lost/rskio
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update and clean docs

Browse Source
This commit is contained in:
rskntroot
2025-06-17 21:45:36 +00:00
parent 103851089b
commit 02aa1cda9b
9 changed files with 119 additions and 595 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
mkdocs/docs/about.md
View File

@@ -24,11 +24,11 @@ University Java courses were a breeze.
"Real life" had started for me; I didn't have $100 to my name, let alone a bed.
I pleaded with both friends and extended family to host me while I figured things out.
Within a few months, I managed to secure a job as a C++ programmer for a company that provided custom software solutions aimed at healthcarewild!
Within a few months, I managed to secure a job as a C++ programmer for a company that provided custom software solutions for healthcare--wild!
This time was short-lived, and out of desperation I decided to enlist.
As God would have it, I ended up in computer networking despite my best efforts at Navscoleod.
Looking back at that time, I marvel at how I operated.
A boy fixed on dreams of grandeur, yet consumed by the consequences of naivety.
A boy fixed on dreams of grandeur inevitably consumed by the consequences of naivety.
Imagine being a hobbyist and pseudo-classically trained programmer in the military.
Your only task: to maintain critical communications networks.
@@ -38,5 +38,5 @@ Imagine being a hobbyist and pseudo-classically trained programmer in the milita
After separating, I held several contracting positions, including a multi-year stint as a Security Operations Center Lead Engineer.
While tackling cybersecurity challenges in air-gapped environments, I grew weary of the pace of government work.
These days, Im a full-time network development engineer, designing and deploying network infrastructure for a Tier-1 cloud provider.
These days, Im a full-time network development engineer, designing and deploying network infrastructure for a tier-1 cloud provider.
In my spare time, I either work on personal projects or daydream of the financial freedom that would allow me to dedicate myself to those projects full-time.

0
mkdocs/docs/coding/oxpasta.md Normal file
View File

114
mkdocs/docs/coding/skyforge.md
View File

@@ -1,114 +0,0 @@
# skyforge
## Brief
skyforge was designed to assist in rendering thousands of device configurations across the globe
## Assumptions
- Partitions are groups of regions
- Regions are groups of zones
- Zones are groups of devices
- Layers are groups of common devices and facilitate template mapping
## Functionality
Skyforge takes a user provided regex pattern, performs a walk on a `./spec` dir,
and matches a list of devices specifications that do not have the word "common" in their path.
All group files are labeled with common and mappable from the file itself.
For each "device" matched, skyforge then maps to all consituent files:
- Layer - from the `common.yaml` file in parent dir and maps the region
- Zonal - from the first group of chars in filename up to a `-` which is expected to be region and zone
- Regional - from the `<region>/common/<network>.yaml` of containing folder where network matches the layer info
- Partitional - from either layer (common.yaml) or regional yaml
Once all files are found, a compiled specifcation is built.
This spec is then passed to Tera as context.
Tera then loads the template files for that layer and renders the configuration files.
## Usage
from the `skyforge/demo` directory
### Help
``` bash
Skyforge Config Generation Engine
Usage: skyforge [OPTIONS] --devices <devices>
Options:
-d, --devices <devices> A regular expression pattern
--debug Print debug information
-v, --verbose Print verbose information
-h, --help Print help
-V, --version Print version
Environment:
SF_SPEC_PATH Path to the directory containing templates. Defaults to "./spec".
SF_TMPL_PATH Path to the directory containing specifications. Defaults to "./tmpl".
SF_OUT_PATH Path to the directory for command output. Defaults to "./out".
SF_LOG_PATH Path to the directory for log output. Defaults to "./log".
```
### Standard
``` bash
$ skyforge -d xyz1-ex-edge-r101
Skyforge found 8 renderable devices in /home/lost/workspace/skyforge/demo
Matched 1 devices against 'xyz1-ex-edge-r101'
Rendering xyz1-ex-edge-r101
Writing Output
| out/xyz1-ex-edge-r101/all.conf
```
### Verbose
``` bash
$ skyforge -d xyz1-ex-edge-r101 -v
Skyforge found 8 renderable devices in /home/lost/workspace/skyforge/demo
Matched 1 devices against 'xyz1-ex-edge-r101'
| ./spec/xyz/ex-edge-r1/xyz1-ex-edge-r101.yaml
Rendering xyz1-ex-edge-r101
| ./tmpl/ex-edge-r/system.tmpl
| ./tmpl/ex-edge-r/chassis.tmpl
| ./tmpl/ex-edge-r/interfaces.tmpl
| ./tmpl/ex-edge-r/protocols.tmpl
Writing Output
| out/xyz1-ex-edge-r101/system.tmpl
| out/xyz1-ex-edge-r101/chassis.tmpl
| out/xyz1-ex-edge-r101/interfaces.tmpl
| out/xyz1-ex-edge-r101/protocols.tmpl
| out/xyz1-ex-edge-r101/compiled.spec
| out/xyz1-ex-edge-r101/all.conf
```
### Debug
``` bash
$ skyforge -d xyz1-ex-edge-r101 --debug
devices: xyz1-ex-edge-r101, loglevel: Debug, env: spec_path: ./spec, tmpl_path: ./tmpl, out_path: ./out, log_path: ./log
Skyforge found 8 renderable devices in /home/lost/workspace/skyforge/demo
Matched 1 devices against 'xyz1-ex-edge-r101'
| ./spec/xyz/ex-edge-r1/xyz1-ex-edge-r101.yaml
Compiled Spec for 'xyz1-ex-edge-r101.yaml'
| ./spec/common/us.yaml
| ./spec/xyz/common/ex.yaml
| ./spec/xyz/ex-edge-r1/common.yaml
| ./spec/xyz/ex-edge-r1/xyz1.common.yaml
| ./spec/xyz/ex-edge-r1/xyz1-ex-edge-r101.yaml
Rendering xyz1-ex-edge-r101
| ./tmpl/ex-edge-r/system.tmpl
| ./tmpl/ex-edge-r/chassis.tmpl
| ./tmpl/ex-edge-r/interfaces.tmpl
| ./tmpl/ex-edge-r/protocols.tmpl
Writing Output
| out/xyz1-ex-edge-r101/system.tmpl
| out/xyz1-ex-edge-r101/chassis.tmpl
| out/xyz1-ex-edge-r101/interfaces.tmpl
| out/xyz1-ex-edge-r101/protocols.tmpl
| out/xyz1-ex-edge-r101/compiled.spec
| out/xyz1-ex-edge-r101/all.conf
```

