AI clearly wrote the blog post too - it's a neat project but the "ai style of writing" really doesn't work well for a long form article. It's like a collection of listicles.
I think it'd be a better presentation to use more prose and fewer bullet points - I'm more interested in the human experience than the machine experience here!
It's a lot of words that basically say nothing. There's no substance there - eg. no info on how the setup works (how, if at all, do they integrate MPTCP?). Just endless bullet points repeating themselves.
To save money, I would have just switched to ATT fiber like you did, drop Xfinity completely, and try that for awhile. It's worked for me for years, and my only downtime has been a few times during winter storms when the power goes out completely.
It would be cool if the output that that the LLM made (commands it ran to harden, the iptables, MPTCP config, etc.) was included in the post.
It seems incredulous that this didn’t take dozens of back and forth prompts and fixes. It was able to one-shot deploying a digital ocean droplet and configure wireguard?
Harsh, but a good point on egress cost that I overlooked, I'm adding a section on this - if you use Oracle cloud it looks like you get 10TB included at no additional cost where DO would be around $84 at the same bandwidth levels
Looks like this proposed a solution that costs about the same as the mentioned Speedify (more expensive at the moment because of blackfriday deals) but lacks all the features and is more likely to break.
Bonding two ISPs was previously too complex for most home use until agentic AI. Claude can automate the entire WireGuard/OpenWRT/VPN setup, testing, and security hardening via SSH as an afternoon project. Total cost: $305 over 3 years vs $1,241 for commercial solutions. Downgrade your current ISP and add a second cheap one to get faster more reliable internet at home.
yeaaaaaah ..
something the llm didn't explain is how asymmetric bandwidth or latency between the connections will degrade performance... or how many services like streaming, banking, gaming will restrict, block, or otherwise treat the connection differently because the traffic now exits via a datacenter or VPN IP/ASN..
> or how many services like streaming, banking, gaming will restrict, block, or otherwise treat the connection differently because the traffic now exits via a datacenter or VPN IP/ASN.
I did run into this and claude implemented a work-around (see step 8) to route some traffic through the normal exit IP for those special use cases. So far I've only run into this problem with 3 services (Ring, Blink, and Paychex). Surprisingly none of the streaming services seem to care (Netflix, Amazon, Apple TV).
That's a very good point. I included a "Cost Comparison by Bandwidth Usage" section that shows the cost for Digital Ocean compared to a commercial bonded solution. At 10TB the monthly DO cost goes up to $84/month which is significant, but if you compare that with a commercial solution that gives you a bonded connection (Speedify) they would charge $120/m for 10TB.
If you used Oracle cloud, I think 10TB is still in their free tier so you'd be looking at ~$15/month.
I've experimented with using LLM to setup and/or maintain some servers for me for various different use cases (this being one). What I like is an agentic LLM can either document it's initial build process or "explore" your server to better understand how it works, what configuration files are used, software versions installed, etc. When you have that documentation/context provided to a frontier LLM it can take care of most maintenance work you'd like do by hand for "simple" servers. A good prompt to get an llm to explore an existing server to make sure it fully understands it is to ask it to make a working backup.
Maybe I didn't make it clear from the post, the llm (cursor+claude 4.5 sonet) was actually driving the whole process from provisioning a server, installing wireguard, setting up certificates, configuring network, installing packages, and updating security - with some testing at each step. I never ran any commands manually, I just told it what to do.
I believe your comment pattern matches to the classic comment 9224, was the point I was making. Yes, this might be easy for you.
> an llm managed to generate some iptables rules and sysctl settings that have been well documented for years..
> you can already build such a system yourself quite trivially by getting an FTP account, mounting it locally with curlftpfs, and then using SVN or CVS on the mounted filesystem.
But the whole point of the blog post is that a person who didn't know how to do it did the thing. If the thing is the goal, they succeeded. They now have a thing they didn't have before, after not knowing how to do that thing. A new capability was unlocked by the LLM.
AI clearly wrote the blog post too - it's a neat project but the "ai style of writing" really doesn't work well for a long form article. It's like a collection of listicles.
I think it'd be a better presentation to use more prose and fewer bullet points - I'm more interested in the human experience than the machine experience here!
It's a lot of words that basically say nothing. There's no substance there - eg. no info on how the setup works (how, if at all, do they integrate MPTCP?). Just endless bullet points repeating themselves.
Absolutely. The reason I clicked in the first place was to see if there was an elegant MPTCP implementation.
To save money, I would have just switched to ATT fiber like you did, drop Xfinity completely, and try that for awhile. It's worked for me for years, and my only downtime has been a few times during winter storms when the power goes out completely.
nice. I wish fiber was available for me. I only had access to AT&T's copper service (DSL) but they do 2-pair bonding so speed is not far from Xfinity.
