I really wouldn’t write off the Shield completely. It’s a few years old, but it works really well. My TVs are all disconnected from my network, and each has a Shield attached. The Shield can stream 4k HDR from Jellyfin, play ad-free YouTube with SmartTubeNext, and handles remote game streaming at 4k/60 with Sunshine/Moonlight. It’s really a versatile little box.

It really depends on how far back you want to look.

If the US was to suddenly stop projecting its interests internationally, then as others have mentioned, then likely the world work become somewhat more socialized. European countries would probably step up and try to keep China in check, but without the US contributing to these efforts, it would cause a significant strain on their military resources.

If the US was to take an isolationist policy 100 years ago, then there is a good chance that WW2 would have been won by the Axis. The Allied forces likely would have put up a good fight, but I’m not sure they would have emerged victorious against the combined Axis forces. The war in the Pacific would have raged on much longer, and without nuclear weapons, there would have been an extreme loss of life invading Japan. At the very least, WW2 would have lasted much much longer than it did. Depending on the outcome, plenty of countries might currently be speaking German and debating if they should tear down 80-year-old statues of Hitler.

I thought I spelled something wrong; I didn’t, and now I’m lost. Aren’t most non-fiber connections asymmetrical connections?

This is only true when you have a single transmission medium and a fixed band. Cable internet is a great example; you only have a few MHz of bandwidth to be used for data transmission, in any direction; the rest is used up by TV channels and whatever else. WiFi is also like this; you may have full-duplex communications, but you only have a very small portion of the 2.4Ghz or 5Ghz band that your WiFi router can use.

Ethernet is not like this. You have two independent transmission lines; each operates in one direction, and each is completely isolated from any other signals outside the transmitter and receiver. If your ethernet hardware negotiates a 10Gb connection, you have 10Gb in one direction and 10Gb in the other. Because the transmission lines are separate, saturating one has absolutely no effect on the other.

You are absolutely correct; I phrased that badly. Over any kind of RF link, bandwidth is just bandwidth. I was more referring to modern ethernet standards, all of which assume a separate link for upload and download. As far as I am aware, even bi-directional fiber links still work symmetrically, just different wavelengths over the same fiber.

If you have a 10GBaseT connection, only using 5Gb in one direction doesn’t give you 15Gb in the other. It’s still 10Gb either way.

This is a really good explanation; thank you!

There is one thing I’m having a hard time understanding, though; I’m going to use my ISP as an example. They primarily serve residential customers and small businesses. They provide VDSL connections, and there isn’t a data center anywhere nearby, so any traffic going over the link to their upstream provider is almost certainly very asymmetrical. Their consumer VDSL service is 40Mb/2Mb, and they own the phone lines (so any restriction on transmit power from the end-user is their own restriction).

To make the math easy, assume they have 1000 customers, and they’re guaranteeing the full 40Mb even at peak times (this is obviously far from true, but it makes the numbers easy). This means that they have at least a 40Gbit link to their upstream provider. They’re using the full 40Gb on one side of the link, and only 2Gbit on the other. I’ve used plenty of fiber SFP+ modules, and I’ve never seen one that supports any kind of asymmetrical connection.

With this scenario, I would think that offering their customers a faster uplink would be free money. Yet for whatever reason, they don’t. I’d even be willing to buy whatever enterprise-grade equipment is on the other end of my 40/2 link to get a symmetrical 40/40; still not an option. Bonded DSL, also not an option.

With so much unused upload bandwidth on the ISP’s part, I would think they’d have some option to upgrade the connection. The only thing I can think is that having to maintain accounts for multiple customers with different service levels costs more than selling some of their unused upload bandwidth.

Personally, I’d be happy with a web browser that doesn’t make me jump through hoops to access a HTTPS site with certificate errors on a local IP address.

I don’t care if 192.168.1.1 is using a self-signed certificate. I just want to configure my fucking router.

If you’re concerned about power, I don’t see any reason it should matter at all where you have your cameras, as long as your PoE switch is rated to supply your cameras. If your NVR has some kind of built-in PoE switch, then you can probably avoid having a second PoE switch for your cameras by co-locating them in the same network closet, but PoE switches are so cheap, I’d say set it up however it’s most convenient for you. To answer your question of “is it possible,” it absolutely is. I’m doing something similar. I have a lot of cameras, but two of them are PoE and are quite a distance away from my NVR server. They feed into a PoE switch that connects to a second switch that acts as the main switch for the building. That switch has a fiber connection to a third switch that lives in my server rack, and that switch has a DAC connection to my DVR server. They work just as well as the ones plugged directly into my rack switch.

The only real concern I see is bandwidth. If your cameras and NVR are on the same switch, you’d avoid having to pass the data from the cameras out across your network to the switch that has your NVR. For 4 cameras, though (even at 4k), your total bandwidth is going to be far less than what even a 1GB network can handle. It’s very easy to saturate a switch, though, so this is going to depend largely on your network topology and what you’re using your network for.

