Saturday, March 2, 2024

Unlocking Seamless Integration: Navigating Unexpected Hubitat Device Queries and VLAN Challenges for a Smoother Home Automation Experience

During my network debugging efforts, I came across an intriguing observation related to the two Hubitat devices on our network. The logs below illustrate the unexpected mDNS queries they generated:

1. Query for Airplay Devices
    12 0.788177995 192.168.55.11 → 224.0.0.251 MDNS 130 Standard query 0x0000 PTR _airplay._tcp.local, "QM" question PTR Hubitat._hubitat._tcp.local
2. Query for web servers:
14 0.791018733 192.168.55.11 → 224.0.0.251  MDNS 127 Standard query 0x0000 PTR _http._tcp.local, "QM" question PTR Hubitat._hubitat._tcp.local

Surprisingly, the Hubitat devices were seeking Airplay and web server devices, even though I only utilized them for Z-Wave and Zigbee devices, and have not installed the Airplay application. This behavior caused issues, as the queries and responses were transmitted across VLANs, leading to a flood of broadcast packets during high query volumes.

Friday, March 1, 2024

Dazzling DIY Hexagonal LED Accent: A Budget-Friendly Alternative to Nanoleaf Lights with WLED Magic!

I recently completed a wood hexagonal accent piece with LED backlighting for my office. My inspiration was the Nanoleaf hex lights, but I aimed to achieve a similar look without incurring the high cost associated with Nanoleaf lights. Additionally, I saw this as an opportunity to explore and learn about WLED.

To start, I sourced hexagonal wood panels in multiple tones. I deliberately chose multiple-tone panels to ensure the accent piece looked appealing even when the lights were off.

Unlike Nanoleaf panels, my wooden panels don't allow light to shine through. Therefore, I planned to position the LEDs to shine out the top, bottom, and sides of the panels. This necessitated offsetting the panels from the wall to provide space for mounting the LED strips behind the hex panels.

Monday, February 26, 2024

Empowering Privacy: Unveiling the World of Affordable VPNs through Shared Bandwidth Projects and Proxmox Efficiency

In an era where digital privacy is a growing concern, Virtual Private Networks (VPNs) have become indispensable tools for safeguarding online activities. However, the cost of premium VPN services can be a deterrent for many users. Fortunately, a new wave of projects that leverage shared user bandwidth has emerged, offering a cost-effective alternative to traditional VPNs. In this blog post, we'll explore the benefits of such projects and discuss how setting them up as Linux containers on a Proxmox server can be a resource-efficient solution. 

Shared Bandwidth VPN Projects:

Mysterium

Mysterium is a decentralized VPN network that operates on a peer-to-peer model. Users can share their excess bandwidth in exchange for MYST tokens. By becoming a node in the Mysterium network, users contribute to the overall infrastructure and, in return, gain access to affordable VPN services. Setting up Mysterium nodes as Proxmox Linux containers ensures efficient resource utilization and easy management.  I set this up following the instructions for Linux nodes.


EarnApp

EarnApp takes a unique approach by allowing users to earn money by sharing their internet bandwidth. Users can convert their earned tokens into VPN services, creating an innovative system where the community contributes to the network's growth. Proxmox's virtualization capabilities make it straightforward to deploy and manage EarnApp nodes, making it an attractive option for those seeking a low-cost VPN solution.


Saturday, February 24, 2024

Cracking the Code: Navigating Network Nightmares with Home Assistant, LibreNMS, and Wireshark

Introduction:

Hey there! Ever found yourself scratching your head over a quirky network issue that just won't quit? I recently had my fair share of head-scratching moments when network broadcast storms started causing serious disruptions in our switches and wireless access points. In this post, I'm breaking down the steps I took to unravel this persistent, network mystery.

Setting the Scene:

Picture this – network switches and access points dropping off the radar every few nights. To get to the bottom of it, I needed to gather some intel without losing sleep, especially as these problems seemed to occur in the middle of the night.  First move? Configuring Home Assistant to ping, with the Ping integration, a crucial switch and give me a notification on my phone when things go south. It became my silent night watchman, marking the time when the broadcast storm kicked in.

The Quest for Network Clarity:

LibreNMS, a network monitoring system, was my next stop. Although it did show spikes in network bandwidth, the specifics were elusive. SNMP logs lacked the juicy details needed for a deep investigation.

