owt yeah there's a lot of people in forums and senior problems pvoe i just don't have experience with it because we just don't we don't run into those setups um that seems to be something that's really popular in europe uh less it used to be popular here in the us so we kind of we moved away from it used to be all the dsl stuff was ppoe and it just kind of went away because dsl went away and um so i don't run into it as often is it possible is it possible it's something on how the unified controllers handling ap itself seems unlikely i don't know i can't think of anything that would cause that so that's that's definitely um an interesting question but all right i'm gonna i'm gonna stop it here and thanks everyone for joining it was awesome thank you all of you for smashing like button is greatly appreciated and think all of you for uh donating some revenue because that is greatly appreciated i'm gonna actually go outside for a minute so um that's definitely a thing i need to occasionally go for walks and uh exercise a little bit so i spend too much time sitting behind the keyboard so i'm gonna go do something about that so thanks all of you look forward to hearing from you next week and uh maybe i'll do this again on a sunday this is this is definitely fun i like i love all the q and a um i gotta work on a way to get you know not everyone really wants to post my forums maybe i'll set up an email address and dedicate it towards these q and a episodes that way people can email me a bunch of questions ahead of time and i answer them uh that might be a fun way to do this so that'd be great um thank you thank you and all right i've answered all the questions take care