<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Running my own email services is just one reason, but even then
my MX ingestion is done outside my home network and it only
funnels down to me for storage (IMAP). I also have several web
servers running along with an OpenPGP keyserver cluster. Granted
the web servers actually aren't accessed directly through the
static IP addresses I have either. For me the main reason for the
static IP addresses is the site-to-site VPN connections which
require static IP addresses for my GW endpoint. I have 2 Cisco ASA
firewalls terminating site-to-site VPN connections. 1 ASA is going
back into my employers network for me to work from home, the other
is terminating into my AWS VPC. My websites are then serviced by
connections hitting Cloudfront with the AWS ALB as the origin with
my web servers on my home network in the appropriate target groups
reached via private IP address over the VPN connection. Cloudfront
caches the content on the edge and limits the amount of round trip
traffic that actually has to go over the VPN. <br>
</p>
<div class="moz-cite-prefix">On 3/4/2019 10:05 PM, dev null zero two
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CABmokzDYrmUtPgMnnUaDr0FN=YE0HgY8n1ZKYejDwSYkR3RDWA@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<div>
<div dir="auto">a couple dumb questions:</div>
</div>
<div dir="auto"><br>
</div>
<div dir="auto">why do y'all host email at home other than for
learning / lab purposes?</div>
<div dir="auto"><br>
</div>
<div dir="auto">why do y'all need static IPs aside from email
server purposes when dynamic dns works so well nowadays with
cloudflare for instance?</div>
<div dir="auto"><br>
</div>
<div dir="auto">most next gen firewalls can take DNS in place of
IPs for ACLs and rarely does any commercial internet facing
service have just one IP address in any case (anycast, load
balancing, etc)</div>
<div><br>
<div class="gmail_quote">
<div dir="ltr" class="gmail_attr">On Mon, Mar 4, 2019 at 9:58
PM Jeremy T. Bouse via Ale <<a href="mailto:ale@ale.org"
moz-do-not-send="true">ale@ale.org</a>> wrote:<br>
</div>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<p>I just dumped my Comcast Business Internet and Comcast
Residential Cable service at the first of the year. At
that time Comcast was raising the rate on the monthly
router lease which I only begrudgingly got because they
said that was the only way I could get a /29 static
subnet so I was paying for the 50/10 internet service,
the modem and the static IP block. I went with AT&T
GigaPower fiber. I'm getting 995/956 as of my last speed
test yesterday. So to address Joey's comment about it
not being fiber to the side of the house, I can claim
with 100% certainty that I have fiber all the way into
my second story room where my router sits as I watched
the tech run the fiber up to the box and plug it all up.
Then again the ADSL service I had years ago before going
with Comcast was delivered over fiber to the beige box
in my neighbors yard across the street where it went
from the ONC to copper to the side of my house, but in
the past couple years AT& brought the fiber the last
25-50yards give or take to the side of the house. <br>
</p>
<p>So far in the 2 full months I've had the service I've
had no outages and I'm pushing TBs up and down through
it. The only port blocking I've encountered is their old
grandfather's firewalling of 25/tcp outbound but nothing
stopping ports inbound so far that I've found. I have
the same /29 subnet worth of static IP addresses at $10
less per month than Comcast and AT&T doesn't charge
a monthly fee for the router and the installation fee
was waived for me. I'm currently paying half what I paid
for Comcast and have over 20x the bandwidth. I was
paying $150 to Comcast for the Business internet and
they were raising that so I went with AT&T for $75 a
month.<br>
</p>
</div>
<div text="#000000" bgcolor="#FFFFFF">
<div class="m_-8881248086436442406moz-cite-prefix">On
3/4/2019 7:24 PM, Jeff Hubbs via Ale wrote:<br>
</div>
<blockquote type="cite">
<p>After many years at the status quo (AT&T UVerse
and POTS land line) I'm finally looking into a rework
of the home telecomm situation.</p>
<p>I have two main drivers that are forcing the
decision:</p>
<ol>
<li>Even after the shortest of power outages, upstream
UVerse service goes dead and stays dead for 10-20
minutes. This was not always the case but in the
last few years it's been the "new normal;" my wife
works at home via VPN enough that that's a problem,
and it's no good for me either. Yes, I have UPSses
out the wazoo on everything and it doesn't matter.
