It would be nice if this strategy got more attention in general. Especially when combined with an nginx reverse-proxy on the remote machine to control reasonable timeouts when the connection is down and cut out the round-trip for TLS handshakes or any cached stuff, this can yield a surprisingly usable hosting mechanism.
Yeah, I really, really did not expect to get this option any time soon. (Cloudflare → Nginx on a cheap VM → SSH tunnel → self hosting on your server) has an awful lot of good things to say, including having physical access to your box. I might not be racking up that 1U if I’d had this option a while back. I should do some experimenting with that sort of arrangement.
Of course, I can also use my 1U box as a bounce point for that sort of thing, but… not sure why I’d do that, the box is loaded for hosting.
36h or so in, general feel:
It’s certainly fast, but right now, it’s somewhat better for “quick transfer” traffic than sustained long duration flows. There are glitches I see with SSH, where packets are dropped and screw up my tunnels, and sometimes tunnels just break. Not a big deal if you have them in a reconnect loop, but definitely makes longer running transfers a bit trickier. And, this is absolutely a beta, so I’ve no real problems with that. I wasn’t promised high reliability internet, and it’s certainly nice to sync updates and such down at 5-8MB/s vs the 1-2 I normally expect. I mean, right now, it’s reporting 90/15 in some tests… blinks
The base is absolutely stable. It’s sitting in my not-lawn on the septic field, and despite some pretty stiff winds, it doesn’t go anywhere. I’ll need to anchor it a bit better once I have it on the shipping container, assuming I can get clear enough skies from there. It’s looking to the north, which I certainly wasn’t expecting… and if the shipping container doesn’t work, I’ll find another spot. But I’m pretty sure I can get a clear view from there, maybe raising it up. It’ll tell you if it finds obstructions, and as a secondary connection, I’m OK with a bit more glitching.
But feels very beta, which… it being beta, no surprises there! It’s an improvement in most ways on our existing ISPs, and I’ll replace one, but I’ll probably switch the higher bandwidth WISP back to primary use, because it doesn’t break my SSH tunnels nearly as often, and those are kind of important.
Tailscale might be worth a try—I’ve only used it a bit, but reading about their implementation leads me to believe they would do a good job with transparent-seeming reconnections. Combined with SSH KeepAlive you might be in good shape, but Tailscale might obviate the need for your SSH tunnels altogether.
Interesting… I’ve not run across them before - I’ll take a look! Thanks!
Tailscale builds you a point-to-point set of Wireguard tunnels between all clients you install it on. They’ve got some good people working on it (Brad Fitzpatrick, Avery Pennarun) and their engineering blog is very interesting, e.g. How NAT traversal works.
Sounds like, as expected, not quite ready since you have a decent and fairly reliable WISP, although lower bandwidth. That reliability is a more important, at least for your daily work. Probably fine to switch your house over to Starlink though, for any streaming bits or what not that you’re wanting to do.
That Tailscale looks interesting. Not sure if it’s directly that useful for me, but suggested it to my work as a solution to possibly look into, to see if it better meets our needs rather than traditional VPN stuff.
Might be a different thread, but what are you looking to do with VPN? I’ve used Outline a good bit (Shadowsocks based), but I hear good things about WireGuard.
Probably could do another thread, but for me it’d be VPN back to home when I’m out (currently pretty rare, but future more so) for using my NAS resources, or controlling my home automation (currently not exposed to the Internet, thank you very much!), like I want to turn on some lights when I’m on the way home or what not. Or viewing the security cameras or what not.
So right this moment, nothing too particular. But ideally I’d like to have some.
And yeah, WireGuard seems to be the way to go if you don’t need all the integrations/auth options/etc that come along with something like OpenVPN/etc server. Lots of options and configurations, lots of power, but for 95% of most of us, although maybe a good bit more in a corporate type environment, way overkill of software to use.
I’ve run hurricane electric ipv6 over unstable connections and it seemed to smooth out some of the bumps. I assume something like tailscale would do similar.
Power #s, rough estimates based on a Kill-A-Watt and “dorking about with speedtests.”
Idle: 85W-110W
Receiving: 90-115W
Transmitting: 95-140W
I’ve got it logging power used and will keep track of that for the next day, but I expect on the order of 2-2.5kWh/day with “general purpose use.”
Little Dishy is getting yoinked from my office power systems, that’s for sure. It uses far more power than the rest of my office combined idling, and is actually pretty rough on the battery bank. Even with “infinite power” level sun, I’m down to 65-70% guesstimated pack SoC in the mornings, vs 85-90% with just idle loads. Even leaving a NUC running BOINC tasks isn’t as power hungry as Dishy overnight. Whoof.
That is idling way too high - I wonder if that’s “we haven’t gotten around to power consumption” or a “this thing sucks”. I guess you could have it connected to a switch and turn it off when not using it.
Out of curiosity, what is the boot time of the unit, from power off to stable transmission/reception?
Idle is probably so high because it needs to keep all the antennas/etc powered up and confirmed pointing the beam correctly, so there’s probably a small bit of transmit pretty regularly. Either that or it’s that the receiving processing still is happening quite a bit, it’s just traffic not destined for this end-user station, so it drops it. Which is why Idle vs Receiving isn’t that much different. It’s always “receiving”, even if there’s little to not traffic destined for the station. Just when traffic is destined for it, there’s a bit of extra horsepower in receiving/decoding it past the RF state of receiving, and then “is this for me or not” filtering.
Also probably getting a fair amount of regular updates for “here’s the ephemeris of the satellites, and the next one you’ll be using”.
It’s fairly fast - on the order of 2-5 minutes when I power cycle it, and does a decent job of keeping you updated as to the status.
I can understand why it’s using a lot of power to aim a beam with a ton of phased array processors, just… it’s a lot of power for an internet connection.
Alright. 24h of operation for Dishy. 2.25kWh based on the KAW, +/- 0.2% if I believe the box.
So, for me, about an extra $82/yr to operate it.
That’s still a crapton of power usage. But hey, for many/most people who get it, it’s a revelation of more than dial-up or barely usable DSL or limited Geo-Sync satellite. So well worth it.
When it works. We’re switching back to our terrestrial link as a primary, and at some point here I’ll grab power numbers from it.
It’s a heavy cloudy day (coming into a heavy cloudy week), and I just don’t have the spare power on my office to run it. Plus, even my wife has noticed how glitchy it is… but I’ll toss it up as the secondary. It’s certainly a nice bulk transfer connection for now.
I was more talking about other folks, not you which actually has accessible decent enough reliable internet availability.
And also more the future increasing reliability, as they get more and more satellites up.
Well, committed…
Cancelled our backup WISP connection, using Starlink for that now.
Retrieving speedtest.net configuration...
Testing from Starlink...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Cutting Edge Communications, Inc (Spokane, WA) [32.78 km]: 98.594 ms
Testing download speed...
Download: 142.19 Mbit/s
Testing upload speed...
Upload: 22.52 Mbit/s
Speeds vary rather wildly, but they’re consistently faster than the 5/1 backup I had.
Now to work out some tunnels and VPN configs for routing traffic through it, since I’m behind CGNat.
It still sucks for SSH, though. Connections just keep getting broken.