Demarc 3.0

Back in the days of land-line phones, your demarc, or demarcation point, was the part of your house where the public utility phone network entered your home. Each outlet in your home connected here in what was called a POTS (Plain Old Telephone Service) network, and connected to one or more lines going out of the house. Frequently this was located near where power entered your home, and later, cable TV. This makes it an excellent point to retro-fit tech into a house that maybe wasn’t designed with nerds in mind.

I know this looks a little crazy, but in version 3.0 of my setup, its much, much cleaner than its ever been. To quote Morpheus, this is the core where we broadcast our pirate signal and hack into the Matrix! This diagram might be a little easier to read:

There’s some really cool stuff in this architecture that I’m pretty proud of. On one hand, its a modern 1gbps network, with distributed 802.11N WiFi, that can filter out ads and pornography, and support remote connections via VPN. On the other, it can also connect any device from the early 1980s to other devices, or to the Internet.

For the very oldest machines, a Raspberry Pi Zero, running the DreamPi image, connects to our home’s POTS network (long since disconnected from the public phone network), inducing the correct voltage, and playing back a dial-tone sound. A Python script on the the Pi listens for an old-school modem trying to dial out, then plays back the handshake sounds of an ISP, then continues to pretend to be a modem, bridging the device onto our network (and thus the Internet.)

For 90s and 2000s era Macs, either physical Ethernet or an old Airport Classic, provide an on-ramp onto our network. The Airport is configured with a whitelist of allowed machine IDs, so that it can run with only WEP security (since that’s the best it can do!) A Performa provides an EtherTalk to LocalTalk bridge, and a PhoneNet ring running around the basement networks the earliest of Apple and Mac computers.

For newer devices, that have always-on Internet connections, another Raspberry Pi runs PiHole DNS, which filters out ads, with OpenDNS upstream, configured to filter adult content. Dubbed the NetPi, it also runs an OpenVPN server, giving us the same safety when we’re away from home. The NetPi, and a little media PC next to it, also host Plex Media servers that share our content with our devices, no matter where we are.

With more of the Internet abandoning HTTP for HTTPS (whether its needed or not) and newer SSL cryptography ruling out connections from machines with lesser cryptography libraries, the NetPi will probably be pressed into service again running a SSL-stripping Proxy. I haven’t quite figured out how to do this yet, but I do have a RSS+Site Scraper utility running, which means I can still read a lot of content on older devices.

Although this one wall in the house is a little complex, the tech is effectively invisible throughout the rest of the house. Ben and I are working on a Raspberry Pi project using a PowerBook from 1999 as the programming terminal, but the 2019 home theater can also stream 4k content — all without touching or re-configuring anything. I can literally start a document on a Mac Plus, revise it on a Performa, print it from there, or pick it up off a combined AppleTalk/SMB share on the NetPi and publish it to the web from my 2019 Surface Laptop. In fact, I sort of just did…

Update: Squid SSL Bump Proxy running!

Leave a Reply

Your email address will not be published. Required fields are marked *