Your AI slop said you have fiber, so maybe you should try to actually read it instead of having us catch your lies.
> 1. Downgraded Xfinity from $90/mo to a basic $50/mo plan (still usable speeds, just lower tier)
> 2. Added AT&T Fiber as a second line at $55/mo (different infrastructure = different failure modes)
> 3. Bonded both connections using WireGuard VPN and OpenWRT routing
It would be cool if the output that that the LLM made (commands it ran to harden, the iptables, MPTCP config, etc.) was included in the post.
It seems incredulous that this didn’t take dozens of back and forth prompts and fixes. It was able to one-shot deploying a digital ocean droplet and configure wireguard?
You completely neglected the egress cost for DO, and also the time / maintenance needed, which makes this a poorly engineered fantasy
Harsh, but a good point on egress cost that I overlooked, I'm adding a section on this - if you use Oracle cloud it looks like you get 10TB included at no additional cost where DO would be around $84 at the same bandwidth levels
My first concern would be using a digital ocean droplet as a VPN. Last time I tried that, datacenter IP ranges often made things slower or unusable.
I also went with an Xfinity cable and Frontier fibre combo in about 2018 I think.
I just bought a Synology RT2600 router at the time and plugged each provider in then set it to load balanced.
Reliability and speeds were great. Possibly not as optimised as this perf wise but a lot easier to setup.
Looks like this proposed a solution that costs about the same as the mentioned Speedify (more expensive at the moment because of blackfriday deals) but lacks all the features and is more likely to break.
Bonding two ISPs was previously too complex for most home use until agentic AI. Claude can automate the entire WireGuard/OpenWRT/VPN setup, testing, and security hardening via SSH as an afternoon project. Total cost: $305 over 3 years vs $1,241 for commercial solutions. Downgrade your current ISP and add a second cheap one to get faster more reliable internet at home.
yeaaaaaah .. something the llm didn't explain is how asymmetric bandwidth or latency between the connections will degrade performance... or how many services like streaming, banking, gaming will restrict, block, or otherwise treat the connection differently because the traffic now exits via a datacenter or VPN IP/ASN..
> or how many services like streaming, banking, gaming will restrict, block, or otherwise treat the connection differently because the traffic now exits via a datacenter or VPN IP/ASN.
I did run into this and claude implemented a work-around (see step 8) to route some traffic through the normal exit IP for those special use cases. So far I've only run into this problem with 3 services (Ring, Blink, and Paychex). Surprisingly none of the streaming services seem to care (Netflix, Amazon, Apple TV).
Also the DigitalOcean deoplet includes 500GB per month, which for me is absolutely limited. Last month I consumed about 10TB.
That's a very good point. I included a "Cost Comparison by Bandwidth Usage" section that shows the cost for Digital Ocean compared to a commercial bonded solution. At 10TB the monthly DO cost goes up to $84/month which is significant, but if you compare that with a commercial solution that gives you a bonded connection (Speedify) they would charge $120/m for 10TB.
If you used Oracle cloud, I think 10TB is still in their free tier so you'd be looking at ~$15/month.
oh boy, how amazing... an llm managed to generate some iptables rules and sysctl settings that have been well documented for years..
If you are starting from relative ignorance about the topic, then yes, it is amazing.
But it does mean that the user can build a solution that they don’t understand well enough to maintain.
I've experimented with using LLM to setup and/or maintain some servers for me for various different use cases (this being one). What I like is an agentic LLM can either document it's initial build process or "explore" your server to better understand how it works, what configuration files are used, software versions installed, etc. When you have that documentation/context provided to a frontier LLM it can take care of most maintenance work you'd like do by hand for "simple" servers. A good prompt to get an llm to explore an existing server to make sure it fully understands it is to ask it to make a working backup.
indeed.
And a really dreary blog describing something simple at great length :/
Maybe I didn't make it clear from the post, the llm (cursor+claude 4.5 sonet) was actually driving the whole process from provisioning a server, installing wireguard, setting up certificates, configuring network, installing packages, and updating security - with some testing at each step. I never ran any commands manually, I just told it what to do.
And Dropbox is an afternoon project for any Linux user, right? Right?
If you believe the two are similar in complexity and effort, you have much to learn.
I believe your comment pattern matches to the classic comment 9224, was the point I was making. Yes, this might be easy for you.
> an llm managed to generate some iptables rules and sysctl settings that have been well documented for years..
> you can already build such a system yourself quite trivially by getting an FTP account, mounting it locally with curlftpfs, and then using SVN or CVS on the mounted filesystem.
But the whole point of the blog post is that a person who didn't know how to do it did the thing. If the thing is the goal, they succeeded. They now have a thing they didn't have before, after not knowing how to do that thing. A new capability was unlocked by the LLM.
Please generalize this.