this post was submitted on 24 Jan 2024
491 points (99.2% liked)

Technology

35203 readers
105 users here now

This is the official technology community of Lemmy.ml for all news related to creation and use of technology, and to facilitate civil, meaningful discussion around it.


Ask in DM before posting product reviews or ads. All such posts otherwise are subject to removal.


Rules:

1: All Lemmy rules apply

2: Do not post low effort posts

3: NEVER post naziped*gore stuff

4: Always post article URLs or their archived version URLs as sources, NOT screenshots. Help the blind users.

5: personal rants of Big Tech CEOs like Elon Musk are unwelcome (does not include posts about their companies affecting wide range of people)

6: no advertisement posts unless verified as legitimate and non-exploitative/non-consumerist

7: crypto related posts, unless essential, are disallowed

founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] dandroid@dandroid.app 67 points 11 months ago (16 children)

I was the lead engineer on an Openwrt router for 2 years at my old job. Their documentation is complete and utter shit, but their design is extremely intuitive. Whenever I said to myself, "hell, let's just try this and see if it works," it had an insanely high success rate.

I didn't know Lua going into this project, but when I left the company, it made me really wonder why more people don't use Lua. It's a really nice language.

I really enjoyed having my own open source router that I could just drop new features into by adding packages and recompiling. I was sad when I had to send all my dev units back.

[–] lingh0e@sh.itjust.works 2 points 11 months ago (5 children)

What were your must have packages?

[–] dandroid@dandroid.app 3 points 11 months ago (4 children)

OpenVPN server was my number 1. Being able to VPN back into my home from anywhere in the world was amazing. I can't really remember any other, since it was more than a few years ago.

[–] ramjambamalam@lemmy.ca 3 points 11 months ago (1 children)

Nowadays Wireguard is a more performant protocol, but it does the same thing.

[–] WaterWaiver@aussie.zone 3 points 11 months ago* (last edited 11 months ago) (1 children)

Not quite the same thing, you can't do layer 2 VPNs on wireguard (I ended up using tinc for that on a previous project, it worked well). For layer 3 however it's really good. Fast, simple, reliable, client works well on the platforms I've tried so far.

[–] ramjambamalam@lemmy.ca 1 points 11 months ago (1 children)

Good to know! What's the practical use for a L2 VPN?

[–] WaterWaiver@aussie.zone 2 points 11 months ago* (last edited 11 months ago)

My case for it was dealing with proprietary sensor devices with ethernet ports and garbage firmware. They could work if your server was on a different subnet, but a bunch of stuff broke (including the config tool) if you were not on the same ethernet LAN. The L2 tinc VPN allowed us to fix things without needing to walk around to the dozens of devices in a building with an ethernet cable, laptop and a ladder.

The firmware (& vendors) of the devices that we spent over 100K on were garbage in so many ways. One product's proprietary server software would misbehave (read: open files but never close them, after a time running out of file descriptors) which would then cause its fleet of individual sensors to all start SYN flooding it. Another brand's device model required us to spend lots of time manually updating them through every version of firmware because you were not allowed to jump straight to the latest version. I think it took an hour to complete the process for each unit (during which they'd get really hot and presumably throttle).

A bonus of tunnelling things back to our server over tinc was that everything was now encrypted. I used cheap GL.inet "mango" routers running OpenWRT to backhaul the sensors over the existing shared wifi network (rather than needing dedicated copper or wired VLANs). They worked almost like magic -- a weird wifi stack reliability issue required me to write a watchdog that rebooted them, however, otherwise we were back on ladders every few days :| But once that pain was over things overall worked much better.

Aside: Don't buy ANY off-the-shelf sensor product without first:

  1. Confirming that you're not tied to their proprietary server software. Them claiming that they speak an open protocol is NOT enough.
  2. Buying a few to actually test the above AND reliability over the span of at least a week's operation AND that they're not just outright lying about the device's accuracy/reliability/usefulness/etc

I made the mistake of being on holidays when the decisions on what to buy were made :P I ended up designing and building some of our sensor devices (somehow at a cheaper price even including my labour) that worked better for us, but shortly afterwards the funding ran out and I got a job elsewhere.

load more comments (2 replies)
load more comments (2 replies)
load more comments (12 replies)