The Family Network

From: Evan Verworn

So I have this backup problem. I have a wonderful RAIDed NAS with more than enough storage and it's all sitting in my home. If I were to have a fire, or a theft no amount of RAID will save that data. My parents, cousins, aunts and uncles (for the most part) also have this problem. Most have a single large spinning hard drive that they call their "backup drive" and they move their photos to that backup drive to "back them up". Then promptly delete the original off of their computer to save space... The goal is to help everyone here, everyone gets offsite backup, everyone gets a real tested backup procedure.

There are some odd features that I want though

  1. Accessible without port forwarding or modifying their network.
  2. Can be setup without installing software on the client machines.

The first point is there because I don't know what each of my families use for their router, and while I'm sure all of them have port forwarding, I don't really want to be the one managing that. And additionally, I wanted this to work on phones, which have very complicated firewalling when on cellular data. Also I just don't want to be responsible for their computers directly accessible via the internet. Call me paranoid.

There is a lot of things your computer can do already. It has a browser, most likely a comprehensive router and firewall and a VPN client that works 90% of the time. Speaking of...

The Plan

Setup a VPN server and create a separate subnet where everyone on it can see each other, without routing all internet traffic. I'm not trying to anonimize your online browsing. I just want you to be able to type


and see my shared folders. Without exposing my SMB ports out to the entire world.

Why Should I Join?

As a family member why should you join my little network? What does it enable you to do? Everything you could do on a LAN, which means

But.. Privacy

So let's talk about the elephant in the room.

But if I can remote into my machine from anywhere, doesn't that mean you can remote into my machine from anywhere?

No, because you have a password on your computer. You do have a password on your computer, right?

In all seriousness, Windows for the most part actually has a very robust firewall (remote desktop and file shares are only available to your local subnet, not the VPN subnet by default). Only services you purposefully expose will be accessible. And the modern defaults that other operating systems set means that nothing unexpected should be available out of the box to your other family members. Because that's the other thing, this is your family. These aren't rando strangers on the net, or big faceless corporations. This is Aunt Sally from 5 streets down, or Cousin Vinny the movie buff living 30 minutes out. If someone does something you don't like, call them.

This also doesn't mean that by connecting your computer I get access to everything on your network either. Only devices that directly join the VPN are visible, which means I can't cast to your Roku stick from my house.

But I really do think this will enable a better closer knit community that doesn't need to rely on 3rd party solutions and can self host shared resources for everyone in their "family".