A reasonably fair comparison. The ISPs had a much stronger incentive to finish the migration, though, because the 3g spectrum could just get turned around and used for 4g after rollout. IPv6 doesn't really have that strong of an incentive structure now that CGNAT is a well-developed technology.
I would guess I/O. Your normal containers need network access and that's it. HA, depending on your setup, might want Bluetooth, a USB zigbee dongle, z-wave, etc etc
No, the I/O passthroughs are fine. Proxmox and HA are fairly great at keeping them stable. I have passthrough for WiFi/BT/USB zigbee/USB thread Of course it pins you to a singular proxmox host, not benefitting from proxmox HA, but that's the way the cookie crumbles with h/w.
pfsense and home-assistant both claim to be declarative configs, which is technically true. However the config files are not well or effectively documented, and where there is documentation it typically relates to the GUI which diverges significantly in arrangement. Their configs are declarative in that they declare the way their internal processes are configured, not in the way that they should interact and appear to other services (networking people will find that statement very confusing).
Both are effectively "Operating Systems" within operating systems, starting/stopping/configuring/managing other programs, home assistant is doing this to the nth degree. When you start them it is very hard to determine when they have actually started - particularly the bits you care about. Getting errors and logs out of them is painful. Updating configs and restarting has multiple routes, the longest of which is very long.
Both are reasonable ways to get to grips with the problem areas they solve for; they are not optimal however.
Passive house standards first gained popularity in Germany and Scandinavia but it seems the principles have been adapted to quite a wide range of climate zones now.
The headscale API is very different than the Tailscale API so if you're automating setting up clients it's not quite drop in. Once a client is up, though, from what I've heard it's seamless.
I think this is mostly a Wireguard thing and not specifically a Tailscale thing. Wireguard does what they call "cryptokey routing" where if you prove you possess a key that the other peer knows, you get the traffic (subject to firewall, allowed IPs list, etc etc). Wireguard stores the most recent address:port that it heard from a particular cryptokey on, but it natively lets peers roam, as long as only one roams at a time.
From what I can tell you're pretty much right. A linux bridge cannot possibly be as efficient or speedy as a dedicated switch asic. OpenWRT has support for a few different hardware switch kernel APIs, but you can't exactly buy one of those on a PCIe card and I've never seen one of those N100-class boards with one instead of a set of i226 ethernet controllers taking most of the PCIe lanes.
Mikrotik sells the CCR2004-1G-2XS-PCIe, which is a fascinating device:
It is a full Mikrotik router stripped down to just a board and hung off a PCIe interface. Iirc by default it exposes a virtual gigabit interface to the host and otherwise acts exactly like a CCR2004 running RouterOS.
Doesn't really buy you anything vs a RB5009 unless you can use the pair of 25Gbps ports, but it sure is neat.
(not a lawyer) I _think_ this is a result of Trump v CASA, where the Supreme Court determined that preliminary injunctions and TROs without a bond of some sort (which until then were fairly common) were invalid and unenforceable.
reply