| 8 Jul 2021 |
 Mic92 (Old) | if they are in the same l2, this does not add a lot of security in theory so. But if you just want to block of some iot devices from phoning home this might be nought | 12:43:14 |
 eyJhb | ^ that's somewhat what I want to do :) But I guess I should setup some VLANs as well.... | 12:43:49 |
 casey © | depending on how all the iots connect, if it's over wireless, give them their own ssid and vlan/subnet | 17:12:22 |
 hexa | eap, radius vlan | 17:32:36 |
| hexa | or simpler: client isolation | 17:32:49 |
| 9 Jul 2021 |
|  vika (she/her) 🏳️⚧️ set a profile picture. | 16:38:47 |
| 10 Jul 2021 |
| Mic92 (Old) changed their display name from Mic92 to Mic92 (Old). | 14:02:23 |
|  Mic92 joined the room. | 14:36:56 |
| Mic92 (Old) left the room. | 15:01:02 |
|  iclanzan joined the room. | 19:06:17 |
| 12 Jul 2021 |
|  Andrea Pascal joined the room. | 01:31:52 |
|  Alex Zero joined the room. | 15:00:09 |
| 13 Jul 2021 |
| hexa | https://github.com/NixOS/nixpkgs/pull/129980 | 23:19:08 |
| hexa | reviews welcome | 23:19:13 |
| 14 Jul 2021 |
| Alex Zero | I am currently working on a routing framework called Eidolon RIS that lets you declaratively set up your own meshed BGP/OSPF infrastructure. Check it out! https://github.com/ArctarusLimited/KuiserOS/blob/master/modules/services/networking/eidolon/README.md | 00:42:23 |
| 15 Jul 2021 |
| Mic92 | Alex Zero: Could this take path cost into account? | 15:30:08 |
| Mic92 | If all my peers would use NixOS this would be the way to go... | 15:31:51 |
 Leon | In reply to @citadelcore:nixos.dev
I am currently working on a routing framework called Eidolon RIS that lets you declaratively set up your own meshed BGP/OSPF infrastructure. Check it out! https://github.com/ArctarusLimited/KuiserOS/blob/master/modules/services/networking/eidolon/README.md You have got to be kidding me. Why did I build essentially that exact same thing? :D looks pretty sweet | 15:33:26 |
| Alex Zero | Hahahah | 15:36:50 |
| Alex Zero | Don't get me wrong, my implementation still needs quite a bit of refinement. But it works :) | 15:37:08 |
| Alex Zero | I'd like to replace the GRE/WireGuard tunnels with something like Tinc in the future, since WG appears to be causing an obscure kernel bug with Bird that's very annoying | 15:37:42 |
| Alex Zero | In reply to @mic92:nixos.dev
Alex Zero: Could this take path cost into account? Yes, can add that to the list of things to do! | 15:38:12 |
| Mic92 | In reply to @citadelcore:nixos.dev
I'd like to replace the GRE/WireGuard tunnels with something like Tinc in the future, since WG appears to be causing an obscure kernel bug with Bird that's very annoying I already have built all my VPN stuff based on tinc. It has nice semantics unfortunally it's performance is quite bad. | 15:39:34 |
| Alex Zero | Ah, that kinda sucks :/ | 15:39:59 |
| Mic92 | There were plans in the tinc community to use wireguard as the lower layer... never happend so | 15:40:46 |
| Mic92 | you maybe want to have a look at https://github.com/slackhq/nebula | 15:41:05 |
| Mic92 | I never checked it's performance so. | 15:41:15 |
| Mic92 | Than there is tailscale https://tailscale.com/ | 15:41:31 |
| Leon | In reply to @citadelcore:nixos.dev
I'd like to replace the GRE/WireGuard tunnels with something like Tinc in the future, since WG appears to be causing an obscure kernel bug with Bird that's very annoying What are symptoms of these bugs? Works fine for me so far… | 15:42:31 |
| Alex Zero | The kernel essentially fails to report that routes exist in the FIB, so BIRD ends up inserting duplicates | 15:44:06 |