154
mkdocs/docs/coding/test.md
View File

@@ -1,154 +0,0 @@
# IPADDR
## Brief
A naive attempt at optimizing an ipv4 address with only std::env
Note, using `strace` to judge efficacy not a valid approach.
I ended up trying a couple different tests, but need to work on better methodology.
## Assumptions
=== "Cargo.tml"
``` toml
[profile.release]
strip = "symbols"
debug = 0
opt-level = "z"
lto = true
codegen-units = 1
panic = "abort"
```
## Code
### Unoptimized
- Stores args as an immutable (imut) string vector
- Stores `ip_addr` as imut string then shadows as imut string slice vector
- Uses len() calls for no real reason
=== "main.rs"
``` rust
use std::env;
fn main() {
let args: Vec<String> = env::args().collect();
if args.len() > 1 {
let ip_addr: String = args[1].to_string();
let ip_addr: Vec<&str> = ip_addr.split('.').collect();
if ip_addr.len() == 4 {
for octect in ip_addr {
octect.parse::<u8>().expect(&format!("invalid ip"));
}
} else {
panic!("invalid ip")
}
}
}
```
=== "strace"
``` zsh
~/workspace/ipcheck> sha256sum src/main.rs
4cb6865ea743c3a2cee6e05966e117b8db51f32cb55de6baad205196bbc4195d src/main.rs
~/workspace/ipcheck> cargo build --release
Compiling ipcheck v0.1.0 (/home/lost/workspace/ipcheck)
Finished `release` profile [optimized] target(s) in 2.93s
~/workspace/ipcheck> strace -c ./target/release/ipcheck 1.1.1.1
% time seconds usecs/call calls errors syscall
------ ----------- ----------- --------- --------- ------------------
37.07 0.000470 470 1 execve
14.43 0.000183 14 13 mmap
8.52 0.000108 21 5 read
7.10 0.000090 15 6 mprotect
6.78 0.000086 21 4 openat
3.63 0.000046 23 2 munmap
3.08 0.000039 9 4 newfstatat
2.76 0.000035 11 3 brk
2.60 0.000033 6 5 rt_sigaction
2.52 0.000032 8 4 close
2.37 0.000030 7 4 pread64
1.50 0.000019 6 3 sigaltstack
1.34 0.000017 17 1 1 access
1.34 0.000017 8 2 prlimit64
1.10 0.000014 7 2 1 arch_prctl
1.03 0.000013 13 1 poll
0.71 0.000009 9 1 sched_getaffinity
0.63 0.000008 8 1 getrandom
0.55 0.000007 7 1 set_tid_address
0.47 0.000006 6 1 set_robust_list
0.47 0.000006 6 1 rseq
------ ----------- ----------- --------- --------- ------------------
100.00 0.001268 19 65 2 total
```
### Optimized
- Needs some cleanup
- Needs break for args after index 1
=== "main.rs"
``` rust
use std::env;
fn main() {
for (index, arg) in env::args().enumerate(){
if index == 1 {
for (i, octect) in arg.split('.').collect::<Vec<&str>>().iter().enumerate() {
if i > 3 {
panic!("invalid")
} else {
let _ = &octect.parse::<u8>().expect("invalid");
}
}
}
}
}
```
=== "strace"
``` zsh
~/workspace/ipcheck> sha256sum src/main.rs
838b3f0c99448e8bbe88001de4d12f5062d293a2a1fd236deacfabdb30a7e2e4 src/main.rs
~/workspace/ipcheck> cargo build --release
Compiling ipcheck v0.1.0 (/home/lost/workspace/ipcheck)
