What’s now confusing me is this (and feel free to correct my misunderstandings):
NDX2 can be connected either wirelessly or wired, not both.
Connecting wirelessly is what I have currently and works well.
If I connect the NDX2 to the RPi directly via a crossover cable or with a ‘normal’ cable into a switch then the NDX2 is effectively off my home network and can’t be controlled via the Naim app.
Since it’s not possible to switch to the server input via the ND front panel or the remote this is a problem.
To keep it on the network I need to cable the switch into an Ethernet-over-mains plug and the RPi and NDX2 into the switch.
This both introduces the need for another power supply (the switch) and a claimed source of electrical noise (the power line plug and possibly the switch too).
All of which, unless I’ve got something wrong, is missing both my original requirements of low power usage whilst maintaining or (hopefully) improving SQ.
I think perhaps you have misunderstood how networks work. It’s normal to have a mixture of wired and wireless devices connected to your home network, and they will all communicate with each other. They don’t connect directly to each other: they are all connected via the network.
Forget crossover cables. Just make sure that every device is connected to your router, either directly or via a switch, or via WiFi.
I think the OP was trying to make an isolated network, but from personal experience, it can be a faff. You can set up a pi as a single box music server plus dhcp plus WiFi hotspot - no router needed - but it’s fiddly, messing with config files etc.
It can be done, however ……
The simplest solution here is to put the pi back in its box, and use the ndx2 built in server, and keep it on the main network.
Unfortunately I do understand how networks work, it was the assertions by some other respondents that they had achieved what I was trying to do, when I was pretty sure it was impossible that I was finding confusing.
Seems the old “cake and eating it” adage is true sadly
Exactly right, and exactly what I’ve ended up doing (in going to repurpose the Pi for another project).
As ChrisSU rightly said, the wireless on the NDX2 is pretty good and having linked up the Pi directly (after a fashion) I couldn’t hear any improvement in SQ so the faff-to-benefit ratio was way too high
You could setup your RPI to issue a DHCP address to your NDX2, and then via routing/bridging allow NDX2 out to LAN/internet via the RPI. This leaves it discoverable to apps.
We had this setup, it worked great at isolating our SuperUniti and providing a larger network buffer (a problem on gen1 devices).
Have gone back to RPI providing Tidal Connect Max for SU now.
Or better still for large collections simply use the Pi to run a UPnP server on your home network, and mount your NAS over the network to the Pi… simples and works really well with your UPnP capable streamers. It’s what I have done for years… never drops a beat.
As always keep things simple and avoid trying to swim against the tide. I never quite saw the fascination of over complicating things… network protocols are evolved diverse things, to allow users to keep things as simple as possible.
Funny that you should say that ‘cos that’s exactly what I spent Thursday doing! Works a treat, especially as I can use an old RPi 1B which I had going spare. Loaded up with the DietPi distro it hardly breaks a sweat and, as you say, is filtering out a surprising (and slightly worrying) about of junk.
The 4B that I was going to use as a music server is now looking for a project…
Not sure what you are filtering, DNS does not filter anything… I relies on being synchronised with its parent DNS server, and if a resolution can’t be made, the DNS goes up the stack to the root server.
Sure you can create your own network not connected to anything else such as the internet, and create your own root domain and name server, so you will have a stand alone isolated network… or if you connect and synchronise with the internet, then you could create your domain such as .myhome And domain names that end in .myhome or better a sub domain on a domain name you own, you can resolve locally with your own name server… and your name server refers everything else to a parent name server… but it doesn’t filter… other than the public can’t resolve from your internal DNS, so you can hide your topology.
A firewall is used to access control addressed content. Sure you can self poison your own DNS, but that can also be used as a security/malware attack , so be careful if you fiddle with DNS in a way that doesn’t align with the DNS rfc… as you might find unintended consequences with the security software on your mac or PC.
If you want to filter out unwanted outbound connections, you need to use a proxy firewall, sometimes called an application gateway.
Pi-hole basically filters ads (as well as acts as a DNS cache).
It looks up a requested address against a database of known ad servers and if the requested address is on the black list then an invalid ip address is returned and the ad doesn’t get shown.
For example, one of the apps that I use on my iPad was updated recently to start showing ads every so often, certainly frequently enough to be irritating. Since I’ve installed Pi-hole it has reverted to its previous behaviour and at the point where the ad would have been shown the app simply moves on without pausing.
Ok so it is an ad blocker? These days ad blockers need to be increasingly advanced as simple blocking can be detected and associated content blocked. It’s a constant game of cat and mouse.
So it sounds like some sort of proxy firewall. Is it in line or out of line. Out of line it can be side stepped. Inline it’s more assured, but becomes a bottle neck.
All DNS will cache if compliant to the rfc, the cache duration is based on the TTL of the DNS record.
Without caching the internet name resolution would grind to a halt.
Simon, Pi-hole is an ad blocker that is implemented as a DNS sinkhole. It hands out non-routable addresses for known ad-serving sites which are maintained in regularly updated block lists. As a DNS sinkhole, it provides centralised ad blocking for all devices on your network.
Originally designed as “a black hole for ads” running on a Pi, it now runs on a variety of Debian-based OSes or in a container.
Once installed you configure your DHCP server to use the Pi-hole IP as your network’s DNS server. For addresses not blocked by the Pi-hole, name resolution is handled by forwarding the request to configurable upstream servers such as 1.1.1.1 or Quad9, or you can run a local recursive DNS server such as unbound for more control and privacy.
Some clients (such as Amazon Fire sticks) will attempt to use their own name server rather than honouring the Pi-hole IP handed out by your DHCP server, but you can configure your firewall to catch outbound access on port 53 and re-route it to the Pi-hole. I have done this on my Ubiquiti UDM Pro.
If you have a spare Pi (of any vintage – the performance requirement is minimal) running a Pi-Hole on your network is a great addition to your arsenal of ad and malware blocking tools. I run one together with client-side ad blockers such as Ublock Origin and I rarely see ads on any of my devices.
I’ve been running a pi4 with a Kodi server for a couple years now, I got it hooked up over USB 3 to a separate RAID Array. Works a treat for DSD audio and 6k video. Not tried Pi Hole yet but I have been experimenting with using a PI as a streamer just for fun.
Unifi has ad block available at the router level. I did find a distinct degradation in the performance of my network with a pihole in place and it wasn’t actually a pi it was part of a pretty powerful router.