I would highly encourage you to keep your IP cameras on a separate VLAN, though. IP cameras all have a tendency to want to “call home,” and while that might just be for something as simple as checking for firmware updates, I don’t want my cameras connecting to anything outside my network without my permission.

Got my two CRS310s, set them up, and they’re working well. I’m amazed with how configurable they are in comparison to my old Zyxel switches.

I’m not sure I’m setting up VLANs correctly, though. There’s an option to set up VLANS under Interface or Bridge. I have several ports that pass more than one tagged VLAN, and as far as I can tell, that’s only possible on the Bridge. So my Interface -> VLAN setup is completely empty, and my Bridge -> VLAN setup contains all my VLAN assignments.

I’ve researched this a bit, and it seems like I’m doing it the right way, but I’m a bit concerned I’m passing the VLANs off to the CPU instead of the switch chip. This is the first switch I’ve used with this kind of VLAN setup. Am I on the right track?

Also, my 1GB SFP modules only work if I disable Autonegotiation; then they show as “Up,” with all the lights on, even if no cable is attached. Not a big deal really, but strange. I don’t have this issue with my 10GB SFP+ modules.

Sounds like a solid plan. I’m glad I could help.

I understand what you’re saying. As far as using your school account to sign in to Microsoft Office, the fact that you use a school account should not make a difference in terms of privacy. If you’re using Outlook and Teams for school, just don’t use them for personal things, and you should be fine. If you’re using the web versions through a web browser, then you have nothing at all to worry about. If you actually install the apps, you still likely have nothing to worry about, although I would make sure they’re at least signed out and closed when you’re not using them. You don’t want to accidentally send a message to your school’s Teams group when you’re drunk and watching YouTube videos at 3am.

As far as “enrolling in your school’s environment,” I’m afraid I don’t know what you mean by that. I know that some companies will install corporate nanny-ware on systems that they issue out to their employees (you’ve probably heard about CrowdStrike), but if you’re using a personal laptop for school, that’s not going to happen unless you hand it over to the school’s IT department and say “please fuck up my computer.”

Most likely the “cloud” file you see in your documents is a Microsoft OneDrive account that comes included with your school’s Office subscription. You can use it as a backup for schoolwork, ignore it completely, or just uninstall OneDrive. I like keeping my important stuff on local storage, but if you want a place to back up a project, go ahead and use it. Maybe don’t copy your porn stash over to your OneDrive account.

I am a strong advocate for keeping things separate on your computer. Not necessarily from a privacy standpoint, but more so just to keep everything tidy and easy to manage. If I was just using Teams and Outlook, maybe logging into an online portal, I’d probably just do exactly that without a second thought. If you find that you’re installing a lot of different applications for your studies, like I mentioned before, you might consider setting up a VM. A VM (Virtual Machine) essentially acts as a second computer within your own. You would install a hypervisor (I’d recommend VirtualBox for you), and inside the hypervisor, you can create separate “virtual” computers. You install your operating system, boot up the virtual machine, and use it just like you would a whole separate PC. When you’re done, you shut it down, and when you no longer need it, just delete the VM, and your PC isn’t cluttered with a bunch of stuff you don’t need. The “hard drive” for your VM lives in a single file, and once that file is deleted, it’s as if your virtual machine never existed. One way to think of it is like building a house inside a room in your own house. You still have a bedroom, a kitchen, bathrooms, and a living room. Only in this “virtual” house, you can paint the walls, throw parties, trash the carpet, invite hobos to live on your couch, whatever you want. When the house gets too trashed to live in any more, you just hit “delete” and it disappears; the actual house you live in is still in pristine condition.

So just as a summary, my opinion is just use your computer normally. Log into whatever school resources you need and don’t worry. If you need to install a whole bunch of school-related stuff that you don’t want cluttering up your PC, set up a VM.

It’s probably also worth noting that your school almost certainly isn’t trying to damage your computer or catch you doing something you want to keep private. They’re providing resources (a free Office subscription, for example) that they think might help facilitate your studies. You can use those resources, or not, but your computer is still your personal property, and your school isn’t trying to infringe on that.

I just ordered two CRS310 switches. https://www.amazon.com/dp/B09W7WBQ77

Reviews say that it’s a bit loud, but I can do a fan swap if I need to. It’s otherwise exactly what I need and will still have a few ports left over for the future.

I had no idea. Microtik is definitely new to me. For a long time, I always used surplus or recycled enterprise-level hardware, and that usually ended up being Dell, HP, or Cisco. When I did my most recent upgrade, I replaced most of that with Trendnet or TP-Link; it just made more sense, and I recognized the brand names.