Finished `release` profile [optimized] target(s) in 2.89s
~/workspace/ipcheck> strace -c ./target/release/ipcheck 1.1.1.1 06/22/2024 07:57:31 PM
% time seconds usecs/call calls errors syscall
------ ----------- ----------- --------- --------- ------------------
23.07 0.000161 12 13 mmap
15.33 0.000107 21 5 read
13.04 0.000091 15 6 mprotect
10.17 0.000071 17 4 openat
6.73 0.000047 23 2 munmap
4.87 0.000034 6 5 rt_sigaction
4.01 0.000028 7 4 pread64
4.01 0.000028 7 4 newfstatat
3.72 0.000026 6 4 close
2.87 0.000020 6 3 sigaltstack
2.15 0.000015 5 3 brk
2.01 0.000014 14 1 poll
1.86 0.000013 6 2 prlimit64
1.29 0.000009 9 1 sched_getaffinity
1.15 0.000008 8 1 getrandom
1.00 0.000007 3 2 1 arch_prctl
1.00 0.000007 7 1 set_tid_address
0.86 0.000006 6 1 set_robust_list
0.86 0.000006 6 1 rseq
0.00 0.000000 0 1 1 access
0.00 0.000000 0 1 execve
------ ----------- ----------- --------- --------- ------------------
100.00 0.000698 10 65 2 total
```

2
mkdocs/docs/index.md
View File

@@ -6,7 +6,7 @@ This site is meant to catalog my efforts.
Over the years, I've "spun my wheels" to learn, get things working, or explore interesting ideas--only for them to be lost to time.
You might see this site as a collection of my notes or at times my memoirs, words shaped only by my inspiration in the moment.
However, I intend for it to be much more.
This site exists for me along with the hope that something I've done might help you.
This site exists for me in hope that something I've done might help you.
## What does Rskio Mean?

20
mkdocs/docs/notes/cat8.md Normal file
View File

@@ -0,0 +1,20 @@
# CAT8
Never heard of her, but she is real.
## Really...
Telco Data [article](https://www.telco-data.com/blog/cat-cables/):
"Category 8 is the official successor to Cat6A cabling.
It is officially recognized by the IEEE and EIA and parts and pieces are standardized across manufacturers.
The primary benefit of Cat8 cabling is faster throughput over short distances: 40 Gbps up to 78 and 25 Gbps up to 100.
From 100 to 328, Cat8 provides the same 10Gbps throughput as Cat6A cabling."
ANSI/TIA [TIA Press Release](https://standards.tiaonline.org/tia-issues-new-balanced-twisted-pair-telecommunications-cabling-and-components-standard-addendum-1):
"TIA-568-C.2-1 - This addendum specifies minimum requirements for shielded category 8 balanced twisted-pair telecommunications
cabling (e.g. channels and permanent links) and components (e.g. cable,connectors, connecting hardware, and equipment cords)
that are used up to and including the equipment outlet/connector in data centers, equipment rooms, and other spaces that need
high speed applications. This addendum also specifies field test procedures and applicable laboratory reference measurement
procedures for all transmission parameters."

