I’ve only been running a few services like AdGuard Home so I can’t speak to very heavy loads. I’ve had no issues with it. I probably wouldn’t run my Plex server on it but any regular network services should be fine.

I have mine sitting on a wire metal shelf so it gets plenty of air flow. I did misconfigure the Unbound DNS server to recursively query itself and CPU load was at 100% for several hours. I noticed it was warmer physically but it was not hot enough to give me any concerns. Still well within what’s safe to run.

It depends on your goals and what you mean by HA. Do you have multiple Internet connections at your home to utilize?

If you just want to make sure you can use the Internet if one of your ISPs go down, then yeah it sounds like the gateway group + failover is the way to go. Just know that existing connections are going to break because they’re associated with a different WAN IP.

The magic of these specific SDWAN products like Speedify is they’re essentially a VPN client that can (or claim to) multiplex over your multiple Internet connections, terminating at their servers. So in theory they can boost bandwidth, though I’d question how well it works in reality. Then when a link goes down, your clients continue on like nothing happened, because all their Internet connections are tunneled + NAT’d through their VPN servers.

You could get a similar result by combining the gateway failover + a Wireguard tunnel to your own Digital Ocean or Linode VPS, where you can then control things like your IP ranges, port forwarding, etc etc.

I haven’t set this up exactly, although I have setup the Wireguard VPN side of it so that all the devices on a specific VLAN would appear in another location so I could stream a blacked out baseball game :). I think you could use WAN load balancing + a Wireguard tunnel if you wanted to achieve a similar multiplexing setup that Speedify would provide, but I haven’t played with that since I only have a single ISP.

I personally use a Qotom PC. Not sure if it fits your exact requirements since you can’t get a PCI card into it, but it does have 4x1Gb ports. Works really well with opnsense.

You can prevent this by adding a credit card to your account. It “upgrades” your status, and then as long as you stay in the free tier allocations you won’t be charged.

I currently use a custom filter/rewrite in AdGuard Home (similar to pihole).

An alternative to running a central dns server is to use mDNS. You can install a daemon on each server that you want to access via hostname, and then clients know that ServerName.local domains should be resolved using mdns. They send out a dns query to a local multicast IP, the daemon on the servers receives the query and the appropriate one responds. By design it’s local only.

I read somewhere that Lemmy.ml has basically maxed out its VPS with its provider, so they’re stuck for the time being, whereas Lemmy.world actually just upgraded its server hardware. Hoping they’ll migrate to a beefier server soon.