Enabling Path MTU Discovery in MikroTik, or why my PPPoE/6rd was slow

For many years, I’ve stuck with OPNsense, first initially since until a couple of years ago I was a die-hard FreeBSD user. But more importantly, by default Linux-based firealls play poorly with CenturyLink’s 6rd. I’ve been wanting to use a MikroTik as my core router instead of OPNsense for many years, but whenever I tried, 6rd browsing was just so slow for some reason. A few days ago, I got myself a MikroTik CCR2004-16G-2S+ and intially went IPv4-only. [Read More]

A MikroTik RouterOS v7 IPv6 BGP Config

As my long-awaited sequel to my MikroTik RouterOS v7 BGP configuration, I will do a RouterOS v7 configuration, but this time with IPv6. The setup will have: R1 with AS1 and R2 with AS2 1::/64 that R1 will advertise 2::/64 that R2 will advertise 3::/64 for the point-to-point link between R1 and R2 3::1 for R1 and 3::2 for R2 The ether1 interface for the R1 and R2 point-to-point links The ether2 interface for the internal, to-be-advertised subnet To setup BGP, first set your IP addresses, on R1: [Read More]

An underrated ESXi/Proxmox alternative: Rocky Linux, KVM and Cockpit

In my homelab, I have a Rocky Linux 9 server/hypervisor. For quite a while, I’ve just used the command line to manage virtual machines. It was tricky to know which TCP port was used for VNC, and forward it to my Fedora laptop. I’ve always been dreaming about a Web UI for virtual machines, but didn’t want ESXi or Proxmox, and was pretty dissapointed when I tried SmartOS and OmniOS. One day, I was on Mastodon (or Reddit) and learned that there is a KVM virtual machine module for Cockpit. [Read More]

A Simple MikroTik RouterOS v7 BGP Config

While I’m not a professional network engineer at the time of writing, lately I’ve been playing with MikroTik’s CHR in EVE-NG. One thing I wanted to set up is a basic BGP configuration between two ASes. In this setup, I will assume there are two neighboring routers with eBGP. The setup will have: R1 with AS1 and R2 with AS2 that R1 will advertise that R2 will advertise 3. [Read More]

Install Folding@home on Fedora 39 with FAHControl

At the present moment, my desktop is technically a “gaming PC” but really a workstation for various non-gaming tasks. It’s a Mini-ITX homebuilt PC with an Intel i9-13900F CPU and a RTX 4070. It runs Fedora 39. I’ve been wanting to run Folding@home on my main PC for a while now. I run Folding@home at my work systems, both Windows 365 and physical workstation (although I mostly WFH, yay!). One problem with using the default binaries from the Folding@home website is FAHControl is designed for Python 2. [Read More]

How to get multi-core PPPoE on your x86 router

One commonly-stated problem with PPPoE, especially done on x86-based routers like pfSense and OPNsense is they’re “single-threaded”. The reason why they’re single-threaded is because of how NICs are designed. These NICs know how to sort IPv4 and IPv6 traffic, but not PPP traffic. combined with both Linux and FreeBSD processing PPPoE in the thread that process packets. However, using virtualization and bridge interfaces (not PCIe passthrough), you can mitigate this issue and get real multi-threaded PPPoE. [Read More]

Want multi-threaded PPPoE in OPNsense/pfSense: Virtualize it with bridges

I am currently a CenturyLink Fiber customer in Seattle, WA and its well known that CenturyLink uses PPPoE. Yes, I’m aware of the migration to “Quantum Fiber” which uses DHCP, but I’ll probably move to NYC before I get shifted to Quantum and subsequently have Verizon FiOS (again), also with DHCP. My home server, a massive HPE ProLiant ML110 Gen11 with a Broadcom 10GbE OCP adapter, I virtualize OPNsense inside of Rocky Linux 9 using KVM, which is directly connected to my (hacked) CenturyLink ONT. [Read More]

One year later, my statement on Twitter/X

If you are wondering why my Twitter/X account @_neelc is blank, it’s because of this reason: X is basically KiwiFarms, but mainstream: a platform to spread hate. I have gotten politically conservative ads despite following tons of LGBTQ+ accounts, having a trans brother, and being non-binary and aromantic myself. Pre-Elon Musk, I used to look up to Twitter as a company. Now, Twitter is a dumpster fire. The posts aren’t even high quality, just “low effort” garbage. [Read More]

Taming Fan Noise on HPE Gen11 Servers and Third-Party NVMe Drives

I recently got a HPE ProLiant ML110 Gen11. While it cost far more than the previous generation thanks to COVID-19, the trade war, and supply chain issues, it is still an excellent server. One thing with HPE servers is that by default, if you use a third-party NVMe drive, or any PCI Express card that isn’t blessed by HPE, the fan becomes very loud. By very loud, I mean I can hear it from a shut closet. [Read More]

Forwarding Ports 80 and 443 on OPNsense Correctly

If you’re like me and run your own home server, you might find yourself needing to forward TCP ports 80 and 443 on your router. I recently changed my firewall from OpenWrt to OPNsense and obviously needed to forward ports 80 and 443 to my home server, a M1 Mac Mini running Fedora Asahi Remix. By default, OPNsense tries to listen it’s web UI on all ports, well sort of. Many suggestions online say you should change the port the web UI listens on. [Read More]