391
mkdocs/docs/projects/k3s_traefik_setup.md
View File

@@ -23,10 +23,12 @@ Server Version: v1.29.5+k3s1
## Traefik Dashboards
K3S comes packaged with `Traefik Dashboard` and `Prometheus Metrics` which are disabled by default.
K3S comes packaged with `Traefik Dashboard` enabled by default, but not exposed.
### Preparation
#### DNS
=== "DNS"
Set DNS record `traefik.your.domain.com` in a non-public DNS
@@ -41,344 +43,131 @@ K3S comes packaged with `Traefik Dashboard` and `Prometheus Metrics` which are d
```
!!! warning "This example does not include authentication. Exposing these dashboards is a security risk."
!!! warning "This example does not include authentication. Exposing these dashboards is a security risk. Recommend enabling mTLS."
### Update Manifest
#### Middlewares
On host with `kubectl` access.
Add the following to `spec.valuesContent` in:
create `middlewares.yaml`
``` bash
vim /var/lib/rancher/k3s/server/manifests/traefik.yaml
=== Basic
``` yaml
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: redirect-https
namespace: default
spec:
redirectScheme:
scheme: https
permanent: true
port: "443"
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: redirect-dashboard
namespace: default
spec:
redirectRegex:
regex: "^https?://([^/]+)/?$"
replacement: "https://${1}/dashboard/"
permanent: true
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: ratelimit
namespace: default
spec:
rateLimit:
average: 100
burst: 50
---
apiVersion: traefik.io/v1alpha1
kind: Middleware
metadata:
name: compress
namespace: default
spec:
compress: {}
```
=== "Yaml"
``` yaml
dashboard:
enabled: true
metrics:
prometheus: true
```
=== "Example"
``` yaml
spec:
chart: https://%{KUBERNETES_API}%/static/charts/traefik-25.0.3+up25.0.0.tgz
set:
global.systemDefaultRegistry: ""
valuesContent: |-
deployment:
podAnnotations:
prometheus.io/port: "8082"
prometheus.io/scrape: "true"
dashboard:
enabled: true
metrics:
prometheus: true
```
### Restart Ingress Controller
=== "Bash"
``` bash
kubectl -n kube-system scale deployment traefik --replicas=0
# wait a few seconds
kubectl -n kube-system get deployment traefik
kubectl -n kube-system scale deployment traefik --replicas=1
```
=== "Example"
``` bash
$ kubectls scale deployment traefik --replicas=0
deployment.apps/traefik scaled
$ kubectls get deployment traefik
NAME READY UP-TO-DATE AVAILABLE AGE
traefik 0/0 0 0 3d1h
$ kubectls scale deployment traefik --replicas=1
deployment.apps/traefik scaled
```
### Create Resource Definition YAML
Save the following to `traefik-dashboard.yml` in your workspace.
=== "Traefik Dashboard"
``` yaml title="traefik-dashboard.yml"
apiVersion: v1
kind: Service
metadata:
name: traefik-dashboard
namespace: kube-system
labels:
app.kubernetes.io/instance: traefik
app.kubernetes.io/name: traefik-dashboard
spec:
type: ClusterIP
ports:
- name: traefik
port: 9000
targetPort: 9000
protocol: TCP
selector:
app.kubernetes.io/instance: traefik-kube-system
app.kubernetes.io/name: traefik
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: traefik-ingress
namespace: kube-system
annotations:
spec.ingressClassName: traefik
spec:
rules:
- host: traefik.${DOMAIN}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: traefik-dashboard
port:
number: 9000
```
=== "Promethus Only"
``` yaml title="traefik-dashboard.yml"
apiVersion: v1
kind: Service
metadata:
name: traefik-metrics
namespace: kube-system
labels:
app.kubernetes.io/instance: traefik
app.kubernetes.io/name: traefik-metrics
spec:
type: ClusterIP
ports:
- name: traefik
port: 9100
targetPort: 9100
protocol: TCP
selector:
app.kubernetes.io/instance: traefik-kube-system
app.kubernetes.io/name: traefik
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: traefik-ingress
namespace: kube-system
annotations:
spec.ingressClassName: traefik
spec:
rules:
- host: traefik.${DOMAIN}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: traefik-dashboard
port:
number: 9000
- path: /metrics
pathType: Prefix
backend:
service:
name: traefik-metrics
port:
number: 9100
```
=== "Both"
``` yaml title="traefik-dashboard.yml"
apiVersion: v1
kind: Service
metadata:
name: traefik-dashboard
namespace: kube-system
labels:
app.kubernetes.io/instance: traefik
app.kubernetes.io/name: traefik-dashboard
spec:
type: ClusterIP
ports:
- name: traefik
port: 9000
targetPort: 9000
protocol: TCP
selector:
app.kubernetes.io/instance: traefik-kube-system
app.kubernetes.io/name: traefik
---