Enter rsyslogd:

To beef up my data game, I brought in rsyslogd on a Proxmox server. This Linux container was configured to capture logs from the admin VLAN, where switches and access points were. This did capture a lot of data, however, drowning in logs was not my idea of fun.  It was too hard to find the root cause of these issues.

Friday, January 5, 2024

Mastering Home Network Security: A Step-by-Step Guide to Fortify Your DNS with Pi-Hole and Raspberry Pi Across Multiple VLANs

Recently, I delved into the realm of setting up secure DNS for our home network, aiming to encrypt DNS requests en route to the name server. Unfortunately, Unifi lacks support for secure DNS (neither DoH nor DoT). To address this, I decided to explore the installation of Pi-hole on a Raspberry Pi at home.

However, the standard Pi-Hole install for Raspberry Pi required additional setup steps on my network. Firstly, Pi-hole lacks built-in support for secure DNS, necessitating an additional configuration. Secondly, the default Raspberry Pi lacked VLAN support, prompting me to configure it to function seamlessly within our network.

Raspberry Pi and Pi-hole Setup

I began by installing the Raspberry Pi OS Lite 64-bit on the Raspberry Pi, intending to use it as a headless device on the network. Once the operating system was installed and updated, I proceeded to install Pi-hole. This was a straightforward process, thanks to Pi-hole's automated installation script.

curl -sSL https://install.pi-hole.net | bash

Setting up DNS over HTTPS for Pi-hole

To ensure secure DNS, I followed the instructions on the Pi-hole site to configure cloudflared, allowing DNS requests to be made over HTTPS. Once configured, Pi-hole forwards requests to cloudflared, which handles DNS requests securely.

Enabling Support for Multiple VLANs

While Pi-hole successfully handled requests for the native network, extending its support to other VLANs posed a challenge. Instead of opting for solutions involving firewall rule modifications to permit VLAN requests to the native network, I chose to ensure the Raspberry Pi could seamlessly join the VLAN networks I intended to use Pi-hole on.

Following the instructions on this page for enabling VLAN support on the Raspberry Pi, I configured an interface for each VLAN I wanted the Pi-hole to respond on.

Saturday, September 16, 2023

Revolutionizing Air Quality Monitoring: How I Upgraded Our System with Mila Integration for Smart Home Automation

In this blog post, I explained how I set up an air quality monitoring system for our neighborhood. With this setup, we can keep an eye on the air quality outside our home. However, this monitoring system is somewhat passive because I need to manually check the air quality and take actions accordingly, such as turning on the HVAC fan to filter and circulate the indoor air.

I considered using the standard Home Assistant integration for Purple Air, but it shares the same drawback as the Magic Mirror integration in terms of API usage limitations. I wanted to avoid an integration that might eventually become unreliable due to API quota limits.

Recently, we purchased Mila connected air filters. These filters not only measure the air quality in the rooms where they're installed but also allow you to select a sensor for neighborhood air quality in the Mila application. Within a month of setting up our Purple Air monitor, I was able to choose it as the neighborhood air quality sensor in the Mila application. This feature enables the Mila filters to determine the relative differences in air quality between the indoors and outdoors.

Friday, September 1, 2023

Silencing the Breeze: Upgrading Legion Network Racks for Whisper-Quiet Performance

In our home, we utilize a couple of Legion 18 network racks. These particular 18U network racks are designed to be compact, making them suitable for placement in closets or offices. Additionally, they come equipped with built-in cooling features, specifically two 120mm fans located at the top of the rack.

However, while the built-in cooling is a valuable feature, I couldn't help but notice that the noise generated by the fans can be quite noticeable, particularly in quieter environments. One of the main reasons for this is that the fan speed is fixed; there's only an on/off switch available. Consequently, you can either turn the fans off entirely or run them at their default, relatively loud speed. This limitation led me to seek out replacement fans for the rack.

Stock fans from the Legion 18 network rack

After conducting some research, I decided to opt for the AC Infinity Rack ROOF Fan Kit. This kit includes two 120mm fans that can be connected to a provided fan controller, which, in turn, connects to a power source. The fan controller offers precise control over the fan speed, allowing for quieter operation.

Unlocking Seamless Integration: Navigating Unexpected Hubitat Device Queries and VLAN Challenges for a Smoother Home Automation Experience

During my network debugging efforts , I came across an intriguing observation related to the two Hubitat devices on our network. The logs b...