In the article VLANs for home networks I wrote about how VLANs and subnets can improve network security by creating different segments, usually associated with a subnet. With multiple subnets, assigning addresses in each subnet via DHCP becomes more complex. DHCP IPv4 uses broadcast packets to ask for an IP address. VLANs create separate broadcast […]
Category: Networking
Networking related posts
Categories
DNS for home networks
In very simple terms, a Domain Name Service (DNS), is a service that turns specific network names (host names, service names) into IP addresses. It allows to use mnemonic names (mypc.example.com) instead of IP addresses (192.168.121.234) accessing internal network resources. There are several advantages in using DNS names instead of IP addresses directly: One simple […]
Categories
QoS for home networks
QoS stands for Quality of Service and in a computer networks means a set of technologies to improve the perceived quality of network services, by modifying how network packets are managed, prioritizing the delivery of specific ones, as defined by a set of rules. Usually network packets are processed using the simple FIFO (First In, […]
Categories
VLANs for home networks
Home networks are becoming increasingly complex, and security threats as well. Once they were used mostly for personal communications, and entertainment. Now work at home, home automation, and more and more complex tasks performed online at different security levels make simple flat networks inadequate, especially form a security perspective. Does it really make sense that […]
Protecting connections with TLS requires the proper certificate/private key pairs, that need to be issued by a trusted Certificate Authority. You can buy certificates form several public CAs, or obtain free ones form entities like Let’s Encrypt. Sometimes you may need your own private CA and certificates for systems that do not need to be […]
Recent Canon cameras allow for direct uploads from the camera to different Internet services. Some of them are mediated through the image.canon gateway (i.e. Flickr, Adobe, Google), the camera uploads images to the gateway that in turn transfers them to the end service. Since those services APIs can change over time, it’s not a bad […]
Categories
Vigor 165 SNMP monitoring
Monitoring network equipment is usually a good way to be notified quickly about issues that could impact operations requiring network connectivity. One way to monitor equipment is using SNMP – Simple Network Management Protocol. “Simple” is a bit an oxymoron, because the underlying settings – just look at MIBs – are far from being simple. […]
Categories
VoIP behind NAT
More and more phone lines are being switched to VoIP, especially where FTTH is being deployed. When using the ISP modem/router it usually performs the ATA (Analog Telephone Adapter) role too, and it is already configured for VoIP – just plug the telephone in one of its PHONE/TEL ports (technically – FXS ports), or connect […]
One interesting feature of the DrayTek Vigor 165 is the ability to schedule firewall rules, rules can be enabled and disabled using the router’s scheduler. For examples some clients can be forbidden Internet access at a given time. Combined with other types of filters, like URL filters, it can also be used to let users […]
Prior to version 1.14, data for 35b and other profiles are not shown correctly because of the way DrayTek packs data into the HLog/QLN/SNR structures returned by telnet commands – upstream and downstream data may use different “group size” – how many point are coalesced into a single entry. Don’t know if they average the […]