Anonymous
6/12/2025, 3:40:22 AM
No.105566869
>>105566737
you just input two commands and everything is enabled, no license install or pirating needed. doesn't even complain at you.
i use BGP on a single router at my parents house to hard isolate network segments. the point is to host a presence there without letting my dad’s IoT landfill touch anything. not just ACLs, but full routing separation. no path exists between segments.
i also use a DMZ VRF with PBR to steer traffic in and out of a cloud relay VPS i have. i have probably the safest public service exposure a homelab can have because of it. if any of my public services get compromised there is NO lateral movement that can take place. complete dead end.
i will say that after my large redesign and segmentation experiment that if you have a properly segmented underlay in your homelab you can do large scale experiments without adversely affecting the entire environment.
you just input two commands and everything is enabled, no license install or pirating needed. doesn't even complain at you.
i use BGP on a single router at my parents house to hard isolate network segments. the point is to host a presence there without letting my dad’s IoT landfill touch anything. not just ACLs, but full routing separation. no path exists between segments.
i also use a DMZ VRF with PBR to steer traffic in and out of a cloud relay VPS i have. i have probably the safest public service exposure a homelab can have because of it. if any of my public services get compromised there is NO lateral movement that can take place. complete dead end.
i will say that after my large redesign and segmentation experiment that if you have a properly segmented underlay in your homelab you can do large scale experiments without adversely affecting the entire environment.