[lug] talk / workshop idea

Matt James matuse at gmail.com
Mon Jul 1 10:13:30 MDT 2019

I'd be interested in a workshop of sorts for these topics.  I've got my own
ideas of how to do things and I've implemented some of it but the CI guy in
my says I can always do one better.  I'd be happy to talk about what I've
done for my SOHO and customers but would more like to collaborate with
others on what they've done and how well ti works. etc.

A few teasers - I use Ubiquiti gear including their APs, routers, and
switches.  I VLAN private / guest / IOT / kids network segments.  I filter
guest / IOT / Kids to different extents.  Tools include PiHole, Untangle,
and OpenDNS (Umbrella).

I'd like to come up with some methods for mere mortals ie: how would you
explain this stuff to your mom.  Much of what I've done is WAY too
complicated for the average home user.

My $0.02


On Mon, Jul 1, 2019 at 9:46 AM Bear Giles <bgiles at coyotesong.com> wrote:

> <snip>
> 5. Advanced networking. We all know that IOTs are a risk and it would be
> nice to put them on the guest network and configure it so they can't access
> our main network... but most router software doesn't let you specify
> "devices can see each other on the guest network" but not "devices can see
> your main network". Without the former you can't control your smart
> switches, get a live feed off of your security camera, etc.
> This sounds like a classic networking/subnet problem. How's it implemented
> on SOHO gear?
> 6. Advanced networking 2. A few related items - a mix of "this is how you
> can do it" and "which is the best for different scenarios?". Things like
> VLANs, assigning a static second IP address in a different private IP
> address range, etc.
> 7. Another thought - there's been some discussion of just how often things
> phone home. Is it worthwhile to put a system between the router and home
> network that can monitor and restrict traffic? (In my case I can use a
> dual-NIC system to ensure isolation.) It would allow monitoring and
> possibly filtering but it could also hit the performance since everything
> has to go through that system.
> <snip>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.lug.boulder.co.us/pipermail/lug/attachments/20190701/e6c83f2d/attachment.html>

More information about the LUG mailing list