Messages

Could it be from our "friends" on another project? Wouldn't be the first time, so history might repeat itself here.

Well, that's a mess happening in Linux too, many a video on the subject reading out the mailing list. Too bad, their loss, and thank you for the past work.

Will OPNsense fork BSD so that they can add in the work that's important (and being ignored), or will they continue using the main branch? Are any of the current forks worth moving towards for OPNsense?

Too bad the amount of work to move to Linux is on the scale of extremely large, moving to Debian or Alma might be worth doing as BSD will continue the slow march to obscurity. Just waiting for Broadcom to buy up all of BSD, we know where that would go. If it can be done to Redhat and Centos, it can be done to BSD, and Broadcom would do Broadcom things. Remember when Oracle did part of that? Those were the days.

The data centers are not employing people, least of all locals.  That's a lie.  They're bringing in experts to set them up and then they run autonomously more or less.

Now if the politicians throwing money at these projects would listen to this, one of the great selling points would be lost.

Different company. Microchip's market overlaps little with Micron (or TSMC). As far as Arizona water, agriculture far exceeds any other use, and it's mostly for cotton, I believe. They have management issues beyond semiconductor manufacturing.

Oops, you are right.

One thing people are not factoring in when they throw money at the plants that are going to hire "many" local workers is the cost of power, we don't have enough as it is, and these fabs and more importantly these AI datacenters are going to cause problems. When datacenters are no longer rated in compute or storage power, now they are rated in megawatts of power used, and gigawatts are being discussed. We don't have the surplus to operate these systems, and no one is building nuclear fast enough to accommodate the construction. Also I generally do not see drawings of these new datacenters with the roof covered in solar panels.

I see this as the rise of RAM produced in China. Make a vacuum and something will fill it. They still need ram for the RISC V processors that they are trying to switch towards to create independence, so they will make ram to fit in their infrastructure. Slow process but they are already starting down this path with RISC-V.

And once that country tools up and starts producing good quality product, the strategy of selling only to volume customers may backfire on Micron. Remember that Micron is building multiple new fab sites in the USA, and while they are getting huge amounts of subsidies from the governments, ultimately this will cost them money to build. And yet they closed the Arizona plant because they had too much capacity in other plants? https://www.abc15.com/news/business/microchip-to-close-arizona-facility-amid-cost-concerns

Now what I can't find is the proof that the Arizona plant really closed, and I have my guesses at why they would close this place and TSMC would build in the same state. Problem is that making and etching silicon takes a lot of water, and stable bedrock, not sure why either would build in a desert and near a large and active fault line. https://www.restonyc.com/how-many-gallons-of-water-does-it-take-to-make-a-chip/ https://www.weforum.org/stories/2024/07/the-water-challenge-for-semiconductor-manufacturing-and-big-tech-what-needs-to-be-done/

Here is what the NY plan looks like, you can see 4 WWT buildings and I assume these are waste water treatment buildings. The selection of the location was based on access to lots of clean water, and lots of electric power. https://townofclayny.gov/sites/default/files/2025-10/Micron%20New%20York%20Planning%20Board%20Presentation_10.08.2025_FINAL.pdf

We will see what happens, but there seems to be conflicting statements around this whole build. I think they just wanted to dump all the hassles that come with consumer products and consumers. Just like when Lexar got sold off https://www.micron.com/about/blog/company/partners/micron-discontinuing-lexar

Sell the bulk chips to module builders and let the builders take care of the consumers.

Maybe NEC will come back from the obscure, I have a stick of PC100 ram sitting on my desk pulled from a dead device from more than 10 years ago. ST, Broadcom (shudders) and a few others could tool up in the next couple of years if they wanted to fill the void, but I think China will be faster to tool up, and will be "OK" enough quality to fill the immediate void. We'll see if I'm right.

If you really want to configure it this way, try this document:

https://www.zenarmor.com/docs/network-security-tutorials/how-to-configure-transparent-filtering-bridge-on-opnsense

Might be dated so things might have moved around a little, but should still work.

