A New Direction

I am partially un-retiring and have decided on a new focus for Kobayashi Computing. Beginning immediately, I will be available on a limited basis to help solo entrepreneurs (Sole Proprietors and Single Member LLCs) navigate the modern IT jungle. I can help with such tasks as registering domain names; creating accounts with email providers, online backup vendors, and other cloud services; and managing networking and IT devices in a home-based business environment.

If you or someone you know is looking for this type of help, please contact me so we can determine if working together would be beneficial.

In light of the above, this site will undergo a major renovation in the – hopefully – not too distant future.

Routers for Home or SOHO

During my work with clients over the past 14 years (14 years!), I’ve installed and configured a lot of different consumer (home) and SOHO (small office/home office) routers. I’ve finally just recently found one that I now happily use and can wholeheartedly recommend.

Before we get to that, let me briefly explain what a router is and what it does for those who don’t know or aren’t sure. (If you know what routers do, just skip to the next paragraph.) Routers are devices that connect you to and protect you from the Internet. A router sits “between” your home network, known as a Local Area Network (LAN), and the Internet (which is a Wide Area Network, or “WAN”). Your router provides IP addresses for your local devices, and manages their connections so that each device gets the correct returning traffic. Many routers include WiFi capabilities. Finally, most consumer and SOHO routers include a small (usually 4-port) “switch”, which allows you to connect a limited number of wired devices, one of which is almost always a larger switch. Most cable modems and DSL modems have router capabilities built in, but I always recommend a separate router because: they provide more functionality; and, if you change providers or need to replace your modem for some other reason, you can use the same router that already has all of your customizations such as DHCP reservations or special firewall rules.

And the winner is: the Netgate SG-1100. (Note that this is not an affiliate link, and I get no considerations – money or otherwise – from Netgate; I am just a delighted customer.) I recently purchased one for our home, from which we run our businesses, and which has 3 separate LANs (each with its own address space). I also purchased a year of tech support, as the SG-1100 has only 3 Ethernet connectors – WAN, LAN, and OPT – and I thought I might need some assistance configuring our 3 networks on two connectors (LAN and OPT; the WAN is used to connect to the cable modem). I did, they were great, and more on that in a minute.

For the past year or so, I’ve been using as our router/firewall an old PC running a freely available, community-supported, open-source router/firewall/VPN solution called pfSense, which is also available to download from Netgate. As far as I can tell, it is almost identical to the software that runs on their hardware, with a few exceptions for managing their hardware or providing additional, esoteric functions. I initially started using pfSense when I was looking for a solution with actual IPv6 support that didn’t cost more than $1000. This worked well, and I’ve been pleased with it.

The reasons I wanted to purchase a purpose-built pfSense device (i.e., the SG-1100) to replace the aging PC running the open-source version are three. First, the PC is aging, and will undoubtedly fail at the worst possible time. Second, I wanted something smaller and that would consume less power than the old PC. Third, I wanted something with hardware that supports Intel’s Advanced Encryption Standard Instructions (AES-NI) (the old PC didn’t, the SG-1100 does).

As I mentioned before, the one thing I was unsure about was how to get three networks to run on two connectors. The answer, of course, is tagged VLANs (note that using tagged VLANs with this router also requires a switch that supports tagged VLANs). The support that I purchased with the new device is “email only with less than 8-hour response.” So, I created a help ticket on their support system asking how to convert my old configuration (many DHCP reservations, a couple of custom firewall rules, and some port mapping) from the PC to the SG-1100 (that’s the short version; the long version is a story to tell over a cup of coffee or a beer). I got a response is way less than 8 hours – more like less than an hour – and they actually offered to convert a backup from my old system that I could restore to my new SG-1100. I sent them the backup, they sent the converted file, and it worked like a charm. And all of this happened within the first 8 hours after I submitted the help ticket.

pfSense is probably overkill for most home networks, and the SG-1100 does not include any WiFi capability (I prefer separate WiFi access points anyway). However, at a price point well below most of the “high-end” home routers, a tiny footprint (4.5″ x 3.5″, and about 1.25″ tall), and less than 4w power consumption at idle, this is well worth looking at. If you’re an enthusiast, manage a small business network, need good VPN support (IPsec, PPTP, and OpenVPN), or want excellent IPv6 support, the Netgate SG-1100 is the cat’s meow.

Email: ISP, Free, or Paid?

If you’re reading this, there is an almost 100% chance that you have an email address, and that you use email at least occasionally. It’s more likely that you use email every day, and you might even have more than one email address. But have you thought about the ramifications of where you got your email address from? Most normal people don’t really think about it, but they should. Some people might not even know that there are different ways to get an email address or account.

The most common way for people to get an email address is from their Internet Service Provider (ISP). When you sign up for Internet service, you get an email address assigned to you. You may or may not have any control over the first part of the address – the part before the “@” sign – but you won’t have any control at all about the domain name – the part after the “@” sign. For example, if you have Comcast, the email name that they provide ends with “@comcast.net,” and the first part is the “name” of your account. Other vendors use a similar approach, where the domain name part (again, the part after the “@” sign) identifies the provider.

These vendor provided email accounts are provided “free” and many people use them. They provide basic email with few extras, and generally they work okay. The real problem arises when you need to change your Internet provider for some reason. Maybe you move to another area of the country that is not served by your provider. Or maybe you get tired of the cost or customer service or performance of your provider and decide to switch. Whatever the reason, if you change providers, you lose access to your old email address. Not only do you then have to go through the pain of distributing your new email address to friends and family, but you also have to change the address with all of the vendors that use it to send you notifications and updates (your bank and credit card companies, among others), or that use it as an identifier (Amazon.com comes to mind, but they are legion). So I generally advise people to not use an ISP provided email account.

One alternative to ISP provided email accounts is to create a free account with Microsoft (outlook.com) or Google (google.com). I recommend sticking with one of the “big two” for a couple of reasons. First, they are unlikely to go out of business and leave you in the situation of having to change email accounts (see paragraph above). Second, they handle so much mail that their malicious mail filters (for spam, phishing, and other nefarious types of email) do a pretty good job. These free accounts avoid the problem of changing ISPs, but you’re still stuck with their domain name, which also means you might not be able to use the “name” (the part before the “@”) that you want. For example johnsmith@outlook.com is almost certainly already taken, and I’ll bet your name is, too. Still, if you can come up with a creative and clever name, you might be fine. These email accounts are fine, and I recommend that everyone create one to use as a backup, at the very least.

Another alternative to ISP provided email, and the one I recommend for people who are willing to spend a little bit of money on their email account, is to register your own domain name (again, the part after the “@” sign), and then create your email account in that domain. Domain names are relatively inexpensive – .com, .org, and .net domains are typically about $13 per year to register. Once you have your own domain, you set up an email hosting account with a provider (Microsoft and Google both offer full-featured email hosted on your own domain, but there are other vendors as well (some of whom re-sell Microsoft or Google services)). Then you can create whatever “name” you want (well, within reason), and, as long as you pay the bills for hosting and to renew your domain name every year, your email address never has to change.