apiVersion: v1
kind: Service
metadata:
name: traefik-metrics
namespace: kube-system
labels:
app.kubernetes.io/instance: traefik
app.kubernetes.io/name: traefik-metrics
spec:
type: ClusterIP
ports:
- name: traefik
port: 9100
targetPort: 9100
protocol: TCP
selector:
app.kubernetes.io/instance: traefik-kube-system
app.kubernetes.io/name: traefik
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: traefik-ingress
namespace: kube-system
annotations:
spec.ingressClassName: traefik
spec:
rules:
- host: traefik.${DOMAIN}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: traefik-dashboard
port:
number: 9000
- path: /metrics
pathType: Prefix
backend:
service:
name: traefik-metrics
port:
number: 9100
```
### Create Service & Ingress Resources
First, set the environment variable for to your domain.
``` bash
export DOMAIN=your.domain.com
kubectl apply -f middlewares.yml
```
=== "Bash"
### Setup IngressRoute
``` bash
envsubst < traefik-dashboard.yml | kubectl apply -f -
```
``` bash
export DOMAIN=your-domain.com
```
=== "Example"
create `ingress.yml` and update `"edge.rskio.com"` with your domain name
``` bash
$ envsubst < traefik-dashboards.yml | kubectl apply -f -
service/traefik-dashboard created
service/traefik-metrics created
ingress.networking.k8s.io/traefik-ingress created
$ kubectls get svc | grep traefik-
traefik-dashboard ClusterIP 10.43.157.54 <none> 9000/TCP 25s
traefik-metrics ClusterIP 10.43.189.128 <none> 9100/TCP 25s
```
``` yaml
apiVersion: traefik.io/v1alpha1
kind: IngressRoute
metadata:
name: traefik-dashboard
spec:
entryPoints:
- web
- websecure
routes:
- match: Host(`edge.rskio.com`) # Update with your domain name
kind: Rule
services:
- name: api@internal
kind: TraefikService
middlewares:
- name: redirect-https
- name: redirect-dashboard
- name: ratelimit
- name: compress
```
!!! note annotate "Why are passing the yaml file into `envsubst`? (1)"
``` bash
kubectl apply -f ingress.yml
```
1. `envsubst` - [gnu](https://www.gnu.org/software/gettext/manual/html_node/envsubst-Invocation.html) - enables code-reuse by providing environment variable substituion as demonstrated above.
## Access Dashboards
### Access Dashboards
You should now be able to access the Traefik Ingress Controller Dashboard and metrics remotely.
That's it. You should now be able to access the Traefik Ingress Controller Dashboard and metrics remotely.
Don't forget to include the appropriate uri paths:
From web browser go to the domain you specified in the ingress.
=== "Traefik Dashboard"
```
https://traefik.your.domain.com/dashboard/
https://edge.your.domain.com
```
!!! tip "When navigating to the traefik dashboard the `/` at the end is necessary. `/dashboard` will not work. "
will follow `redirect-https` and get you to
=== "Promethus Metrics"
```
https://traefik.your.domain.com/metrics
```
```
https://edge.your.domain.com/dashboard/#/
```
### Disable Dashboards
=== "Bash"
``` bash
envsubst < traefik-dashboard.yml | kubectl delete -f -
kubectl delete -f ingress.yml
```
=== "Example"
``` bash
$ envsubst < traefik-dashboards.yml | kubectl delete -f -
service "traefik-dashboard" deleted
service "traefik-metrics" deleted
ingress.networking.k8s.io "traefik-ingress" deleted
$ kubectl delete -f traefik/ingress.yml
ingressroute.traefik.io "traefik-ingress" deleted
```
## Shortcuts
### alias kubectls
!!! tip "When using an `alias` to substitute `kubectl` command completion will not work."
=== "Bash"
``` bash
echo 'alias kubectls="kubectl -n kube-system"' >> ~/.bashrc
source ~/.bashrc
```
=== "Example"
``` bash
$ echo 'alias kubectls="kubectl -n kube-system"' >> ~/.bashrc
$ source ~/.bashrc
$ kubectls get deployments
NAME READY UP-TO-DATE AVAILABLE AGE
coredns 1/1 1 1 3d2h
local-path-provisioner 1/1 1 1 3d2h
metrics-server 1/1 1 1 3d2h
traefik 1/1 1 1 3d2h
```
#### Alternatives
- `skubectl` means you can hit `[up-arrow]` `[ctrl]+[a]` `[s]` `[enter]` when you inevitably forget to include `-n kube-system`
- `kubectls` just adds `[alt]+[right-arrow]` into the above before `[s]`
- `kubesctl` makes sense because all of these are really kube-system-ctl, but that adds 4x `[right-arrow]`, ewww.
## References
- [https://docs.k3s.io](https://docs.k3s.io)
- [https://k3s.rocks/traefik-dashboard/](https://k3s.rocks/traefik-dashboard/)
- [https://doc.traefik.io/traefik/v2.10/](https://doc.traefik.io/traefik/v2.10/)
- [https://doc.traefik.io/traefik/](https://doc.traefik.io/traefik/)