Not entirely sure why you would want this, what's the real world application?

And after that, how many ports do you have on your firewall hardware?

In theory you would need the following:

LAN
WAN
Management

ports if you want to do things the easy way. You can manage the firewall from the LAN (the default configuration). Many of us just make a maintenance network if we have an extra port and use it kind of as backup if the LAN port gives us a problem. And I've had to use mine when I did something that knocked out all my other ports, makes a good use of those onboard Realtek ports that a lot of us have, works good enough to get in and fix your mistake.

I have a single Wiitek 2.5g module, and so far it works OK and has less heat than the 10Gtek 10G copper modules I've been using. More testing as time goes, it is connecting my lab to a Moca 2.5 system. I also got a USB 3.2 adapter for my laptop and everything seems to be at 2.5g speeds.

The heat is definitely something I need to look at, also the power draw as this thin client only has a certain amount of power overhead for the cards.

I'll have to check my newer x520 cards and see if they support 2.5 and 5g, the older cards in my HP stuff did not, but most of them were Broadcom.

I may need to buy a few more 2.5g transceivers, I found a Wiitek on Amazon for $17, going to use this with a Moca 2.5 system and see how hot it gets in my switch.

That's one reason I like to buy that brand, generally they are unlocked. The x520 version was limited to 1g or 10g, but the x710 should habe 2.5 and 5g support if I need to run a copper module.

I just bought a couple Supermicro AOC-STG-i4S used (Intel x710 based) and I think I'm going to convert one of my HP T740 into a higher speed OPNsense for my lab, this will let me route between both of my lab networks at a higher speed, and the faster T740 should give better performance on the wan, my old T620+ doesn't seem to be giving full speed anymore.

Anything I should look out for on these cards?

Suricata does support multithreaded workflows, but it does not trap everything Zenarmor will trap. And I thought ZA had mulithread support in the paid versions higher than "home"? I'm working towards a contract for this as another contract sunsets (never give back the budget, find another tool to buy), and a big part of this purchase would be to get multithreaded performance and increase my maximum throughput.

Currently on a Xeon E3-1230v5 4 core 8 thread processor in the "high efficiency" or low TDP class from Intel (old Supermicro server repurposed). With a gigabit connection to a 2gb ISP I get around 500-600mbps download due to filtering, get around 900mbps upload (uploads are not filtered by ZA).

All that said, I'm trying to budget for an OPNsense DEC 2770, but that's going nowhere fast. I'll probably be looking at threads like these with more interest as time goes by, when I need to buy something different.

For 10g routing, I'd also be suggesting a modern i5 or comparable AMD processor, I don't think the n355 will have enough grunt to do what you want with a bunch of filtering. For Zen Armor single thread, clock speed is the only thing that really overcomes the limits, buy the fastest you can get.

Hopefully the fiber side of things will stay the same for you. It's not in my area yet, but I signed up for a wait list to let them know there is interest. Not much of a risk of spam, I'm already their customer for the cellular internet.

Do you work from home (and can prove it) or need internet for work purpose (company can prove it)? If so you might be able to get them to change you to a business account and still sell you a static IP. This is the process if you are using their 5G Cellular internet, business is able to buy a static IP.

Worth a try.

If you talk to the right person, they won't care about proving business and still set you up, I hear this happens a lot at the physical stores so you might want to walk in to your nearest and ask them.

As far as the fiber resources go, I'm not sure. The 5G accounts are all behind CGNAT and your streaming media accounts may give you fits with the constantly changing egress address and the multiple users egressing from the same address. Hulu basically won't work for me and getting ready to drop it.

I don't use the cloud threat option and did not see any slowdowns. I did try to go to several sites that said cloudflare was down and some of the tools we use at work did not function (due to cloudflare).

Starting to see the all eggs in one (few) basket theory happening, AWS, Microsoft, Google, and now Cloudflare. The cloud is great, until it stops working or you lose internet. What we need another good Crowdstrike bug to bring down a huge number of computers again, that was fun times for a lot of people!