Yeah depending on your WI-FI device, it might even have tools to steer devices onto specific bands. But without that, the end user devices do a semi decent job. It’s basically so that if you’re connected to 5ghz with good signal, and walk to a different part of your house it can just switch over to 2.4ghz.

Yes, but probably no additional problems if you’re already behind CGNAT.

In this scenario you could just get your own firewall to serve as an NAT gateway and connect its WAN port to the LAN side of your ISP’s gateway. You’d then have your own LAN you can do whatever you want on. The ISP’s device would provide the WAN IP to your gateway via DHCP, but that DHCP wouldn’t work through your gateway. You’d just make sure your new internal LAN(s) subnet is different from the one that exists between your firewall and your ISP’s gateway. The only problems this would cause in your scenario are because there’s now double the NAT going on, but if you’re already dealing with CGNAT then you’d already have those same problems.

Outbound traffic should all work just fine, and your ISP’s device would no longer have access to your LAN.

You don’t need to have different SSIDs for 2.4 and 5 ghz. They can be the same and the device will handle the connections.

Just out of the box. I am usually running it as a container on UnRAID on an x86 machine. It seems primarily to just be a big memory hog when I’ve tried to use it.

I love how easy to use NetData is, but when running it on my home servers it destroys their performance lol. Every once in awhile I check in to see if it runs better.

Minisforum makes good basic SFF PCs for super cheap.

The Fuse file system isn’t the actual file system on each disk, it’s like an overlay that brings together the file systems on each disk. Like a super basic setup assuming you had two data drives is that you could have a share called “MyFile Share” and have two files in the share, “File A” located at /mnt/disk1/MyFileShare/FileA and “File B” located at /mnt/disk2/MyFileShare/FileB but if you connect to the file share remotely or do an ls on /mnt/user/MyFileShare/ you’ll see both files A and B. So you create each share and it’ll distribute all your files across disks according to your specifications.

This is the fuse file system, and it’s how UnRAID implements the “RAID-like” features. Because unlike actual RAID your files aren’t striped across the array, each file lives on one disk. So while you can have 1 or 2 parity drives that can rebuild your array in the case of a lost drive, unlike RAID you don’t lose your entire array. If you have one parity drive and a 5 disk array and lose two data drives, your parity can’t rebuild the lost data but the data that’s on the other 3 disks are still accessible.

Because it makes them “feel” more secure.

Getting brute forced by bots isn’t a DOS attack.

The best proof would be to just try it yourself and see what happens. Load up Wireshark, make a query, and look at your traffic. Because the problem is there isn’t a single technical article I can point you to that details exactly how DNS resolution works on every device running any given operating system. “Network attached devices” could be anything and so you can’t be certain exactly how each device will operate.

I’ll give you that in the case of Windows devices specifically, Microsoft isn’t good at keeping documentation up to date, and on older version of windows it used to work the way you describe. It would send the request to your first DNS server, wait one second for a response, and only if it didn’t get one would it move on to your next one. However in Windows 10 today if I edit my configuration so that I use a local DNS server located at 192.168.69.210 as my “Preferred” DNS server and 1.1.1.1 as my “Alternate” DNS server look what happens:

It sends the same request out to both without waiting and the response from Cloudflare actually comes in before the one from my local DNS server. So if this were a request for a blocked domain, the client would accept the response from Cloudflare because it was received first and so the request wouldn’t be blocked.

Actually they do know what they’re talking about. Configuring DHCP with multiple DNS servers isn’t for failover, it’s for redundancy. The result is ultimately operating system dependent, but modern Windows operating systems will query all configured DNS servers in parallel and will accept the first answer it receives. So if you configure your Pihole as one DNS server and a public DNS server as a second, a lot of your traffic will just bypass your Pihole ad filtering entirely.

People have been told for a very long time not to use fake TLDs. I don’t think it’s reasonable to accommodate people who can’t follow instructions.

https://letsencrypt.org/docs/challenge-types/#dns-01-challenge

They aren’t. I have a handful of domains on Namecheap still due to the convenience of their api, and each one is between 15-25% more to renew than popular alternatives like Porkbun, Namesilo, or Cloudflare. Now for a single domain we’re talking a difference of $5-10 a year. So for a single domain, is that price difference a dealbreaker? Probably not. But the more domains you have the more it adds up.

Namecheap is a quality service for sure and I’ve used them myself, but they’re only cheap to buy. They really stick it to you when it’s time to renew.

This is why the concept of running services until different ports than default isn’t a real security measure, it doesn’t actually take any effort to figure out what kind of service is running on a port.

As an AdGuard home user for more than a few years, I switched back to Pihole because it wasn’t really any better. It was also easier to pair pihole with Unbound.

I got the wife complaining about the google results being blocked, but very little else. Most sites are still Frankenstein’s monsters full of atrocious ads.

It used to be the Noted.lol posts, then when selfh.st showed up there was drama between the two and then noted kinda disappeared.