The fact that Miktotik has a CLI at all is kind of a plus to me, even if it’s horrible. Regardless, though, my network setup usually consists of Factory Default Settings -> Assign a Static IP -> Configure port-based VLANs. It’s not particularly advanced. Most likely I wouldn’t even need to use anything other than the web-based management interface.

I really appreciate the suggestion. Microtik makes a few switches that would work perfectly for me, but I had written them off as a “random white-label brand.” I think I’ll probably be replacing my Zyxel switches with Microtik.

The homelab community has always been one of the friendlier ones that I’ve been a part of, even back when I still used Reddit. I can’t speak for the whole community, but most of us are always happy to help if you ever have any questions about homelabbing, networking, self-hosting, whatever.

I haven’t used the Omada switches, but I’ve had good luck with TP-Link in the past.

Switch fans are almost always going to have some level of noise. The smaller the fan, the faster it has to spin to match whatever the target airflow is. I did a fan swap on one of my Dell switches a few years ago, and while it did help, it took it from “profoundly annoying from behind a closed door” to “it’s not too bad if there’s TV or music on.” The Omada switches look like they might be a good solution, though.

I’ve used WiFi routers as switches in the past, but it just kinda makes sense to buy something a little more purpose-built if I’m already buying new hardware anyway.

Even using a PfSense box, managed switches do matter. While I’m not using any of the routing capability on the switches (if they even have it), I still need to be able to assign switch ports to a specific VLAN. I can connect a “dumb” switch to a VLAN-aware port on a managed switch, and every port on the dumb switch essentially becomes a member of the parent VLAN. In my case, though, the switches I need to replace each have multiple VLANs that need to be assigned to specific ports.

I have. The two PowerConnect switches I have were both ebay purchases, and I used them for quite a few years. The problem with buying “high-end” old surplus equipment for me is just the size and noise. It works great in my server rack, but not really in a habitable living room or office.

I’ve actually seen a few Microtik switches that meet my needs, but to be entirely honest, I’ve never used Microtik before, and I was a bit hesitant based on that. If you’re running one in a location that hits 40c, that’s already far above what I’d be dealing with. My hottest location only gets to about 30c (86f), and I’ve had trouble with my Zyxel switches even lower than that.

I’d actually prefer a switch with nothing but SFP+ ports. I’m going to wait and see if I get any more feedback, but if you’ve had good experience with Microtik, I may give them a try.

Asus RE-BE88

Not a bad suggestion, but it doesn’t really work for me. I already have a Unifi system for my WiFi, and I use PfSense for routing, so I’d be disabling half of the features. Plus, for the same cost, I can just buy another of my “main” 16-port SFP+ switches, which is kind of what I’m trying to avoid.

You may need to elaborate a bit more on what your are trying to achieve; it looks like your post is missing a bit of backstory. It sounds like your concern is keeping your personal business and school activities separate, though.

• Switching away from Google is overall a good thing for privacy, but if your goal is privacy from your school, not from Google itself, it makes no difference who you want to use for email.
• Creating an additional account on your PC is not detrimental to privacy; in fact, some might argue that having a separate account for separate tasks is actually a good thing. I have multiple accounts on my servers, depending on what/who needs to log in. It doesn’t hurt to do the same on a desktop PC or laptop.
• Simply accessing school resources on your PC isn’t going to send the school your personal information, browser history, pirated movies, whatever. Clear your browser cookies between sessions if you’re concerned. Better yet, just set your browser to automatically clear cookies when you close the window, and make sure you exit the browser when you’re done with school work.
• Do you really need to use your school e-mail for anything other than school? I have a work email, but I only use it for things that are directly related to my job.

What you’re saying doesn’t really make a lot of sense. A lot of people here are probably happy to help you out, but you’ll need to be a bit more clear on what your goal is. I get the impression that you’re concerned about your school having some kind of privileged access to your computer because you check your school email and work on school assignments using personal computing resources. That’s not something you need to worry about; it’s really not how technology works. Logging into your school’s online portal doesn’t give them access to your files any more than buying something on Amazon.com lets Jeff Bezos browse your system.

If you’re really, REALLY concerned about privacy, just set up a VM using VirtualBox (it’s free and easy) for school stuff and continue to use your computer as you would normally. If you’re already comfortable re-installing Windows, then you absolutely will be able to set up a simple Windows VM. To be clear, I wouldn’t consider this necessary, but if you want to do it for peace of mind, then you have nothing to lose.

This situation becomes vastly different if you have a company or school-issued computer. In that case, then I wouldn’t use it for anything other than strictly business (or school)-related activities. Given the fact that you’re able to reformat and add/remove accounts, though, it doesn’t sound like you’re using a computer managed by an IT department.

On a side note, if your school did some how manage to gain access to your personal computer without your permission, find information that was detrimental to you, and somehow use it against you, I would ask you two things:

• What the hell kind of school are you going to?
• Do you like money? Because you and your lawyer are going to get a lot of it.