For the past few years I’ve been building and maintaining website/blog at www.pragmaticcoding.ca. It’s mostly about programming, and more specifically it’s ended up having a lot of content about JavaFX with Kotlin.
Lately, I’ve been spending all of my time building out my own homelab and self-hosting the services that I need. I’ve got a little stack of M910Q’s running in a Proxmox cluster with an HP T740 running OPNSense.
Since I’ve been spending all - and I do mean all - of my time futzing about with this self-hosted stuff, I thought I’d try to add some content to my website to help people doing the same thing. My idea was to make it more “bloggish”, talking about the tricky things I’ve had to master along the way as I implement various services.
But I feel like there also needs to be some foundational content. Articles that explain concepts that a lot of people, especially people without professional networking experience, find difficult to grasp. So I’ve started working on those.
While I think of myself as mostly a programmer, my career (now, thankfully over) had me as an “IT Guy” more often than not. I spent 24 years at the same mid-sized company with a tiny IT department and simply had to get involved with infrastructure stuff because there was nobody else to do it. It was very hands-on at first, but as we grew I was able be limit my involvement to planning and technical strategy.
Since the mid 90’s, we went from self-hosted physical servers, to colocated servers, to colocated virtual servers to cloud servers and services. So I feel like I have the insight to provide help.
Anyways, this is the first article in this new section. I’ve seen a lot of people posting questions about how VLAN’s work and I know that it’s mystifying to many. So I wanted to push it out before I have the supporting framework put together on the website, and it’s just sitting there as the first post that’s not about programming.
My goal is to provide practical, pragmatic advice. I’m not particularly worried if some particular facet of an article isn’t 100% totally correct on some obscure technical level…as long as the article gives solid practical advice that readers can act on.
Anyways, take a look and let me know if you think this kind of article might me of use to yourself or other people getting started on self-hosting.
You must log in or # to comment.
Some VLAN-related nuggets that you may find useful for your post/blog:
- 99% of the time when people refer to VLAN, they’re talking about 802.1Q (tag-based VLANs). There are others (Such as port based), so it’s up whether you want to cover those as well.
- The word “Trunk” can mean different things, depending on vendor. In the Cisco world, it means a line/port carrying multiple VLANs. With many other vendors, such as Aruba/HPE, it refers to link aggregation which isn’t necessarily relevant to VLANs
- A lot of hardware still use VLANs even if none have been configured. For example, defaulting all switch ports to have an Access tag of 1 makes it behave like a dumb switch. This can cause issues later if you’re configuring VLANs elsewhere
- Anything non-vlany connected to a VLAN-enabled switch will have to be connected to a port with a default VLAN tag. This is usually referred to as an “Access port” or an “Untagged port”
- “How do I configure the switch to allow units on VLAN 123 to talk to VLAN 321?”. You don’t. Connect both VLANs to a router which will route between them. Either connect the router to both VLANs individually and skip the tagging on the router, or you can run a single trunk between the switch and the router which carries both VLANs. The latter requires you to configure VLANs on your router accordingly.
- It might make sense in many cases to have the VLAN tag the same as the last octet in the IPv4 subnet. Makes it easier to keep track of.
- A PC can implement VLANs on its network port, allowing you to connect to a trunk port and access several VLANs with one cable.
Source: VLANs have been an integral part of my career for 20ish years.
Step 0. Make sure your networking equipment can do vlans and subnets.
Given how much I paid for a “high end” consumer router, I just assumed ……
I get the security aspect of it, but in my case I can’t see a reason to go through the hassle. My smart switches talk to home assistant running on my server. I want new devices to be able to access the plex server without manual config. And my server is arguably the most sensitive machine on my network, so if I can’t protect that, I don’t think it’s worth protecting anything.
Do your smart switches talk to your HomeAssistant server???
Or does your HomeAssistant server talk to the devices?
It’s probably the latter, and in terms of network security the difference is huge. You can restrict your smart switches to their own, untrusted zone with no outgoing permissions and then give HomeAssistant access to them from its zone.
I would also argue that your personal devices and desktop computers are far more sensitive than your HomeAssistant server.
That’s a fair point. I think home assistant initiates the connection, but I’m not sure how status updates work from the smart switch to home assistant. Could be home assistant polling, web sockets, or the switch broadcasting.
I have my AP connected with a trunk link and configured to offer different SSIDs for different VLANs. I connect IOT devices to the IOT WiFi, and home assistant can see them since the machine running it is connected to that VLAN as well. Apart from the initial setup, this feels like less of a hassle, as firewall rules are already set up for this VLAN (no connection to internet or other VLANs). If I had to manually make sure that every new IOT device I add is incapable of talking to the internet, I think I’d go mad.
Tip: if you’re pluralizing and using an apostrophe, you’re doing it wrong.
JavaFX with Kotlin
mad lad.
what makes you snub Compose UI?
Compose is great for Android because it’s so integrated with the ecosystem. For desktop applications, JavaFX - especially coupled with Kotlin - is a clear winner to me.
I should point out that I don’t use FXML or SceneBuilder, but code all of my layouts in Kotlin. Kotlin features like extension functions let you eliminate 90%+ of the JavaFX layout boilerplate.
Back to Compose. Both Compose and JavaFX are Reactive GUI environments, although many (most???) people don’t realize that about JavaFX. But both environments take opposite approaches to Reactive design.
Compose, as the name implies, uses what I call “compositional reactivity”. This means that the actual layout is totally static, but is recomposed, in whole or part, in response to changes to the data representation of state. That code will look at the various State elements each time it runs, and alter the layout according to their current values.
JavaFX uses “Reactive Layouts” (my term, again). JavaFX has a comprehensive, yet extensible, collection of Observable data types and another comprehensive, yet also extensible, collection of Bindings to allow you to connect them together in any way that you can think of.
Every configurable element of every screen Node in JavaFX is expressed via these Observable values, meaning that they can be bound in some fashion - in either direction - to elements in the State data structure.
The result is that it JavaFX the layout code is run exactly once. But this layout code not only performs the actual layout, it also creates the bindings to State. After that, the layout behaves dynamically all my itself.
In JavaFX, layout composition is actually quite expensive in terms of performance, and recomposition is to be avoided if possible - and it is virtually always possible. I have seen people bitch about JavaFX being “heavyweight” and raggy, and I can guarantee you that those people are just doing a lot of recomposition.
The biggest challenge to programming, and I say this with more years of experience than most people reading this have been alive, is in understanding the underlying paradigm that governs whatever language or toolkit they are using. Unfortunately, you unlikely to open up a book or webpage and see, “The underlying paradigm of this technology is…”.
That’s especially true of JavaFX. It takes a LOT of time to realize the Reactive nature of JavaFX by yourself. Consequently, I don’t think that JavaFX gets recognized as the desktop application powerhouse that it is. As someone who has mostly mastered it, I’m constantly amazed at how trivial it is to build truely complicated applications with JavaFX.
yeah i get that.
generally most modern UIs are moving away from those reactive patterns (React, Svelte, etc) just cuz the composition can be optimized (Kotlin compiler plugin, shadow-DOM, etc), and a lot of people—myself included—find that declarative design easier to reason about. and yeah i guess i outed myself as an Android dev, but i can’t in good conscience recommend the node based Android XML UI lol (although that’s a different SDK).
anyway, not to yuck your yum. i played around with JavaFX back in the day but never made anything to speak of. i’ll have to check out more of your blog!