I've tried to get through to AT&T by phone to at
least get the problem acknowledged but that's been
impossible.</li>
<li>There's a good chance I might be leaving town for
my next job for an unknown amount of time, but that
won't mean that I'll stop being the "IT guy" for the
house; I will simply *have* to be able to shell in
from the outside. If there is such a thing as a
"reflector" service that sits on the Internet - even
if it's my own server somewhere - that gives me a
way to tunnel in reverse through some kind of
connection that's initiated from inside the house, I
don't want to be dependent on it.</li>
</ol>
<p>Being able to run my own Internet-reachable web and
email servers in the house is anticipated but is
secondary to those two main drivers. </p>
<p>It is my understanding that only AT&T and Comcast
serve my street. <br>
</p>
<p>I've spoken to a rep for Comcast Business and they're
telling me that within reason (with respect to
affected region(s) and length of outage, I presume)
their service will remain unaffected by power outage.
That handles 1. above, and they also offer as few as
one static IP address which should be sufficient to
handle 2.</p>
<p>I have not yet called about any of AT&T's
business residential offerings but when I got a flyer
in the mail about some kind of fiber service being
available in my neighborhood and called to inquire, I
couldn't get anything even remotely like a straight
answer but the upshot was that no, the fiber service
wasn't available to me. I'm quite rather done with
AT&T, to be honest.</p>
<p>Comcast says they can give me a VoIP-like service
that can optionally use my old phone number. I'm
undecided on that; the phone rings with random
robocalls and other solicitations 3-5 times a day (Do
Not Call list notwithstanding) and there are only 3
living persons whom we know who ever, *ever* call that
line.</p>
<p>We would like to have a TV service with DVR available
and it's my understanding from talking to Comcast that
it would have to be Xfinity piggybacked on the Comcast
Business service. It would be either that or satellite
to still have DVR. I've never dealt with satellite
service before but the houses to either side of us
have it. I've built an HDTV antenna and mounted it in
the attic but I haven't completed the cabling to know
for sure how well it will work, and if we went that
route, there'd be no DVR unless I went the whole
MythTV (or equivalent) route and I'm really not
willing to try that again.</p>
<p>I'm all (rabbit) ears, so let your replies rip. <br>
</p>
<p>- Jeff<br>
</p>
<br>
<fieldset
class="m_-8881248086436442406mimeAttachmentHeader"></fieldset>
<pre class="m_-8881248086436442406moz-quote-pre">_______________________________________________
Ale mailing list
<a class="m_-8881248086436442406moz-txt-link-abbreviated" href="mailto:Ale@ale.org" target="_blank" moz-do-not-send="true">Ale@ale.org</a>
<a class="m_-8881248086436442406moz-txt-link-freetext" href="https://mail.ale.org/mailman/listinfo/ale" target="_blank" moz-do-not-send="true">https://mail.ale.org/mailman/listinfo/ale</a>
See JOBS, ANNOUNCE and SCHOOLS lists at
<a class="m_-8881248086436442406moz-txt-link-freetext" href="http://mail.ale.org/mailman/listinfo" target="_blank" moz-do-not-send="true">http://mail.ale.org/mailman/listinfo</a>
</pre>
</blockquote>
</div>
_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org" target="_blank"
moz-do-not-send="true">Ale@ale.org</a><br>
<a href="https://mail.ale.org/mailman/listinfo/ale"
rel="noreferrer" target="_blank" moz-do-not-send="true">https://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo"
rel="noreferrer" target="_blank" moz-do-not-send="true">http://mail.ale.org/mailman/listinfo</a><br>
</blockquote>
</div>
</div>
-- <br>
<div dir="ltr" class="gmail_signature"
data-smartmail="gmail_signature">Sent from my mobile. Please
excuse the brevity, spelling, and punctuation.</div>
</blockquote>
</body>
</html>