I have had people ask me what I do with my network at home. To that, I can only say that I use it as a playground for whatever strikes my fancy. My job is in engineering and lately it has been more focused on security engineering. I don't get a lot of hands on at work at my level. My home network is a way of letting off steam and learning some things in the process. So here is a simple intro to what I do with my network in case you were interested.
I mostly use my home network for experimentation but I also have parts of the network which are specific to media streaming (TiVo, Plex) and outbound connection. My "homelab" is rather distributed throughout the house depending on its purpose. In my home network I have 7 managed switches (Netgear GS108Tv2 / GS116Ev2 / GS108Ev3) spread throughout my house, all connected with each other through a series of "trunk" lines. Each "trunk" line carries multple vlans in a 802.1q sense. Some of the vlans are "patch" vlans which give me the ability to patch an Ethernet connection from one location to another. I have the switches set to prevent crossover between vlans and isolate the management to a specific vlan that is normally not connected to anything. Ports that are not used are set to a "fake" vlan that goes nowhere out of the switch for security.
I play around a lot with media, Raspberry Pis, hacking, Weather station things, and just learning weird networking things. I have a couple of servers in the network running VMs (not located in the same part of the house) and at any moment I might want to access something across the network and might need a cable or two for some reason. I just change the ports to use one of several predefined "patch" vlans and connect up to the switches. It saves a lot of time trying to pull a new Ethernet cable, especially if it is going from the basement to the attic and on to the roof.
I have one vlan, full of Raspberry Pis and Arduinos, with several ongoing projects: e.g., one is a settup to use for Christmas light switching and another is a midi project in containers that use Raspberry Pis loaded with Docker. The other vlan is being used for some experiments with routing protocols, including Quagga and IPSec within IPSec tunnels for security.
I have a hacking vlan in my home network. There are a lot of VMs and things there that are VERY vulnerable to attack - on purpose, so I can personally learn how to break into them. This vlan is very isolated from the outside.
I'm also cheap! I'm using Ubuntu (free) to host VMs under KVM (free) on a <$250 AMD 8core FX with 16GB memory and 1TB drive with a stolen (from another project) cabinet and power supply. I have also been playing with Docker in the same setup. I've got a number of Linux VMs and also Windows 7 and Windows 10 VMs that started out as VMWare VMs. The Ubuntu box provides a number of pfSense VMs for routing between some vlans. This is in addition to a Mac Mini server and several Raspberry Pis setup in multiple clusters for experimentation.
Basically, all of this grew out of getting familiar with "networking stuff" and adds to my knowledge on the job as a Systems/Software/Security Engineer.
This is a blog mostly about techie things, what I am doing to my apartment network on the cheap, IOT, 3D Printing, Raspberry Pis, Arduinos, ESP32, ESP8266, Home Automation, Personal Weather Stations, Things That Go Bump in the Night, and some side issues that need discussing. Remember, sometimes the journey to an end is as much fun as the goal achieved!
Wednesday, April 25, 2018
Wednesday, April 18, 2018
Added some patch panels to the network over the weekend
Well, I broke down and finally added a couple of patch panels (PP) to the homelab over the weekend. I was getting tired of having to reconstruct connections whenever I wanted to move equipment from one room to the next. My homelab is distributed across the house and I like to think that I can move and update things at will. The problem was that I could not conveniently switch things around because of having to move existing Ethernet cables from one location to the next. What I needed was a set of Ethernet cables that didn't move but still allowed me to connect at will, hence the use of patch panels.
Right now I am concentrating on getting the minimal number of patch panels up along with keeping equipment and connections the same. This is little more than routing an Ethernet cable to a patch panel and then using a patch cable to go from the PP to the device. In the throes of putting the initial two PP together, I made the mistake of routing a piece of equipment to the patch panel as though it were part of the infrastructure. I now know to keep lines primarily from PP to PP within the network.
I started out with a 16 port and one 24 port PP that I placed in two locations. The first location was in the tool room where my main switch is located, that got a 16 port PP. The main switch is like the hub for most of the other managed switches. The second location was part of the computer room shelf where I am not concentrating most of my efforts. I originally drew up a diagram of what I wanted to do first followed by a diagram of where I wanted to go. I followed the first diagram pretty closely but ended up with a lot of differences due to the position of the ports and other equipment that was around it.
Right now I am concentrating on getting the minimal number of patch panels up along with keeping equipment and connections the same. This is little more than routing an Ethernet cable to a patch panel and then using a patch cable to go from the PP to the device. In the throes of putting the initial two PP together, I made the mistake of routing a piece of equipment to the patch panel as though it were part of the infrastructure. I now know to keep lines primarily from PP to PP within the network.
I started out with a 16 port and one 24 port PP that I placed in two locations. The first location was in the tool room where my main switch is located, that got a 16 port PP. The main switch is like the hub for most of the other managed switches. The second location was part of the computer room shelf where I am not concentrating most of my efforts. I originally drew up a diagram of what I wanted to do first followed by a diagram of where I wanted to go. I followed the first diagram pretty closely but ended up with a lot of differences due to the position of the ports and other equipment that was around it.
Subscribe to:
Posts (Atom)