6
mkdocs/docs/projects/linux.md
View File

@@ -119,7 +119,7 @@ source ~/.bashrc
=== "Debian"
``` bash
url="https://github.com/fastfetch-cli/fastfetch/releases/download/2.37.0/fastfetch-linux-aarch64.deb"
url="https://github.com/fastfetch-cli/fastfetch/releases/download/2.45.0/fastfetch-linux-aarch64.deb"
```
``` bash
@@ -131,7 +131,7 @@ source ~/.bashrc
=== "Fedora"
``` bash
url="https://github.com/fastfetch-cli/fastfetch/releases/download/2.37.0/fastfetch-linux-amd64.rpm"
url="https://github.com/fastfetch-cli/fastfetch/releases/download/2.45.0/fastfetch-linux-amd64.rpm"
```
``` bash
@@ -143,7 +143,7 @@ source ~/.bashrc
``` bash
cat <<%% >> ~/.bashrc
# RSKIO
fastfetch
alias ff="fastfetch"
alias q="exit"
%%
source ~/.bashrc

21
mkdocs/docs/projects/sbc.md
View File

@@ -35,7 +35,7 @@ If you need more RAM, USB3.0, or AI Acceleration is mandatory, checkout LibreCom
## Projects
This website is hosted on 2 sweet potatos with an alta as the cluster controller.
I am running a K3s cluster with a couple of these as worker nodes.
## Notes
@@ -43,26 +43,9 @@ This website is hosted on 2 sweet potatos with an alta as the cluster controller
Using Power over Ethernet (PoE) to run your SoCs is just awesome! You only need 1 cable?! Be sure to get yourself some good cables and a solid PoE switch.
I have personnally been using these:
Examples:
- [CAT8 Ethernet cables](https://www.amazon.com/dp/B08PL1P53C/)
- Ive used countless Ethernet Cables and fashioning hundreds of my own; can confirm these are premium.
- [1G PoE+ 8-port Switch](https://www.amazon.com/dp/B08FCQ8BRC)
- Unmanaged switch that I can recommend. Works like a charm.
### CAT8 Real?
Telco Data [article](https://www.telco-data.com/blog/cat-cables/):
"Category 8 is the official successor to Cat6A cabling.
It is officially recognized by the IEEE and EIA and parts and pieces are standardized across manufacturers.
The primary benefit of Cat8 cabling is faster throughput over short distances: 40 Gbps up to 78 and 25 Gbps up to 100.
From 100 to 328, Cat8 provides the same 10Gbps throughput as Cat6A cabling."
ANSI/TIA [TIA Press Release](https://standards.tiaonline.org/tia-issues-new-balanced-twisted-pair-telecommunications-cabling-and-components-standard-addendum-1):
"TIA-568-C.2-1 - This addendum specifies minimum requirements for shielded category 8 balanced twisted-pair telecommunications
cabling (e.g. channels and permanent links) and components (e.g. cable,connectors, connecting hardware, and equipment cords)
that are used up to and including the equipment outlet/connector in data centers, equipment rooms, and other spaces that need
high speed applications. This addendum also specifies field test procedures and applicable laboratory reference measurement
procedures for all transmission parameters."