tag: #networking

The FortiGate 100F arrived this week and slots into the homelab between the Fritz!Box modem and the MikroTik core router, adding real next-generation firewall capability to a routing-strong but inspection-light architecture.

Access technology lives in silicon — not software.

Sagemcom's F@st 5370 hides an ISP-controlled XMO configuration backdoor.

Manual carrier eSIM provisioning on MikroTik 5G via LPA decoding.

Running endlessh-go as a Docker container on Strato VPS, deployed via Ansible

Running Cisco WLC 2504 and Aironet 3600 access points in a homelab for under 300 CHF

How to run WireGuard through CG-NAT and UDP-blocking networks by wrapping it in WebSocket with wstunnel, using a Raspberry Pi as a permanent LAN gateway and a Strato VPS as the public relay.

QUIC is in late draft, HTTP/3 is shipping in Chrome and Firefox, and Cloudflare and Google are already serving meaningful traffic over both. The internet's transport layer is being rewritten. This is what changed, why it changed, and what it means for everyone who runs servers.

Jason Donenfeld submitted WireGuard for inclusion in the Linux kernel mainline in August. Even before merge, the four-thousand-line VPN is already faster, simpler, and more secure than OpenVPN or IPsec. Here is what it is, why the design matters, and how to deploy it now.